Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/6NhDZP5fLm1PgWBN-h3fdfM5mxY.roa
File: 6NhDZP5fLm1PgWBN-h3fdfM5mxY.roa (raw, json)
Hash identifier: BxiTMYUMzK5ZYITcMZFDbhvPnnp8OnUSKxIfD9vT4fw=
Subject key identifier: E8:D8:43:64:FE:5F:2E:6D:4F:81:60:4D:FA:1D:DF:75:F3:39:9B:16
Certificate issuer: /CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Certificate serial: 018CC4250F3D8870BAE39B1A31C06FE811D4
Authority key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/6NhDZP5fLm1PgWBN-h3fdfM5mxY.roa
Signing time: Mon 01 Jan 2024 08:30:12 +0000
ROA not before: Mon 01 Jan 2024 08:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48943
IP address blocks: 195.10.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0f:3d:88:70:ba:e3:9b:1a:31:c0:6f:e8:11:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Validity
Not Before: Jan 1 08:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8d84364fe5f2e6d4f81604dfa1ddf75f3399b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d5:dc:48:0c:67:ac:b7:fc:bc:fd:bc:f8:75:
7c:f1:72:9b:64:6d:c2:fa:e3:f0:76:d3:5c:e5:1a:
44:a0:c6:eb:a0:20:a5:2a:5c:b4:d7:8c:b2:8b:bf:
6b:10:af:bc:76:71:9d:d8:25:72:22:f5:1f:8a:bb:
45:4b:da:2d:ea:09:1e:44:17:dc:8b:7b:44:3c:cd:
25:fc:80:b7:70:61:79:a2:f8:2e:ba:67:22:b4:ae:
93:fa:ec:66:c9:d2:d7:14:e6:0b:a1:1f:d1:b3:52:
91:8a:a1:a4:4e:23:0c:58:27:64:1f:d1:e6:83:01:
7d:00:f2:f6:02:5b:01:ba:d6:72:c3:db:9d:10:53:
a7:0e:f8:b2:b2:cc:6e:c1:18:6e:38:24:79:49:5a:
66:86:e3:fd:9b:c4:c3:2a:78:56:dd:a3:fe:dd:83:
ce:c8:b2:7f:ca:9a:cb:57:43:0d:50:4c:71:36:da:
a1:3c:b4:61:97:9f:f5:c9:39:db:c0:5e:31:8c:7d:
f6:80:85:a6:a0:55:8a:59:97:11:56:a3:54:30:e6:
bb:5a:69:10:0c:d5:4a:af:a0:69:f7:59:a5:e7:a9:
2c:84:45:53:19:6d:cb:a9:c6:da:3c:60:69:6c:4f:
54:95:3c:4a:20:bf:2a:6d:b9:47:51:88:6b:07:13:
40:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D8:43:64:FE:5F:2E:6D:4F:81:60:4D:FA:1D:DF:75:F3:39:9B:16
X509v3 Authority Key Identifier:
keyid:5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/6NhDZP5fLm1PgWBN-h3fdfM5mxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.10.206.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:38:95:6f:2e:6d:40:33:44:ce:15:e6:d6:a6:ab:8c:50:72:
7c:24:90:6f:e6:5c:dc:ca:87:b7:50:ce:aa:c6:42:c6:11:42:
84:9d:36:e1:a6:2f:9f:15:b4:2c:e2:0d:9a:2e:ab:9c:56:57:
b8:be:6b:05:9a:af:4a:c9:6e:f9:89:c8:f0:77:e5:d9:4b:2b:
13:e6:3b:e2:6c:01:8f:55:97:3d:1f:6d:2d:80:42:08:97:b4:
0a:89:31:48:bd:88:5c:49:58:57:3b:04:6a:b3:3e:2c:f3:7d:
a0:cb:7a:da:f5:54:71:f0:6b:c4:48:0d:f9:9d:36:ed:78:8c:
fe:af:bd:26:d3:d2:4e:bd:a3:97:9c:39:d7:3d:6b:52:ba:b0:
7f:4d:c4:f1:ad:b4:ea:84:70:55:b9:5a:f6:41:d1:bd:09:92:
ab:32:9d:b4:c3:88:09:30:ce:40:24:bd:90:e3:68:09:63:45:
46:65:fd:ab:6b:43:d9:f8:11:bd:f6:c9:1b:e9:67:da:db:2a:
de:48:67:26:fa:5c:99:ae:cf:a1:d4:56:c2:79:e8:00:b3:28:
ee:0f:c9:4a:18:33:af:13:12:af:3a:70:43:c8:48:86:bd:4a:
c1:bc:7d:9c:2c:c8:00:fe:f8:5b:88:75:13:ef:32:60:88:56:
60:e9:3e:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJQ89iHC645saMcBv6BHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYmQ2Y2Q5MWFkNmE3Mjg2YjIxZjY1MDlmZGQ5ZjUwZmVl
NzVkODcwHhcNMjQwMTAxMDgzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGQ4NDM2NGZlNWYyZTZkNGY4MTYwNGRmYTFkZGY3NWYzMzk5YjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdXcSAxnrLf8vP28+HV88XKbZG3C
+uPwdtNc5RpEoMbroCClKly014yyi79rEK+8dnGd2CVyIvUfirtFS9ot6gkeRBfc
i3tEPM0l/IC3cGF5ovguumcitK6T+uxmydLXFOYLoR/Rs1KRiqGkTiMMWCdkH9Hm
gwF9APL2AlsButZyw9udEFOnDviyssxuwRhuOCR5SVpmhuP9m8TDKnhW3aP+3YPO
yLJ/yprLV0MNUExxNtqhPLRhl5/1yTnbwF4xjH32gIWmoFWKWZcRVqNUMOa7WmkQ
DNVKr6Bp91ml56kshEVTGW3LqcbaPGBpbE9UlTxKIL8qbblHUYhrBxNAaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOjYQ2T+Xy5tT4FgTfod33XzOZsWMB8GA1UdIwQY
MBaAFFy9bNka1qcoayH2UJ/dn1D+512HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQt
ZmJhMDc0YmExYjkwLzEvNk5oRFpQNWZMbTFQZ1dCTi1oM2ZkZk01bXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQtZmJhMDc0YmExYjkw
LzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrOMA0G
CSqGSIb3DQEBCwUAA4IBAQCbOJVvLm1AM0TOFebWpquMUHJ8JJBv5lzcyoe3UM6q
xkLGEUKEnTbhpi+fFbQs4g2aLqucVle4vmsFmq9KyW75icjwd+XZSysT5jvibAGP
VZc9H20tgEIIl7QKiTFIvYhcSVhXOwRqsz4s832gy3ra9VRx8GvESA35nTbteIz+
r70m09JOvaOXnDnXPWtSurB/TcTxrbTqhHBVuVr2QdG9CZKrMp20w4gJMM5AJL2Q
42gJY0VGZf2ra0PZ+BG99skb6Wfa2yreSGcm+lyZrs+h1FbCeegAsyjuD8lKGDOv
ExKvOnBDyEiGvUrBvH2cLMgA/vhbiHUT7zJgiFZg6T61
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:42 2025 by rpki-client