Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/sngqbhrCp8GtaO7rKX-oqvCGIWk.roa
File: sngqbhrCp8GtaO7rKX-oqvCGIWk.roa (raw, json)
Hash identifier: PUJdYKQvp26KRVZx6IAFf0IttJq23qWTj0kza6vJf98=
Subject key identifier: B2:78:2A:6E:1A:C2:A7:C1:AD:68:EE:EB:29:7F:A8:AA:F0:86:21:69
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 018C2028E6F316E5E9E3E570F33552E39DD7
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/sngqbhrCp8GtaO7rKX-oqvCGIWk.roa
Signing time: Thu 30 Nov 2023 12:16:40 +0000
ROA not before: Thu 30 Nov 2023 12:16:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136744
IP address blocks: 195.96.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:28:e6:f3:16:e5:e9:e3:e5:70:f3:35:52:e3:9d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Nov 30 12:16:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2782a6e1ac2a7c1ad68eeeb297fa8aaf0862169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:91:2f:f5:94:45:e7:b3:8e:03:fa:66:5a:82:
fc:cc:0b:80:4c:d8:0d:c4:1e:94:34:b3:5f:4f:5e:
7e:71:e2:f3:b7:79:7e:c4:88:85:10:4d:7c:ca:b7:
41:cc:5e:c0:b6:c3:b5:09:f8:44:32:15:ed:b6:be:
c0:80:5c:54:a0:18:3f:ee:01:4e:dd:22:94:d4:db:
7e:1b:73:ba:c0:d7:53:e4:ef:67:81:95:53:10:af:
10:a8:e6:c5:9c:32:cd:44:c6:39:f9:1c:45:83:04:
8b:e4:54:51:60:22:ff:b4:34:6f:83:5b:14:40:ed:
52:26:8f:06:2f:19:ab:b8:c7:fc:13:2e:13:9c:35:
fc:b0:ce:e9:c2:f1:47:18:3c:03:a8:fe:ed:09:b2:
b0:54:7e:69:8c:40:bc:c4:5c:35:2d:38:73:4f:0a:
95:32:b6:e1:6a:6c:1c:41:57:59:a7:0d:46:35:90:
61:05:1a:5c:ad:06:57:51:ac:bb:b3:67:f1:35:2a:
2c:aa:95:0e:45:86:e2:85:7f:ee:55:30:59:c9:e4:
97:9f:da:9b:f2:e4:66:5b:d2:4d:68:b2:79:97:33:
a6:82:07:35:10:d4:56:ef:ad:de:d8:28:1f:4a:8d:
55:fa:b5:63:93:a5:e9:42:b5:0e:36:ba:e4:cc:07:
ce:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:78:2A:6E:1A:C2:A7:C1:AD:68:EE:EB:29:7F:A8:AA:F0:86:21:69
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/sngqbhrCp8GtaO7rKX-oqvCGIWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.132.0/24
Signature Algorithm: sha256WithRSAEncryption
31:ec:1c:03:49:c2:99:eb:9a:47:16:44:f8:3f:ce:42:1c:cd:
54:e2:6c:85:7d:f9:4e:9a:96:55:c7:98:1c:08:6b:20:5f:12:
35:0f:55:15:8b:7d:97:f0:28:47:1a:b6:d7:56:ae:eb:9d:79:
21:a1:d6:f2:e3:33:a3:6b:37:4e:2d:f7:c9:63:2e:30:06:cb:
44:7e:e6:53:28:06:21:8d:37:58:b4:64:59:1a:07:28:11:93:
a3:b0:77:94:de:b6:9e:e7:99:0b:d4:8e:10:e5:53:46:53:09:
3f:cb:d3:1a:8a:88:d6:93:67:72:06:6e:7e:c0:89:d5:35:e3:
c4:e9:e3:76:ab:d3:b2:64:82:81:ad:a3:f8:f7:eb:eb:03:d8:
41:bf:b7:41:2a:49:a5:c3:80:5d:a7:19:bc:9c:7b:f7:9c:cf:
99:c6:f1:ba:f8:cf:53:b2:91:81:8d:ee:29:f8:86:c0:58:96:
d9:7a:e0:3e:de:00:63:a6:ee:7a:1a:dc:1c:07:51:a7:6c:66:
65:29:43:81:70:78:7e:dd:ec:73:08:89:e6:23:a5:f2:0a:28:
08:9f:c2:50:9c:52:7c:92:83:62:e3:ea:81:19:e1:61:d0:9e:
88:2e:62:3a:6f:98:33:d6:b7:39:cc:a0:01:0c:7a:d0:06:3e:
05:2c:f1:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwgKObzFuXp4+Vw8zVS453XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjMxMTMwMTIxNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjc4MmE2ZTFhYzJhN2MxYWQ2OGVlZWIyOTdmYThhYWYwODYyMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpEv9ZRF57OOA/pmWoL8zAuATNgN
xB6UNLNfT15+ceLzt3l+xIiFEE18yrdBzF7AtsO1CfhEMhXttr7AgFxUoBg/7gFO
3SKU1Nt+G3O6wNdT5O9ngZVTEK8QqObFnDLNRMY5+RxFgwSL5FRRYCL/tDRvg1sU
QO1SJo8GLxmruMf8Ey4TnDX8sM7pwvFHGDwDqP7tCbKwVH5pjEC8xFw1LThzTwqV
MrbhamwcQVdZpw1GNZBhBRpcrQZXUay7s2fxNSosqpUORYbihX/uVTBZyeSXn9qb
8uRmW9JNaLJ5lzOmggc1ENRW763e2CgfSo1V+rVjk6XpQrUONrrkzAfOgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJ4Km4awqfBrWju6yl/qKrwhiFpMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvc25ncWJockNwOEd0YU83cktYLW9xdkNHSVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CEMA0G
CSqGSIb3DQEBCwUAA4IBAQAx7BwDScKZ65pHFkT4P85CHM1U4myFfflOmpZVx5gc
CGsgXxI1D1UVi32X8ChHGrbXVq7rnXkhodby4zOjazdOLffJYy4wBstEfuZTKAYh
jTdYtGRZGgcoEZOjsHeU3rae55kL1I4Q5VNGUwk/y9MaiojWk2dyBm5+wInVNePE
6eN2q9OyZIKBraP49+vrA9hBv7dBKkmlw4Bdpxm8nHv3nM+ZxvG6+M9TspGBje4p
+IbAWJbZeuA+3gBjpu56GtwcB1GnbGZlKUOBcHh+3exzCInmI6XyCigIn8JQnFJ8
koNi4+qBGeFh0J6ILmI6b5gz1rc5zKABDHrQBj4FLPE2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:04 2024 by rpki-client on console-ams.rpki-client.org