Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/K9eACo3xaj-WHGOG6PSm7z2kSpE.roa
File: K9eACo3xaj-WHGOG6PSm7z2kSpE.roa (raw, json)
Hash identifier: CEQFcVt4dQ9TToJyZ3qPtquDhlQa98q5f40RUYkQ1jk=
Subject key identifier: 2B:D7:80:0A:8D:F1:6A:3F:96:1C:63:86:E8:F4:A6:EF:3D:A4:4A:91
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01856FD4F2CF0BFF586B9E5E328FDF18B7CB
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/K9eACo3xaj-WHGOG6PSm7z2kSpE.roa
Signing time: Mon 02 Jan 2023 00:15:04 +0000
ROA not before: Mon 02 Jan 2023 00:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 195.216.182.0/23 maxlen: 32
195.216.182.0/24 maxlen: 32
195.216.183.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:f2:cf:0b:ff:58:6b:9e:5e:32:8f:df:18:b7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jan 2 00:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bd7800a8df16a3f961c6386e8f4a6ef3da44a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:22:45:fd:48:84:66:9b:17:84:9f:68:16:f2:
67:6f:32:ee:10:ce:27:a0:5d:c8:c0:9f:9a:e7:19:
a0:97:61:4e:e6:93:62:63:31:b3:ed:5c:42:91:72:
02:6d:52:5e:1c:a7:70:03:0d:62:4c:87:58:ed:07:
84:9f:80:07:67:37:8b:3e:be:2e:ab:4b:5d:ab:2a:
9f:2b:29:47:93:c4:18:ad:f5:c3:d2:e1:c3:3d:ef:
6b:64:28:50:ff:3d:9a:b3:b1:24:fe:8c:4c:d3:66:
bd:47:59:d0:87:07:1e:3d:2b:6b:ca:e4:98:b9:7e:
17:69:71:7a:1d:0b:81:28:6b:d1:18:78:0c:35:90:
9d:4d:50:80:9f:1f:bb:5a:06:5c:7c:fc:32:ff:a3:
ca:fc:9a:82:8a:91:e2:93:d7:c2:2d:fa:11:b2:20:
66:8d:d2:b2:4c:1a:99:74:0c:44:f9:18:15:ff:0f:
6e:a0:92:b7:50:9c:d1:69:c9:cf:4c:df:8c:18:1e:
37:1e:25:74:79:99:c7:28:85:2f:9e:f1:26:12:db:
75:d2:c7:46:28:cc:f8:d2:8e:17:b3:82:57:76:71:
a5:4a:07:5d:08:e6:bb:54:34:83:ad:9b:49:ae:21:
4e:54:41:f8:5b:7c:5c:0c:38:67:26:af:22:94:52:
35:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D7:80:0A:8D:F1:6A:3F:96:1C:63:86:E8:F4:A6:EF:3D:A4:4A:91
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/K9eACo3xaj-WHGOG6PSm7z2kSpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.182.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:39:16:d6:d2:a2:7d:e9:17:2f:5e:5b:c6:7c:42:40:5f:b3:
98:ef:31:8a:4a:fd:5d:84:7f:33:f7:27:f4:ef:1e:8f:66:ca:
92:92:ec:4f:ef:8a:aa:5d:14:c5:80:f1:06:09:81:e0:fa:23:
fc:d0:8b:79:f4:97:4e:fa:d0:fa:66:da:4e:16:fb:cc:a1:5f:
72:c1:37:03:6c:15:34:49:94:5a:c1:82:f7:60:06:0c:99:c8:
01:c7:32:90:a9:36:35:35:fd:15:fa:43:0f:3b:9c:c5:c9:09:
e9:27:b4:20:62:02:38:68:15:eb:13:8a:cb:13:8a:8f:79:bf:
f3:bd:14:f6:72:ea:3c:ec:0f:ed:a3:6c:24:47:85:96:99:c1:
a4:87:6d:33:2d:62:d7:84:ab:0d:1e:72:01:7a:53:56:b4:30:
c5:58:20:80:3e:af:43:03:a1:33:dc:d7:fe:9b:3f:56:f6:6b:
fd:6b:79:1e:9a:b9:2b:18:36:fd:82:64:1a:ba:e3:a7:7a:81:
70:48:6f:61:45:e1:36:fd:bc:f5:64:97:dc:82:31:44:58:33:
0d:33:ce:0d:de:50:89:99:7f:e1:97:aa:07:cf:91:30:cd:f5:
4c:0a:26:df:92:a1:3a:9c:c7:b9:86:01:19:6f:88:31:82:55:
a3:8c:5e:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1PLPC/9Ya55eMo/fGLfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjMwMTAyMDAxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQ3ODAwYThkZjE2YTNmOTYxYzYzODZlOGY0YTZlZjNkYTQ0YTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CJF/UiEZpsXhJ9oFvJnbzLuEM4n
oF3IwJ+a5xmgl2FO5pNiYzGz7VxCkXICbVJeHKdwAw1iTIdY7QeEn4AHZzeLPr4u
q0tdqyqfKylHk8QYrfXD0uHDPe9rZChQ/z2as7Ek/oxM02a9R1nQhwcePStryuSY
uX4XaXF6HQuBKGvRGHgMNZCdTVCAnx+7WgZcfPwy/6PK/JqCipHik9fCLfoRsiBm
jdKyTBqZdAxE+RgV/w9uoJK3UJzRacnPTN+MGB43HiV0eZnHKIUvnvEmEtt10sdG
KMz40o4Xs4JXdnGlSgddCOa7VDSDrZtJriFOVEH4W3xcDDhnJq8ilFI14wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvXgAqN8Wo/lhxjhuj0pu89pEqRMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvSzllQUNvM3hhai1XSEdPRzZQU203ejJrU3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw9i2MA0G
CSqGSIb3DQEBCwUAA4IBAQBMORbW0qJ96RcvXlvGfEJAX7OY7zGKSv1dhH8z9yf0
7x6PZsqSkuxP74qqXRTFgPEGCYHg+iP80It59JdO+tD6ZtpOFvvMoV9ywTcDbBU0
SZRawYL3YAYMmcgBxzKQqTY1Nf0V+kMPO5zFyQnpJ7QgYgI4aBXrE4rLE4qPeb/z
vRT2cuo87A/to2wkR4WWmcGkh20zLWLXhKsNHnIBelNWtDDFWCCAPq9DA6Ez3Nf+
mz9W9mv9a3kemrkrGDb9gmQauuOneoFwSG9hReE2/bz1ZJfcgjFEWDMNM84N3lCJ
mX/hl6oHz5EwzfVMCibfkqE6nMe5hgEZb4gxglWjjF6M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:43 2024 by rpki-client on console-ams.rpki-client.org