Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/R87Ia-Ev8u4BaFI9d5uy15hel3s.roa
File: R87Ia-Ev8u4BaFI9d5uy15hel3s.roa (raw, json)
Hash identifier: Ivp+OMWe/QJM0B2koscWwqcWGLWwwch3C/zpbjKr4Lg=
Subject key identifier: 47:CE:C8:6B:E1:2F:F2:EE:01:68:52:3D:77:9B:B2:D7:98:5E:97:7B
Certificate issuer: /CN=9017b0bd90827de08d24fef61bcc44862024bf7e
Certificate serial: 01857195683708B906FC6E12D0BBC953413D
Authority key identifier: 90:17:B0:BD:90:82:7D:E0:8D:24:FE:F6:1B:CC:44:86:20:24:BF:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kBewvZCCfeCNJP72G8xEhiAkv34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/R87Ia-Ev8u4BaFI9d5uy15hel3s.roa
Signing time: Mon 02 Jan 2023 08:24:55 +0000
ROA not before: Mon 02 Jan 2023 08:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210367
IP address blocks: 195.234.49.0/24 maxlen: 24
2a12:840:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:68:37:08:b9:06:fc:6e:12:d0:bb:c9:53:41:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9017b0bd90827de08d24fef61bcc44862024bf7e
Validity
Not Before: Jan 2 08:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47cec86be12ff2ee0168523d779bb2d7985e977b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8d:b2:26:09:3c:d6:25:c7:0c:ae:8e:51:ab:
6a:7d:cb:40:48:39:41:0a:02:8f:aa:b7:56:5c:e8:
93:e9:83:56:9f:48:d2:56:2a:11:cd:70:eb:df:e8:
77:8a:b8:49:09:e8:88:d8:28:ad:7e:db:e2:26:99:
54:1c:ed:f3:21:69:8a:c7:37:ba:53:d9:40:8c:2c:
94:3f:d8:88:e8:4e:4e:68:20:eb:09:f7:e3:b0:ed:
b6:21:1a:e3:0e:d7:91:5d:88:17:10:6f:2e:bd:24:
0f:b0:2b:d2:fe:09:1b:8b:e5:d5:bb:79:b7:92:e2:
78:af:97:b9:be:ec:c8:93:a5:3c:65:85:f0:97:9a:
44:ee:de:9d:a8:72:7f:e2:41:71:07:ee:0e:90:90:
c9:da:5f:e0:10:aa:dc:42:39:8d:e0:85:08:c7:31:
2f:1f:fb:99:c7:18:e8:e3:f4:af:9c:b5:b2:4f:b4:
a2:e1:d8:49:36:9f:e0:62:7f:77:82:21:9b:69:c1:
4c:fa:9d:97:2b:88:5a:67:cf:04:27:d4:91:77:79:
a5:c6:ea:7b:f9:3d:fc:f2:86:3c:55:c3:a9:41:04:
ce:13:59:9b:81:a8:7e:61:34:f3:3c:c7:eb:5b:34:
38:95:6c:c2:88:c8:d0:1f:71:88:e2:16:03:e8:60:
24:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:CE:C8:6B:E1:2F:F2:EE:01:68:52:3D:77:9B:B2:D7:98:5E:97:7B
X509v3 Authority Key Identifier:
keyid:90:17:B0:BD:90:82:7D:E0:8D:24:FE:F6:1B:CC:44:86:20:24:BF:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kBewvZCCfeCNJP72G8xEhiAkv34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/R87Ia-Ev8u4BaFI9d5uy15hel3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/kBewvZCCfeCNJP72G8xEhiAkv34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.49.0/24
IPv6:
2a12:840:1::/48
