Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/eHLcVJbghcLvR2Xmc0E35ypcBPM.roa
File: eHLcVJbghcLvR2Xmc0E35ypcBPM.roa (raw, json)
Hash identifier: FiJUnTC6wnscAYWv9qwkmxAktWraZ0hsq466rZ4tJrA=
Subject key identifier: 78:72:DC:54:96:E0:85:C2:EF:47:65:E6:73:41:37:E7:2A:5C:04:F3
Certificate issuer: /CN=9017b0bd90827de08d24fef61bcc44862024bf7e
Certificate serial: 018CC56E7551EF3AA5D795DB8450A4BF7B3A
Authority key identifier: 90:17:B0:BD:90:82:7D:E0:8D:24:FE:F6:1B:CC:44:86:20:24:BF:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kBewvZCCfeCNJP72G8xEhiAkv34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/eHLcVJbghcLvR2Xmc0E35ypcBPM.roa
Signing time: Mon 01 Jan 2024 14:29:59 +0000
ROA not before: Mon 01 Jan 2024 14:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210367
IP address blocks: 195.234.49.0/24 maxlen: 24
2a12:840:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Apr 2024 15:18:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:75:51:ef:3a:a5:d7:95:db:84:50:a4:bf:7b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9017b0bd90827de08d24fef61bcc44862024bf7e
Validity
Not Before: Jan 1 14:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7872dc5496e085c2ef4765e6734137e72a5c04f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b7:12:bc:d0:bb:70:0d:70:78:18:5c:61:60:
81:0e:ff:81:4b:eb:b5:89:bf:c1:26:5d:39:2b:5d:
af:ea:ff:07:94:dd:3f:94:57:26:2a:ed:33:e4:eb:
2a:28:7b:7b:4b:68:1a:86:5a:72:db:ca:05:61:a2:
22:e7:00:95:d7:5f:b9:02:2c:f4:2c:ae:49:13:d2:
9d:11:61:74:3c:47:c0:c1:fb:a8:d1:d4:ae:95:a6:
1f:7c:ac:3b:b2:1a:b0:22:13:ba:42:7f:b3:1d:fd:
6a:b7:92:2e:2b:4b:fd:08:c7:77:01:0f:64:4d:1b:
73:9c:40:0b:ae:95:90:15:d9:f6:9e:8b:39:23:f4:
7e:01:9e:eb:b0:c8:7f:07:08:dd:5e:78:cb:9c:0d:
c0:bd:0d:34:16:dd:0e:fe:e4:36:af:af:8c:9c:62:
92:3f:b1:16:08:c3:69:ae:5f:d3:3e:4e:14:c4:46:
66:99:b7:cb:d7:a9:42:91:51:57:41:85:ca:a5:78:
e9:8d:5e:2d:0e:62:ce:77:6b:11:6f:33:e8:89:1f:
9f:0b:f8:a9:2c:fe:bb:6d:7e:ec:dd:5b:62:a7:45:
0a:19:27:a6:25:51:72:e4:3f:ea:69:c2:bd:22:e4:
5e:12:03:31:be:9a:c0:cd:c8:ea:8f:a8:b7:30:90:
ef:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:72:DC:54:96:E0:85:C2:EF:47:65:E6:73:41:37:E7:2A:5C:04:F3
X509v3 Authority Key Identifier:
keyid:90:17:B0:BD:90:82:7D:E0:8D:24:FE:F6:1B:CC:44:86:20:24:BF:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kBewvZCCfeCNJP72G8xEhiAkv34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/eHLcVJbghcLvR2Xmc0E35ypcBPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/kBewvZCCfeCNJP72G8xEhiAkv34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.49.0/24
IPv6:
2a12:840:1::/48
Signature Algorithm: sha256WithRSAEncryption
98:36:5f:73:0b:d0:78:76:ce:c2:f1:3d:1f:33:12:84:03:d9:
8f:65:05:7b:2e:13:b3:4c:2e:26:44:e1:e1:96:90:f7:6c:9d:
b2:a9:4b:85:46:f6:de:5f:0d:25:af:fc:8e:f9:f8:c2:a3:50:
6e:d2:21:e7:17:0c:b8:a8:8a:ba:cf:d7:ad:34:86:c3:52:a2:
4f:88:84:b2:22:96:d9:30:b3:d3:c8:a1:0a:7e:71:05:19:61:
36:7a:5b:51:8c:88:95:41:f5:d4:4e:f0:d6:40:8b:92:3e:c7:
0c:b3:21:ef:a3:cd:09:a3:a9:79:b9:3a:b2:52:7f:27:f0:1a:
a6:a6:e7:5a:82:3f:a1:33:ac:a2:75:9e:0d:17:c2:af:01:b1:
dd:17:0a:03:11:84:a9:1e:79:b5:58:31:27:44:bf:9b:c4:25:
c9:b6:26:ca:e0:24:9e:d6:5b:c6:b5:97:ce:e1:34:08:a2:3c:
de:20:ef:40:8b:61:70:2c:f7:88:64:87:08:24:20:f2:28:02:
d1:2d:07:2e:ab:65:57:11:ae:92:9c:d6:ca:3e:26:91:97:22:
7b:64:3a:57:f4:d4:4a:03:a5:0b:4f:bf:9e:69:79:96:22:a2:
76:eb:99:75:27:32:f0:ec:44:42:ee:2c:3c:60:d6:7e:b7:a5:
a0:a7:34:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFbnVR7zql15XbhFCkv3s6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMTdiMGJkOTA4MjdkZTA4ZDI0ZmVmNjFiY2M0NDg2MjAy
NGJmN2UwHhcNMjQwMTAxMTQyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODcyZGM1NDk2ZTA4NWMyZWY0NzY1ZTY3MzQxMzdlNzJhNWMwNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbcSvNC7cA1weBhcYWCBDv+BS+u1
ib/BJl05K12v6v8HlN0/lFcmKu0z5OsqKHt7S2gahlpy28oFYaIi5wCV11+5Aiz0
LK5JE9KdEWF0PEfAwfuo0dSulaYffKw7shqwIhO6Qn+zHf1qt5IuK0v9CMd3AQ9k
TRtznEALrpWQFdn2nos5I/R+AZ7rsMh/BwjdXnjLnA3AvQ00Ft0O/uQ2r6+MnGKS
P7EWCMNprl/TPk4UxEZmmbfL16lCkVFXQYXKpXjpjV4tDmLOd2sRbzPoiR+fC/ip
LP67bX7s3Vtip0UKGSemJVFy5D/qacK9IuReEgMxvprAzcjqj6i3MJDvswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHhy3FSW4IXC70dl5nNBN+cqXATzMB8GA1UdIwQY
MBaAFJAXsL2Qgn3gjST+9hvMRIYgJL9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0Jld3ZaQ0NmZUNOSlA3Mkc4eEVoaUFrdjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9iYjU2MGEtNDI4NC00ZmMwLWIwNWQt
YThiZTk5MzJhYTg5LzEvZUhMY1ZKYmdoY0x2UjJYbWMwRTM1eXBjQlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9iYjU2MGEtNDI4NC00ZmMwLWIwNWQtYThiZTk5MzJhYTg5
LzEva0Jld3ZaQ0NmZUNOSlA3Mkc4eEVoaUFrdjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw+oxMA8E
AgACMAkDBwAqEghAAAEwDQYJKoZIhvcNAQELBQADggEBAJg2X3ML0Hh2zsLxPR8z
EoQD2Y9lBXsuE7NMLiZE4eGWkPdsnbKpS4VG9t5fDSWv/I75+MKjUG7SIecXDLio
irrP1600hsNSok+IhLIiltkws9PIoQp+cQUZYTZ6W1GMiJVB9dRO8NZAi5I+xwyz
Ie+jzQmjqXm5OrJSfyfwGqam51qCP6EzrKJ1ng0Xwq8Bsd0XCgMRhKkeebVYMSdE
v5vEJcm2JsrgJJ7WW8a1l87hNAiiPN4g70CLYXAs94hkhwgkIPIoAtEtBy6rZVcR
rpKc1so+JpGXIntkOlf01EoDpQtPv55peZYionbrmXUnMvDsRELuLDxg1n63paCn
NLQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:19 2024 by rpki-client on console-fra.rpki-client.org