Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/tz73bHfk6lkyUVzMDxrqeXqmF_4.roa
File: tz73bHfk6lkyUVzMDxrqeXqmF_4.roa (raw, json)
Hash identifier: /ufN8cuUwifcbZRfRjvd0dOgUngjqpzBoHaUjbO30a8=
Subject key identifier: B7:3E:F7:6C:77:E4:EA:59:32:51:5C:CC:0F:1A:EA:79:7A:A6:17:FE
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBCB6BE7625E05A68D9D183DA35EB3
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/tz73bHfk6lkyUVzMDxrqeXqmF_4.roa
Signing time: Tue 02 Jan 2024 10:32:56 +0000
ROA not before: Tue 02 Jan 2024 10:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28924
IP address blocks: 195.56.147.0/24 maxlen: 24
195.56.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:cb:6b:e7:62:5e:05:a6:8d:9d:18:3d:a3:5e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b73ef76c77e4ea5932515ccc0f1aea797aa617fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3c:3f:fd:ac:a4:9c:00:1b:b3:db:74:03:24:
03:b4:74:bc:b6:87:df:8c:b0:ce:06:a1:c6:e7:aa:
10:2f:26:96:2c:1e:81:89:59:bd:ff:2d:5f:14:59:
ee:86:bc:78:05:17:7e:24:51:b0:0f:9d:23:3c:00:
7a:73:33:77:bf:b3:4c:21:35:f8:51:eb:80:8a:b9:
65:d6:19:2f:fd:2b:bc:4d:7f:7e:ff:bb:f3:bc:c1:
b9:c1:c0:cf:dd:de:d5:b9:e8:91:46:56:59:d4:e8:
8c:7b:c9:fe:82:a2:37:50:cb:43:6b:30:0a:12:d7:
b5:a3:4a:fc:a7:e3:c3:3a:ae:83:65:b2:75:82:bb:
63:ec:f4:a2:f8:20:3f:7c:b9:c2:3b:ba:25:e8:84:
d5:07:f7:9c:2c:fa:8d:a6:17:82:62:41:a0:16:51:
7b:e4:99:bb:32:95:b0:cc:dd:28:95:ff:69:d3:c5:
86:f6:b0:d4:8a:72:e6:c0:0a:f4:b5:4b:82:44:ab:
26:0e:84:84:cd:fa:07:47:72:a8:5e:f2:4b:2e:b8:
44:f7:b1:d6:b6:6f:27:c1:d7:de:2a:b9:09:9e:93:
25:46:44:56:02:cd:e1:4c:58:ca:13:df:54:7b:7a:
68:69:e3:e0:b4:01:a7:25:fb:a4:b2:12:c0:56:01:
89:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:3E:F7:6C:77:E4:EA:59:32:51:5C:CC:0F:1A:EA:79:7A:A6:17:FE
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/tz73bHfk6lkyUVzMDxrqeXqmF_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.56.44.0/24
195.56.147.0/24
Signature Algorithm: sha256WithRSAEncryption
65:15:26:55:ef:4a:03:44:5f:72:1a:ea:b3:51:ec:99:95:b8:
a1:18:7d:5c:2e:c6:79:11:33:be:83:82:97:6c:74:92:41:51:
0b:fd:1f:56:26:da:32:ce:9a:cc:9a:54:1a:20:45:a6:71:84:
77:5c:7e:be:cd:73:f0:c0:bb:bf:42:2f:38:a3:ba:ef:c8:4a:
d9:0b:3d:82:1f:46:b1:0c:0c:13:de:d7:d4:f4:26:b6:9c:f2:
1a:53:4f:7f:82:db:87:ec:0f:9b:39:3f:75:2e:d0:bf:ac:f3:
5d:69:d4:e6:46:17:e2:c1:78:3d:0e:1d:ff:2a:45:60:ca:ca:
c2:0b:3b:c7:17:03:e4:af:c5:4e:00:fc:e0:1e:13:2f:b6:d1:
88:5f:33:a1:95:33:56:5b:07:6b:15:f4:b8:67:5e:9d:0b:93:
a0:bd:41:96:71:76:fa:ac:f1:69:87:4b:6f:8c:53:e6:f5:31:
f1:63:7c:bd:13:9d:50:69:9d:4a:da:3f:0f:3f:d2:2b:aa:f4:
41:0f:12:24:e7:2b:6c:3b:5f:4e:8a:13:5f:4f:5e:77:14:79:
70:fd:d5:7f:47:1f:35:77:1e:8c:4e:85:90:2b:63:c9:7c:32:
09:69:d2:5e:00:4f:3a:47:19:6e:9b:74:62:ba:81:a7:c6:f0:
32:36:a4:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJu8tr52JeBaaNnRg9o16zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzNlZjc2Yzc3ZTRlYTU5MzI1MTVjY2MwZjFhZWE3OTdhYTYxN2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojw//ayknAAbs9t0AyQDtHS8toff
jLDOBqHG56oQLyaWLB6BiVm9/y1fFFnuhrx4BRd+JFGwD50jPAB6czN3v7NMITX4
UeuAirll1hkv/Su8TX9+/7vzvMG5wcDP3d7VueiRRlZZ1OiMe8n+gqI3UMtDazAK
Ete1o0r8p+PDOq6DZbJ1grtj7PSi+CA/fLnCO7ol6ITVB/ecLPqNpheCYkGgFlF7
5Jm7MpWwzN0olf9p08WG9rDUinLmwAr0tUuCRKsmDoSEzfoHR3KoXvJLLrhE97HW
tm8nwdfeKrkJnpMlRkRWAs3hTFjKE99Ue3poaePgtAGnJfukshLAVgGJcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLc+92x35OpZMlFczA8a6nl6phf+MB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvdHo3M2JIZms2bGt5VVZ6TUR4cnFlWHFtRl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwzgsAwQA
wziTMA0GCSqGSIb3DQEBCwUAA4IBAQBlFSZV70oDRF9yGuqzUeyZlbihGH1cLsZ5
ETO+g4KXbHSSQVEL/R9WJtoyzprMmlQaIEWmcYR3XH6+zXPwwLu/Qi84o7rvyErZ
Cz2CH0axDAwT3tfU9Ca2nPIaU09/gtuH7A+bOT91LtC/rPNdadTmRhfiwXg9Dh3/
KkVgysrCCzvHFwPkr8VOAPzgHhMvttGIXzOhlTNWWwdrFfS4Z16dC5OgvUGWcXb6
rPFph0tvjFPm9THxY3y9E51QaZ1K2j8PP9IrqvRBDxIk5ytsO19OihNfT153FHlw
/dV/Rx81dx6MToWQK2PJfDIJadJeAE86Rxlum3RiuoGnxvAyNqTi
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:51:35 2025 by rpki-client