Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f090be-422b-4f2a-864f-9fca29decda8/1/yS1g4BIr1HLH3KObhSE4qpDXvds.roa
File: yS1g4BIr1HLH3KObhSE4qpDXvds.roa (raw, json)
Hash identifier: P6mAZs/t2G/RcK+YdXLdSQz6lmNAJGhKbWPsKL7YEgc=
Subject key identifier: C9:2D:60:E0:12:2B:D4:72:C7:DC:A3:9B:85:21:38:AA:90:D7:BD:DB
Certificate issuer: /CN=ae0327bf1e7b7bfbdd2f214c8ef629aa29e4d66f
Certificate serial: 018570D530B190B824B6463D9C12952A8E29
Authority key identifier: AE:03:27:BF:1E:7B:7B:FB:DD:2F:21:4C:8E:F6:29:AA:29:E4:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rgMnvx57e_vdLyFMjvYpqink1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f090be-422b-4f2a-864f-9fca29decda8/1/yS1g4BIr1HLH3KObhSE4qpDXvds.roa
Signing time: Mon 02 Jan 2023 04:54:57 +0000
ROA not before: Mon 02 Jan 2023 04:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50402
IP address blocks: 195.47.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:30:b1:90:b8:24:b6:46:3d:9c:12:95:2a:8e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae0327bf1e7b7bfbdd2f214c8ef629aa29e4d66f
Validity
Not Before: Jan 2 04:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c92d60e0122bd472c7dca39b852138aa90d7bddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:8d:bb:e4:b0:78:3e:41:4c:e4:26:b6:4f:
c2:07:71:52:99:ab:94:38:73:c0:57:e1:3f:ab:d6:
df:d9:f3:7f:e7:91:5a:64:51:08:ba:16:ed:af:d8:
13:bf:c8:2f:ce:89:f3:2b:f9:78:6b:4f:8b:4f:b6:
84:cb:07:32:e0:2e:d2:07:41:be:ab:de:07:de:8f:
8c:21:cb:72:f7:41:b9:f0:25:c8:82:84:22:36:3d:
ac:40:a7:9f:fc:32:db:f0:73:dd:5a:91:af:91:e5:
60:52:2e:01:46:3a:4f:6d:3c:db:b9:37:51:ce:32:
be:8f:9b:64:a8:b1:75:fd:a2:69:8d:ad:5d:d7:d5:
7c:fa:e0:8b:15:ac:fa:9e:d8:d6:e6:98:0e:72:d2:
bc:40:48:c3:5f:6f:25:2e:29:09:9d:fa:ee:dc:3f:
1c:63:23:a0:b4:37:9c:fd:f0:e0:1b:1e:68:c0:4f:
b2:82:a4:b0:df:ad:fc:61:81:dd:76:6f:96:2f:ea:
f2:34:55:dd:f3:0d:de:62:74:cc:86:7f:50:c1:ae:
79:93:a4:61:c4:6f:11:f6:0c:32:e9:b7:3b:84:55:
a5:48:f0:54:ea:1e:39:70:39:f7:fd:5d:8b:13:04:
58:8f:d5:8a:8f:e3:ef:74:67:77:c0:31:51:b6:21:
a6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2D:60:E0:12:2B:D4:72:C7:DC:A3:9B:85:21:38:AA:90:D7:BD:DB
X509v3 Authority Key Identifier:
keyid:AE:03:27:BF:1E:7B:7B:FB:DD:2F:21:4C:8E:F6:29:AA:29:E4:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rgMnvx57e_vdLyFMjvYpqink1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f090be-422b-4f2a-864f-9fca29decda8/1/yS1g4BIr1HLH3KObhSE4qpDXvds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f090be-422b-4f2a-864f-9fca29decda8/1/rgMnvx57e_vdLyFMjvYpqink1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.47.214.0/24
