Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/I0UcssrwK4YrtrkMHjYjGDXWpjc.roa
File: I0UcssrwK4YrtrkMHjYjGDXWpjc.roa (raw, json)
Hash identifier: 3tKCNMkkl7MRdKskJPBVh/7rEjaNvLsIOBh7S0blndU=
Subject key identifier: 23:45:1C:B2:CA:F0:2B:86:2B:B6:B9:0C:1E:36:23:18:35:D6:A6:37
Certificate issuer: /CN=0e6d8fd77dade3d3f96cb49931948c2729ada0de
Certificate serial: 018CC8DF06DB2FA02D5F0B079D00C9E2A940
Authority key identifier: 0E:6D:8F:D7:7D:AD:E3:D3:F9:6C:B4:99:31:94:8C:27:29:AD:A0:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dm2P132t49P5bLSZMZSMJymtoN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/I0UcssrwK4YrtrkMHjYjGDXWpjc.roa
Signing time: Tue 02 Jan 2024 06:31:48 +0000
ROA not before: Tue 02 Jan 2024 06:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209049
IP address blocks: 195.110.176.0/21 maxlen: 24
195.110.183.0/24 maxlen: 24
195.110.180.0/22 maxlen: 24
195.110.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 10:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:06:db:2f:a0:2d:5f:0b:07:9d:00:c9:e2:a9:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6d8fd77dade3d3f96cb49931948c2729ada0de
Validity
Not Before: Jan 2 06:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23451cb2caf02b862bb6b90c1e36231835d6a637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:26:e9:ea:02:e7:20:c7:77:e6:9b:9b:78:7b:
0b:56:d3:97:44:06:35:ad:11:0d:e1:53:e7:e4:56:
af:fe:a4:b6:15:ef:6a:ae:c6:6e:7c:51:a3:a9:25:
7f:0f:d5:92:6a:ce:c3:b2:a9:d9:55:49:1c:a0:da:
f1:ef:73:e7:48:83:22:c5:2d:b5:70:20:44:7c:58:
e7:fa:96:8d:1e:dc:dd:54:89:12:dc:b0:c2:d0:12:
2c:1e:6f:71:87:6e:d1:b2:7c:57:dc:20:7d:d7:7a:
d0:fb:cd:c7:72:46:3d:89:17:5e:91:d9:a2:0f:08:
2b:21:ff:ab:c2:67:02:ef:8f:30:97:f0:4c:9f:2c:
fa:1e:b9:78:d7:e8:a5:2c:ce:49:cf:4d:4b:94:89:
90:19:2c:5d:09:f0:ec:70:d1:fa:d5:47:a7:de:f9:
60:94:e7:12:72:54:00:e2:3c:49:31:d7:17:9a:97:
f2:34:01:48:43:e8:d6:7c:14:ab:cb:82:db:eb:16:
49:4e:f8:9d:0b:c5:f1:29:0c:89:9c:fe:55:7b:53:
78:8a:bd:bc:bb:77:ea:dd:08:73:fd:b9:7c:9b:94:
d2:84:71:97:dc:bf:9b:3f:00:27:85:a3:69:54:dc:
dd:46:fe:f7:2e:45:ce:eb:3b:6f:b3:72:02:16:ec:
bc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:45:1C:B2:CA:F0:2B:86:2B:B6:B9:0C:1E:36:23:18:35:D6:A6:37
X509v3 Authority Key Identifier:
keyid:0E:6D:8F:D7:7D:AD:E3:D3:F9:6C:B4:99:31:94:8C:27:29:AD:A0:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dm2P132t49P5bLSZMZSMJymtoN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/I0UcssrwK4YrtrkMHjYjGDXWpjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6977cd-4343-4b4c-8cea-bd35c048b930/1/Dm2P132t49P5bLSZMZSMJymtoN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.110.176.0/21
