Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/H5yDVzIbnYutgtAxkgfkwdupuqA.roa
File: H5yDVzIbnYutgtAxkgfkwdupuqA.roa (raw, json)
Hash identifier: TSAKGeJOajtuAXDjLZKO9jxuYahCW9HDTHjiJvqj0NI=
Subject key identifier: 1F:9C:83:57:32:1B:9D:8B:AD:82:D0:31:92:07:E4:C1:DB:A9:BA:A0
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0192430A6A2C36AFAA85B3A61D8400AB24D0
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/H5yDVzIbnYutgtAxkgfkwdupuqA.roa
Signing time: Mon 30 Sep 2024 13:06:48 +0000
ROA not before: Mon 30 Sep 2024 13:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214304
IP address blocks: 195.216.186.0/24 maxlen: 24
195.216.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 07:18:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:0a:6a:2c:36:af:aa:85:b3:a6:1d:84:00:ab:24:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Sep 30 13:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f9c8357321b9d8bad82d0319207e4c1dba9baa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1c:b3:b4:12:48:a1:b9:6f:9b:92:61:d9:de:
25:c3:2e:6a:35:f0:7e:02:23:c6:ff:8c:f8:a7:c7:
eb:4d:c8:33:ef:ea:65:e0:71:ef:f6:5c:11:12:b3:
db:63:8f:97:3c:19:8a:a2:64:f4:ee:d2:9d:4b:a7:
c9:6d:c7:a8:47:f7:4d:c0:a1:69:46:cd:2b:7c:7d:
06:7d:0f:2d:f9:f0:4c:04:19:d4:db:60:fa:d6:50:
9f:a2:2c:6a:f9:0c:9e:4a:1b:4f:78:cd:ef:ad:e8:
bf:6d:ed:ce:7b:ff:fc:89:a7:ef:46:f4:80:c1:ac:
e3:7b:ed:94:c8:57:d2:4c:01:d1:60:0b:2c:2f:11:
93:4c:9f:1d:32:1d:ef:79:b3:fe:29:f3:f3:e2:c8:
0a:97:c7:c6:7d:70:02:5e:ae:5f:e5:2e:0e:53:ca:
09:fa:01:3f:e8:82:fa:09:2f:2b:2c:41:91:b9:38:
48:5d:9b:c9:30:11:85:0f:89:3d:f6:41:67:db:97:
1f:2e:97:08:3b:13:13:1b:11:72:7d:f3:a3:4c:d2:
fb:53:ee:82:d0:c7:97:42:3d:0a:3b:5b:a3:dd:53:
ab:f9:f6:b1:86:19:2a:2b:6d:99:c2:b3:bf:ee:7d:
ec:80:d3:cb:64:43:9b:c1:74:c2:38:8d:2d:66:de:
75:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:9C:83:57:32:1B:9D:8B:AD:82:D0:31:92:07:E4:C1:DB:A9:BA:A0
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/H5yDVzIbnYutgtAxkgfkwdupuqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.186.0/24
195.216.189.0/24
Signature Algorithm: sha256WithRSAEncryption
63:d4:27:2e:a9:af:65:83:33:ae:50:ba:ac:bc:b6:7f:29:50:
56:42:f4:3e:ff:a5:29:83:be:9a:9d:9c:16:08:cf:b9:9e:28:
28:10:e3:38:ea:f2:5c:97:a2:ef:a0:8c:83:e3:cd:1e:27:38:
5f:b4:c7:3e:d1:1a:04:1c:79:c9:9e:e3:86:97:5b:6d:c1:32:
f6:0b:a9:f5:4a:e1:ac:23:54:e2:e8:08:d8:f4:a0:1c:fb:1b:
61:c3:0a:db:e2:b4:da:a7:e3:d1:95:af:dd:19:2d:9b:17:f0:
17:c4:45:40:0f:ac:0d:9b:e8:54:9a:f7:0e:1b:82:58:62:51:
dc:d8:7e:22:f3:19:c7:44:62:ab:fc:fc:57:10:d8:65:f4:bb:
e7:8d:10:ec:e0:f9:1e:97:09:88:3f:f1:53:b9:7b:c1:be:f8:
cf:5f:8f:52:c3:3a:a4:14:96:b8:ba:5d:ee:f2:0f:8f:08:2b:
68:d3:9a:8f:57:53:03:29:c1:fc:c3:fc:ab:3b:51:26:6f:32:
3c:a8:b2:10:f0:39:7e:f8:5b:e0:18:08:a5:bb:8c:d9:f6:00:
07:d5:67:74:d6:c1:3a:16:c0:10:4e:96:93:40:93:2d:6e:f6:
b1:b0:24:06:f3:92:e2:1e:43:13:8e:fa:3d:1b:bf:da:8a:a9:
44:db:be:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJDCmosNq+qhbOmHYQAqyTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwOTMwMTMwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjljODM1NzMyMWI5ZDhiYWQ4MmQwMzE5MjA3ZTRjMWRiYTliYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhyztBJIoblvm5Jh2d4lwy5qNfB+
AiPG/4z4p8frTcgz7+pl4HHv9lwRErPbY4+XPBmKomT07tKdS6fJbceoR/dNwKFp
Rs0rfH0GfQ8t+fBMBBnU22D61lCfoixq+QyeShtPeM3vrei/be3Oe//8iafvRvSA
wazje+2UyFfSTAHRYAssLxGTTJ8dMh3vebP+KfPz4sgKl8fGfXACXq5f5S4OU8oJ
+gE/6IL6CS8rLEGRuThIXZvJMBGFD4k99kFn25cfLpcIOxMTGxFyffOjTNL7U+6C
0MeXQj0KO1uj3VOr+faxhhkqK22ZwrO/7n3sgNPLZEObwXTCOI0tZt51MwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB+cg1cyG52LrYLQMZIH5MHbqbqgMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvSDV5RFZ6SWJuWXV0Z3RBeGtnZmt3ZHVwdXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw9i6AwQA
w9i9MA0GCSqGSIb3DQEBCwUAA4IBAQBj1Ccuqa9lgzOuULqsvLZ/KVBWQvQ+/6Up
g76anZwWCM+5nigoEOM46vJcl6LvoIyD480eJzhftMc+0RoEHHnJnuOGl1ttwTL2
C6n1SuGsI1Ti6AjY9KAc+xthwwrb4rTap+PRla/dGS2bF/AXxEVAD6wNm+hUmvcO
G4JYYlHc2H4i8xnHRGKr/PxXENhl9LvnjRDs4PkelwmIP/FTuXvBvvjPX49Swzqk
FJa4ul3u8g+PCCto05qPV1MDKcH8w/yrO1EmbzI8qLIQ8Dl++FvgGAilu4zZ9gAH
1Wd01sE6FsAQTpaTQJMtbvaxsCQG85LiHkMTjvo9G7/aiqlE275l
-----END CERTIFICATE-----
Generated at Fri Oct 11 09:08:50 2024 by rpki-client on console-fra.rpki-client.org