Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9c61ba-c746-4fce-a9c9-72762b57062f/1/o43c5U9atkmtzr3joiANVYR2diw.roa
File: o43c5U9atkmtzr3joiANVYR2diw.roa (raw, json)
Hash identifier: Ao9T9oUV39kqoJIE3HWTIux4OWmpa4MFN83237aI/Z0=
Subject key identifier: A3:8D:DC:E5:4F:5A:B6:49:AD:CE:BD:E3:A2:20:0D:55:84:76:76:2C
Certificate issuer: /CN=e996d2cb3947787f15e19bacb1e3369c19f3ec94
Certificate serial: 018BDDCDEA12D5B24372B6598C02BDA6AD1E
Authority key identifier: E9:96:D2:CB:39:47:78:7F:15:E1:9B:AC:B1:E3:36:9C:19:F3:EC:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ZbSyzlHeH8V4ZusseM2nBnz7JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9c61ba-c746-4fce-a9c9-72762b57062f/1/o43c5U9atkmtzr3joiANVYR2diw.roa
Signing time: Fri 17 Nov 2023 15:02:21 +0000
ROA not before: Fri 17 Nov 2023 15:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197515
IP address blocks: 185.195.192.0/22 maxlen: 24
2a13:3900::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:cd:ea:12:d5:b2:43:72:b6:59:8c:02:bd:a6:ad:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e996d2cb3947787f15e19bacb1e3369c19f3ec94
Validity
Not Before: Nov 17 15:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a38ddce54f5ab649adcebde3a2200d558476762c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8c:d0:c5:2e:29:c3:b7:59:cd:56:ed:f7:ca:
f7:d5:cc:21:77:f6:d2:73:6e:43:c7:98:6a:8d:99:
09:f9:8e:06:20:21:e0:19:a6:dc:d3:31:b9:cd:25:
29:19:d1:a4:a1:ee:24:d5:3f:2a:f8:f3:65:70:93:
18:e6:94:75:5f:78:8c:83:03:89:83:ed:88:6a:76:
8c:3a:95:df:83:32:dd:d0:ab:de:88:85:8e:de:a0:
f7:71:10:fa:4d:d0:06:24:30:24:89:3e:cd:91:ed:
fa:d5:23:fa:d3:77:02:32:c7:09:3c:d4:d1:53:2f:
8a:ec:67:47:63:dc:c6:72:d8:56:72:06:4a:84:18:
5c:83:3c:d0:bd:92:f5:a8:b4:9e:64:50:ca:74:08:
f0:5d:55:9c:84:aa:a6:e3:15:05:d4:fc:79:5a:24:
0d:6a:84:57:01:36:8e:2b:07:9e:49:b4:c3:9f:f2:
c0:8a:70:7a:cd:c0:96:3f:fc:bf:61:67:13:05:28:
96:41:84:a0:67:4e:47:53:fe:70:ab:82:f3:33:68:
5d:97:d3:3c:ff:25:a2:34:d0:44:3d:4c:ef:a1:10:
2d:68:6f:c6:d9:9f:e6:b9:aa:de:4b:85:18:c9:52:
13:03:7f:f9:14:2b:64:50:f1:31:1e:2d:c7:3a:91:
46:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8D:DC:E5:4F:5A:B6:49:AD:CE:BD:E3:A2:20:0D:55:84:76:76:2C
X509v3 Authority Key Identifier:
keyid:E9:96:D2:CB:39:47:78:7F:15:E1:9B:AC:B1:E3:36:9C:19:F3:EC:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ZbSyzlHeH8V4ZusseM2nBnz7JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9c61ba-c746-4fce-a9c9-72762b57062f/1/o43c5U9atkmtzr3joiANVYR2diw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9c61ba-c746-4fce-a9c9-72762b57062f/1/6ZbSyzlHeH8V4ZusseM2nBnz7JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.192.0/22