Signature Algorithm: sha256WithRSAEncryption
08:4c:01:4c:e0:1f:d6:6b:37:18:c7:9d:d9:dc:b6:63:ce:f8:
9a:18:28:08:4c:61:01:c4:ad:a4:d0:e2:2e:57:f6:4c:30:34:
5c:79:fe:b1:f9:56:e4:46:ca:6c:58:0d:6b:77:ba:b3:15:ce:
72:48:d6:54:aa:d9:61:be:4b:3c:80:7f:40:d6:03:75:ea:48:
2b:d2:0f:2e:b3:fa:d5:f7:9b:36:57:9f:bd:d7:fc:7e:53:7e:
b4:c1:1e:0a:0c:c8:25:c5:1f:38:05:56:dc:bb:fc:59:1f:8a:
a3:83:d9:f2:67:0e:aa:b9:a6:f9:74:51:94:22:e4:7c:ba:e7:
cb:40:71:40:84:6d:57:5a:11:ed:90:35:4b:e7:4e:33:0b:c3:
13:cf:70:5e:d6:52:43:62:7e:64:ee:9a:61:8f:98:b2:a6:65:
84:56:e8:a3:b6:39:72:56:2c:fd:75:b9:cf:72:63:73:55:95:
21:35:59:0c:37:75:f2:bd:19:16:98:8a:9a:69:c1:2c:91:44:
ac:aa:1b:3e:e3:94:65:46:e4:88:54:c7:dd:ee:35:8f:d0:89:
bb:45:68:71:4d:4b:fd:5c:d8:aa:88:0b:0b:a3:93:03:e2:67:
8d:78:ee:41:41:49:7a:95:bc:22:10:8b:88:75:61:10:c2:1c:
f8:4d:93:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxlWg3CLkG/G4S0LvJU0E9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMTdiMGJkOTA4MjdkZTA4ZDI0ZmVmNjFiY2M0NDg2MjAy
NGJmN2UwHhcNMjMwMTAyMDgyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2NlYzg2YmUxMmZmMmVlMDE2ODUyM2Q3NzliYjJkNzk4NWU5NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI2yJgk81iXHDK6OUatqfctASDlB
CgKPqrdWXOiT6YNWn0jSVioRzXDr3+h3irhJCeiI2CitftviJplUHO3zIWmKxze6
U9lAjCyUP9iI6E5OaCDrCffjsO22IRrjDteRXYgXEG8uvSQPsCvS/gkbi+XVu3m3
kuJ4r5e5vuzIk6U8ZYXwl5pE7t6dqHJ/4kFxB+4OkJDJ2l/gEKrcQjmN4IUIxzEv
H/uZxxjo4/SvnLWyT7Si4dhJNp/gYn93giGbacFM+p2XK4haZ88EJ9SRd3mlxup7
+T388oY8VcOpQQTOE1mbgah+YTTzPMfrWzQ4lWzCiMjQH3GI4hYD6GAkuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEfOyGvhL/LuAWhSPXebsteYXpd7MB8GA1UdIwQY
MBaAFJAXsL2Qgn3gjST+9hvMRIYgJL9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0Jld3ZaQ0NmZUNOSlA3Mkc4eEVoaUFrdjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9iYjU2MGEtNDI4NC00ZmMwLWIwNWQt
YThiZTk5MzJhYTg5LzEvUjg3SWEtRXY4dTRCYUZJOWQ1dXkxNWhlbDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9iYjU2MGEtNDI4NC00ZmMwLWIwNWQtYThiZTk5MzJhYTg5
LzEva0Jld3ZaQ0NmZUNOSlA3Mkc4eEVoaUFrdjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw+oxMA8E
AgACMAkDBwAqEghAAAEwDQYJKoZIhvcNAQELBQADggEBAAhMAUzgH9ZrNxjHndnc
tmPO+JoYKAhMYQHEraTQ4i5X9kwwNFx5/rH5VuRGymxYDWt3urMVznJI1lSq2WG+
SzyAf0DWA3XqSCvSDy6z+tX3mzZXn73X/H5TfrTBHgoMyCXFHzgFVty7/FkfiqOD
2fJnDqq5pvl0UZQi5Hy658tAcUCEbVdaEe2QNUvnTjMLwxPPcF7WUkNifmTummGP
mLKmZYRW6KO2OXJWLP11uc9yY3NVlSE1WQw3dfK9GRaYipppwSyRRKyqGz7jlGVG
5IhUx93uNY/QibtFaHFNS/1c2KqICwujkwPiZ4147kFBSXqVvCIQi4h1YRDCHPhN
k5o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:19 2024 by rpki-client on console-fra.rpki-client.org