Signature Algorithm: sha256WithRSAEncryption
73:b3:95:cd:1f:c3:b0:36:85:40:0a:dd:22:78:0d:bf:ec:1c:
c8:c5:b3:22:8b:92:07:62:a8:69:ee:59:fc:72:75:2f:db:86:
68:0d:8a:04:c0:3f:bf:d7:1a:b6:0a:dd:b1:e7:aa:3f:e4:6e:
36:13:89:9d:74:36:f0:63:c0:5c:b8:6a:40:88:53:a8:cc:bf:
93:53:c0:52:d4:ad:74:14:f3:df:f6:b1:10:fc:cf:db:07:9b:
ac:69:fa:eb:2c:93:90:e4:4b:ac:e1:17:68:f3:c5:62:e5:63:
44:15:56:a5:5e:17:0f:2f:8f:9e:0e:4b:38:1a:06:51:38:36:
be:e1:b1:ad:2c:f0:6b:c7:1b:ce:9f:13:3a:12:d9:e9:49:ab:
4e:91:95:cf:3c:f0:9b:50:0a:ab:6f:cc:49:be:ad:f9:4c:7c:
6d:fc:5a:09:10:95:26:98:39:b6:56:80:85:b4:51:09:29:4b:
7b:4e:a0:97:6f:60:ca:39:68:ca:78:44:a2:cd:62:dd:02:1f:
16:66:5a:5a:c2:f9:ce:5f:18:df:05:f7:1f:cb:79:1b:7f:00:
23:76:f1:ad:fd:48:82:98:32:1e:7f:70:4b:b4:42:29:7c:1d:
da:b7:4a:f5:ce:6e:08:d7:9b:72:a1:18:d6:7b:f2:04:a7:50:
a2:c0:d1:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3wbbL6AtXwsHnQDJ4qlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmQ4ZmQ3N2RhZGUzZDNmOTZjYjQ5OTMxOTQ4YzI3Mjlh
ZGEwZGUwHhcNMjQwMTAyMDYzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQ1MWNiMmNhZjAyYjg2MmJiNmI5MGMxZTM2MjMxODM1ZDZhNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCbp6gLnIMd35pubeHsLVtOXRAY1
rREN4VPn5Fav/qS2Fe9qrsZufFGjqSV/D9WSas7DsqnZVUkcoNrx73PnSIMixS21
cCBEfFjn+paNHtzdVIkS3LDC0BIsHm9xh27RsnxX3CB913rQ+83HckY9iRdekdmi
DwgrIf+rwmcC748wl/BMnyz6Hrl41+ilLM5Jz01LlImQGSxdCfDscNH61Uen3vlg
lOcSclQA4jxJMdcXmpfyNAFIQ+jWfBSry4Lb6xZJTvidC8XxKQyJnP5Ve1N4ir28
u3fq3Qhz/bl8m5TShHGX3L+bPwAnhaNpVNzdRv73LkXO6ztvs3ICFuy8owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNFHLLK8CuGK7a5DB42Ixg11qY3MB8GA1UdIwQY
MBaAFA5tj9d9rePT+Wy0mTGUjCcpraDeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG0yUDEzMnQ0OVA1YkxTWk1aU01KeW10b040LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82OTc3Y2QtNDM0My00YjRjLThjZWEt
YmQzNWMwNDhiOTMwLzEvSTBVY3NzcndLNFlydHJrTUhqWWpHRFhXcGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82OTc3Y2QtNDM0My00YjRjLThjZWEtYmQzNWMwNDhiOTMw
LzEvRG0yUDEzMnQ0OVA1YkxTWk1aU01KeW10b040LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDw26wMA0G
CSqGSIb3DQEBCwUAA4IBAQBzs5XNH8OwNoVACt0ieA2/7BzIxbMii5IHYqhp7ln8
cnUv24ZoDYoEwD+/1xq2Ct2x56o/5G42E4mddDbwY8BcuGpAiFOozL+TU8BS1K10
FPPf9rEQ/M/bB5usafrrLJOQ5Eus4Rdo88Vi5WNEFValXhcPL4+eDks4GgZRODa+
4bGtLPBrxxvOnxM6EtnpSatOkZXPPPCbUAqrb8xJvq35THxt/FoJEJUmmDm2VoCF
tFEJKUt7TqCXb2DKOWjKeESizWLdAh8WZlpawvnOXxjfBfcfy3kbfwAjdvGt/UiC
mDIef3BLtEIpfB3at0r1zm4I15tyoRjWe/IEp1CiwNFY
-----END CERTIFICATE-----
Generated at Mon Aug 5 12:53:52 2024 by rpki-client on console-ams.rpki-client.org