Signature Algorithm: sha256WithRSAEncryption
05:bf:ae:2f:a6:5d:d3:44:ea:fa:5b:38:f6:23:99:06:52:44:
e0:04:66:7f:60:60:48:c9:95:92:cc:74:02:ed:c9:b8:86:eb:
28:af:c6:10:f1:4d:b3:7a:8a:0b:73:b0:ca:3c:1f:e5:44:13:
f6:86:c3:b7:5d:11:87:6e:60:1f:95:ea:21:db:b1:d4:41:c6:
a5:6d:bc:85:55:b7:e3:61:f7:65:68:07:7f:69:5a:9e:5b:bf:
a8:77:20:67:43:1c:49:c7:5c:c5:1e:a1:c9:54:4a:96:ef:33:
8b:a4:25:b8:24:76:f1:ce:9f:50:7b:a1:a1:35:65:32:61:17:
24:02:c3:a6:f0:c0:84:9d:b5:70:a1:ea:e7:10:54:a4:c2:6c:
58:b3:3d:10:86:62:ad:c8:38:fe:1b:df:60:90:65:91:7b:d7:
77:dd:90:9e:c3:1c:e3:25:a3:4e:46:7a:68:dd:85:25:93:a0:
63:97:07:28:73:63:4d:6c:b5:b6:c4:e6:df:1f:b9:91:10:23:
32:5b:b4:b1:b6:ba:46:26:7e:32:ed:a9:4f:a9:07:9e:b9:7d:
21:d0:8b:2d:f7:b3:86:2a:75:1c:86:2e:11:05:d0:2f:bb:3c:
36:48:cd:a8:9e:03:fc:2c:92:6a:ab:85:07:26:7f:02:f2:66:
04:08:79:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1TCxkLgktkY9nBKVKo4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMDMyN2JmMWU3YjdiZmJkZDJmMjE0YzhlZjYyOWFhMjll
NGQ2NmYwHhcNMjMwMTAyMDQ1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJkNjBlMDEyMmJkNDcyYzdkY2EzOWI4NTIxMzhhYTkwZDdiZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl16Nu+SweD5BTOQmtk/CB3FSmauU
OHPAV+E/q9bf2fN/55FaZFEIuhbtr9gTv8gvzonzK/l4a0+LT7aEywcy4C7SB0G+
q94H3o+MIcty90G58CXIgoQiNj2sQKef/DLb8HPdWpGvkeVgUi4BRjpPbTzbuTdR
zjK+j5tkqLF1/aJpja1d19V8+uCLFaz6ntjW5pgOctK8QEjDX28lLikJnfru3D8c
YyOgtDec/fDgGx5owE+ygqSw3638YYHddm+WL+ryNFXd8w3eYnTMhn9Qwa55k6Rh
xG8R9gwy6bc7hFWlSPBU6h45cDn3/V2LEwRYj9WKj+PvdGd3wDFRtiGmMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMktYOASK9Ryx9yjm4UhOKqQ173bMB8GA1UdIwQY
MBaAFK4DJ78ee3v73S8hTI72Kaop5NZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmdNbnZ4NTdlX3ZkTHlGTWp2WXBxaW5rMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mMDkwYmUtNDIyYi00ZjJhLTg2NGYt
OWZjYTI5ZGVjZGE4LzEveVMxZzRCSXIxSExIM0tPYmhTRTRxcERYdmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mMDkwYmUtNDIyYi00ZjJhLTg2NGYtOWZjYTI5ZGVjZGE4
LzEvcmdNbnZ4NTdlX3ZkTHlGTWp2WXBxaW5rMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwy/WMA0G
CSqGSIb3DQEBCwUAA4IBAQAFv64vpl3TROr6Wzj2I5kGUkTgBGZ/YGBIyZWSzHQC
7cm4husor8YQ8U2zeooLc7DKPB/lRBP2hsO3XRGHbmAfleoh27HUQcalbbyFVbfj
YfdlaAd/aVqeW7+odyBnQxxJx1zFHqHJVEqW7zOLpCW4JHbxzp9Qe6GhNWUyYRck
AsOm8MCEnbVwoernEFSkwmxYsz0QhmKtyDj+G99gkGWRe9d33ZCewxzjJaNORnpo
3YUlk6Bjlwcoc2NNbLW2xObfH7mRECMyW7SxtrpGJn4y7alPqQeeuX0h0Ist97OG
KnUchi4RBdAvuzw2SM2ongP8LJJqq4UHJn8C8mYECHkx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:40 2024 by rpki-client on console-ams.rpki-client.org