Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/n41LDEX3U_59-OJnJ_DkHYJNF3Y.roa
File: n41LDEX3U_59-OJnJ_DkHYJNF3Y.roa (raw, json)
Hash identifier: sd7d/M1/Bhi5WdPH7E/n/SdqXOx36tQ3WiJm96auXbo=
Subject key identifier: 9F:8D:4B:0C:45:F7:53:FE:7D:F8:E2:67:27:F0:E4:1D:82:4D:17:76
Certificate issuer: /CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Certificate serial: 018B67D14F850A6E3AC26E93ED0AFA11D84D
Authority key identifier: 08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/n41LDEX3U_59-OJnJ_DkHYJNF3Y.roa
Signing time: Wed 25 Oct 2023 17:10:52 +0000
ROA not before: Wed 25 Oct 2023 17:10:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201507
IP address blocks: 195.137.221.0/24 maxlen: 24
2a13:2440:a0::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:d1:4f:85:0a:6e:3a:c2:6e:93:ed:0a:fa:11:d8:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Validity
Not Before: Oct 25 17:10:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f8d4b0c45f753fe7df8e26727f0e41d824d1776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3e:68:36:77:c2:ee:af:99:29:83:73:a9:54:
4d:36:fc:47:62:b5:b2:ad:41:34:2d:f0:35:94:bf:
23:37:08:3e:b3:ab:c0:95:a0:64:93:fa:1a:31:7b:
98:12:ce:a5:5e:df:8e:ef:c2:15:46:8a:73:de:7c:
c4:23:31:dc:06:6b:03:da:e8:f5:d4:05:3e:19:09:
68:62:c1:e5:3f:a1:96:fe:17:aa:da:5e:2e:d6:fb:
4d:03:41:20:d1:a2:2f:75:bc:14:5e:b6:9f:4e:22:
6c:83:c6:a0:c4:bf:0b:a5:33:aa:45:2b:60:56:11:
5d:0b:97:fb:a6:12:d1:4b:0e:69:7e:54:c2:c0:0c:
b0:4c:81:fb:7c:ee:f3:3e:1b:b1:be:dc:ec:49:ea:
ab:48:f5:2d:b1:45:0e:b4:a7:ae:77:d3:a4:b0:e9:
d7:49:0d:94:2a:d0:01:7f:7c:ec:70:48:4c:aa:cd:
1a:2a:95:49:7d:6f:45:1f:1c:40:2e:05:db:f5:51:
bf:59:fa:6b:53:33:5a:eb:77:35:a4:2c:41:38:f0:
cf:9a:21:cc:ae:bb:08:9f:2c:c5:fd:f3:84:69:ac:
c8:4a:47:ec:2f:85:c5:4a:d9:e7:aa:42:07:19:eb:
b1:68:a9:83:e9:67:de:32:c1:47:8e:d2:04:97:75:
2b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:8D:4B:0C:45:F7:53:FE:7D:F8:E2:67:27:F0:E4:1D:82:4D:17:76
X509v3 Authority Key Identifier:
keyid:08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/n41LDEX3U_59-OJnJ_DkHYJNF3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.221.0/24
IPv6:
2a13:2440:a0::/44
Signature Algorithm: sha256WithRSAEncryption
69:d1:3d:e1:0e:bd:81:3e:e5:fa:29:2f:57:86:78:16:b4:ff:
b5:89:0b:c0:22:89:43:16:a3:1b:6b:42:11:fb:65:e9:94:67:
cf:70:3e:13:da:9d:3d:2f:4a:52:e0:f8:36:fc:61:8d:45:20:
b9:95:d9:e3:c8:6b:4c:5a:09:af:27:a7:b8:37:68:85:48:d1:
d1:b9:27:08:fe:02:29:b8:2b:2a:f3:8f:58:46:c9:af:01:c2:
8a:63:9c:c6:c8:05:70:51:a4:21:de:4f:22:95:4c:30:71:2f:
c2:7b:ee:ea:f9:d0:1f:8f:3e:7d:10:3b:05:dc:1c:29:da:8b:
33:76:2b:5f:6a:1e:50:a3:f8:60:81:51:63:67:98:2c:73:35:
5d:80:4f:de:07:81:57:f9:cd:cd:1b:cc:a1:3d:4f:7f:68:a4:
49:c8:7d:56:a5:73:1c:07:35:f6:61:bc:fa:1f:61:0d:cb:3b:
ad:ed:f7:05:24:9a:9a:b3:f6:c1:76:2d:98:ab:b7:f9:12:02:
89:60:91:e1:9e:14:ca:0f:8b:b0:d2:79:11:4f:c9:a5:52:3b:
24:e2:38:e2:1c:3d:7e:86:6d:e7:cb:6b:c9:3e:b7:7a:1c:3a:
00:76:cd:ec:fd:6b:d0:aa:64:72:09:a6:98:fb:cb:82:69:f8:
70:19:91:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtn0U+FCm46wm6T7Qr6EdhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWM4YzdmMzM0MDUzYzhhOTBhMzQwODAwOWVmM2QzYjdh
ODJlM2QwHhcNMjMxMDI1MTcxMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjhkNGIwYzQ1Zjc1M2ZlN2RmOGUyNjcyN2YwZTQxZDgyNGQxNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj5oNnfC7q+ZKYNzqVRNNvxHYrWy
rUE0LfA1lL8jNwg+s6vAlaBkk/oaMXuYEs6lXt+O78IVRopz3nzEIzHcBmsD2uj1
1AU+GQloYsHlP6GW/heq2l4u1vtNA0Eg0aIvdbwUXrafTiJsg8agxL8LpTOqRStg
VhFdC5f7phLRSw5pflTCwAywTIH7fO7zPhuxvtzsSeqrSPUtsUUOtKeud9OksOnX
SQ2UKtABf3zscEhMqs0aKpVJfW9FHxxALgXb9VG/WfprUzNa63c1pCxBOPDPmiHM
rrsInyzF/fOEaazISkfsL4XFStnnqkIHGeuxaKmD6WfeMsFHjtIEl3UrqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ+NSwxF91P+ffjiZyfw5B2CTRd2MB8GA1UdIwQY
MBaAFAicjH8zQFPIqQo0CACe89O3qC49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYt
NmY3MDA5YmVlOTE1LzEvbjQxTERFWDNVXzU5LU9KbkpfRGtIWUpORjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYtNmY3MDA5YmVlOTE1
LzEvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw4ndMA8E
AgACMAkDBwQqEyRAAKAwDQYJKoZIhvcNAQELBQADggEBAGnRPeEOvYE+5fopL1eG
eBa0/7WJC8AiiUMWoxtrQhH7ZemUZ89wPhPanT0vSlLg+Db8YY1FILmV2ePIa0xa
Ca8np7g3aIVI0dG5Jwj+Aim4Kyrzj1hGya8BwopjnMbIBXBRpCHeTyKVTDBxL8J7
7ur50B+PPn0QOwXcHCnaizN2K19qHlCj+GCBUWNnmCxzNV2AT94HgVf5zc0bzKE9
T39opEnIfValcxwHNfZhvPofYQ3LO63t9wUkmpqz9sF2LZirt/kSAolgkeGeFMoP
i7DSeRFPyaVSOyTiOOIcPX6GbefLa8k+t3ocOgB2zez9a9CqZHIJppj7y4Jp+HAZ
kUA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:47 2024 by rpki-client on console-fra.rpki-client.org