IPv6:
2a13:3900::/29
Signature Algorithm: sha256WithRSAEncryption
25:cb:09:c3:bf:48:47:8a:2d:29:a4:59:9b:d3:31:07:f6:c7:
a7:47:24:80:aa:e6:b2:42:61:29:4e:df:f5:4e:a0:fb:e2:a2:
d9:9c:a9:21:bf:ff:bd:5b:0f:c0:f9:a5:89:72:70:fd:d0:99:
10:b5:45:89:b9:cb:0d:67:1b:2a:58:02:e8:0a:d4:b4:7e:e2:
f2:cf:35:a1:c0:77:b4:f0:7d:e9:5c:81:c2:21:ab:bc:38:cc:
56:21:9e:5d:8d:4e:f9:49:d2:e5:a7:75:47:3d:e5:aa:f5:ea:
be:f3:e3:c9:08:8d:4e:9a:26:c7:82:dc:4e:98:93:9c:87:21:
5e:78:10:fe:d8:2c:c2:32:43:f9:f7:47:58:d6:98:b8:bd:65:
24:ac:de:a8:53:4c:0e:10:97:d2:c0:99:1d:ec:f0:15:c0:1a:
0f:29:0a:fb:25:8b:54:e6:d3:27:a1:ab:c0:9c:61:2a:4b:8f:
bd:24:5b:40:d8:cb:c1:e7:0a:78:f6:75:4d:9f:15:22:5a:e4:
30:51:85:12:12:33:3d:81:59:7f:6f:55:a9:d4:8f:4b:b6:48:
49:1f:8b:6d:51:d1:07:b1:e0:a6:69:d7:d0:a8:69:48:ca:c5:
d1:73:26:7c:5c:f7:06:3c:cb:9b:24:70:c1:55:37:ec:51:35:
24:dd:fe:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYvdzeoS1bJDcrZZjAK9pq0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5OTZkMmNiMzk0Nzc4N2YxNWUxOWJhY2IxZTMzNjljMTlm
M2VjOTQwHhcNMjMxMTE3MTUwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhkZGNlNTRmNWFiNjQ5YWRjZWJkZTNhMjIwMGQ1NTg0NzY3NjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4zQxS4pw7dZzVbt98r31cwhd/bS
c25Dx5hqjZkJ+Y4GICHgGabc0zG5zSUpGdGkoe4k1T8q+PNlcJMY5pR1X3iMgwOJ
g+2IanaMOpXfgzLd0KveiIWO3qD3cRD6TdAGJDAkiT7Nke361SP603cCMscJPNTR
Uy+K7GdHY9zGcthWcgZKhBhcgzzQvZL1qLSeZFDKdAjwXVWchKqm4xUF1Px5WiQN
aoRXATaOKweeSbTDn/LAinB6zcCWP/y/YWcTBSiWQYSgZ05HU/5wq4LzM2hdl9M8
/yWiNNBEPUzvoRAtaG/G2Z/muareS4UYyVITA3/5FCtkUPExHi3HOpFGvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKON3OVPWrZJrc6946IgDVWEdnYsMB8GA1UdIwQY
MBaAFOmW0ss5R3h/FeGbrLHjNpwZ8+yUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlpiU3l6bEhlSDhWNFp1c3NlTTJuQm56N0pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85YzYxYmEtYzc0Ni00ZmNlLWE5Yzkt
NzI3NjJiNTcwNjJmLzEvbzQzYzVVOWF0a210enIzam9pQU5WWVIyZGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85YzYxYmEtYzc0Ni00ZmNlLWE5YzktNzI3NjJiNTcwNjJm
LzEvNlpiU3l6bEhlSDhWNFp1c3NlTTJuQm56N0pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucPAMA0E
AgACMAcDBQMqEzkAMA0GCSqGSIb3DQEBCwUAA4IBAQAlywnDv0hHii0ppFmb0zEH
9senRySAquayQmEpTt/1TqD74qLZnKkhv/+9Ww/A+aWJcnD90JkQtUWJucsNZxsq
WALoCtS0fuLyzzWhwHe08H3pXIHCIau8OMxWIZ5djU75SdLlp3VHPeWq9eq+8+PJ
CI1OmibHgtxOmJOchyFeeBD+2CzCMkP590dY1pi4vWUkrN6oU0wOEJfSwJkd7PAV
wBoPKQr7JYtU5tMnoavAnGEqS4+9JFtA2MvB5wp49nVNnxUiWuQwUYUSEjM9gVl/
b1Wp1I9LtkhJH4ttUdEHseCmadfQqGlIysXRcyZ8XPcGPMubJHDBVTfsUTUk3f6/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:50 2024 by rpki-client on console-ams.rpki-client.org