Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/d56c2f-b999-40d1-adbf-9ebd2f1ab362/1/v2T3DyvjoX3LxPiCcZVDcqwdrbI.roa
File: v2T3DyvjoX3LxPiCcZVDcqwdrbI.roa (raw, json)
Hash identifier: D5JJTY9s1hnlzYxNASvz8vTxi/V+h4Tq4/kOXkOqAR8=
Subject key identifier: BF:64:F7:0F:2B:E3:A1:7D:CB:C4:F8:82:71:95:43:72:AC:1D:AD:B2
Certificate issuer: /CN=a7f09ad8aad3b3354875bbeaed05b61a54a03704
Certificate serial: 018CC34890487F21C42F4D24F85183940814
Authority key identifier: A7:F0:9A:D8:AA:D3:B3:35:48:75:BB:EA:ED:05:B6:1A:54:A0:37:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_Ca2KrTszVIdbvq7QW2GlSgNwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/d56c2f-b999-40d1-adbf-9ebd2f1ab362/1/v2T3DyvjoX3LxPiCcZVDcqwdrbI.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198572
IP address blocks: 195.200.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:90:48:7f:21:c4:2f:4d:24:f8:51:83:94:08:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7f09ad8aad3b3354875bbeaed05b61a54a03704
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf64f70f2be3a17dcbc4f88271954372ac1dadb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4d:db:9c:e9:88:0c:e5:b6:32:82:53:7b:f6:
b2:11:f1:70:88:62:41:30:d6:32:68:ea:55:61:5e:
02:23:81:ac:87:34:af:6a:af:b5:11:3e:91:d3:b9:
1a:2d:21:68:e4:5d:b9:be:10:37:9d:41:59:5a:a8:
95:ef:82:74:96:66:51:41:54:4a:45:8c:af:c9:ec:
2d:18:5b:20:52:01:9c:6e:02:65:5d:bc:bd:9f:86:
52:90:79:e0:15:d6:c0:0d:e6:b8:38:d1:c2:e0:00:
a8:7a:21:67:8c:f6:4a:28:03:46:b7:fc:83:10:79:
1b:80:32:0a:45:65:e7:a7:a1:e5:46:4d:a7:9f:db:
37:5d:9f:7f:e7:c2:3a:de:70:46:37:c8:d0:55:b7:
20:4e:a9:16:f6:9f:ab:bd:68:52:8b:32:b7:eb:ef:
58:88:52:b3:14:68:5f:d0:69:8c:97:5c:fd:7f:8e:
d4:61:b4:ba:53:b9:c7:71:a7:e2:30:da:04:cb:26:
ac:5b:7c:d8:f2:16:9d:ff:86:ae:00:75:6a:35:8c:
7d:81:c7:0b:8c:bb:7c:7b:58:74:c8:74:41:64:d0:
c0:ca:dc:9f:58:96:ac:ee:f4:07:bb:1e:96:f3:96:
f5:b7:b1:6e:85:76:dc:b5:69:ba:6c:28:6b:5d:d8:
6e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:64:F7:0F:2B:E3:A1:7D:CB:C4:F8:82:71:95:43:72:AC:1D:AD:B2
X509v3 Authority Key Identifier:
keyid:A7:F0:9A:D8:AA:D3:B3:35:48:75:BB:EA:ED:05:B6:1A:54:A0:37:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_Ca2KrTszVIdbvq7QW2GlSgNwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/d56c2f-b999-40d1-adbf-9ebd2f1ab362/1/v2T3DyvjoX3LxPiCcZVDcqwdrbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/d56c2f-b999-40d1-adbf-9ebd2f1ab362/1/p_Ca2KrTszVIdbvq7QW2GlSgNwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.200.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:1a:b4:bb:57:d7:aa:cd:09:e3:58:8d:97:27:9e:d8:32:92:
55:5a:fe:33:c3:20:02:59:31:85:78:b1:36:23:e1:fb:41:29:
7e:57:8f:b6:5a:5f:dc:f0:fd:f7:ca:ed:f0:eb:d3:eb:71:68:
02:bb:b9:1e:2b:db:5d:22:62:4b:6e:78:3d:09:41:f7:33:7e:
92:f9:c3:f6:f8:9e:3e:d7:b6:94:d1:9b:39:e8:39:82:ff:d7:
1d:b0:25:a0:4c:ab:a7:cb:77:70:b1:e9:9e:2e:b4:f8:1e:6e:
89:56:5c:93:aa:b3:93:37:54:bf:30:11:7e:13:05:11:f6:cb:
cd:83:e4:70:ba:23:f1:41:b8:1f:dc:48:ad:5a:f0:32:b1:bd:
b7:de:21:0d:0f:31:be:88:72:c2:68:af:47:74:0f:12:2b:fd:
03:1d:87:60:3e:55:e5:56:c0:04:60:ce:55:0a:a9:f5:ea:a7:
6d:d8:da:91:bf:39:b6:01:0f:49:8b:4e:b9:86:78:92:87:f7:
4e:12:a0:38:66:bb:cc:96:da:6f:d5:f2:29:d9:45:90:a1:0a:
c2:4f:5c:51:28:71:19:5f:3e:0b:3a:44:a1:5a:de:ad:f3:fd:
b2:fa:64:36:fe:3e:32:b5:2a:3b:23:f2:dc:51:19:1c:db:cf:
69:a4:60:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSJBIfyHEL00k+FGDlAgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZjA5YWQ4YWFkM2IzMzU0ODc1YmJlYWVkMDViNjFhNTRh
MDM3MDQwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjY0ZjcwZjJiZTNhMTdkY2JjNGY4ODI3MTk1NDM3MmFjMWRhZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU3bnOmIDOW2MoJTe/ayEfFwiGJB
MNYyaOpVYV4CI4GshzSvaq+1ET6R07kaLSFo5F25vhA3nUFZWqiV74J0lmZRQVRK
RYyvyewtGFsgUgGcbgJlXby9n4ZSkHngFdbADea4ONHC4ACoeiFnjPZKKANGt/yD
EHkbgDIKRWXnp6HlRk2nn9s3XZ9/58I63nBGN8jQVbcgTqkW9p+rvWhSizK36+9Y
iFKzFGhf0GmMl1z9f47UYbS6U7nHcafiMNoEyyasW3zY8had/4auAHVqNYx9gccL
jLt8e1h0yHRBZNDAytyfWJas7vQHux6W85b1t7FuhXbctWm6bChrXdhuTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9k9w8r46F9y8T4gnGVQ3KsHa2yMB8GA1UdIwQY
MBaAFKfwmtiq07M1SHW76u0FthpUoDcEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF9DYTJLclRzelZJZGJ2cTdRVzJHbFNnTndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9kNTZjMmYtYjk5OS00MGQxLWFkYmYt
OWViZDJmMWFiMzYyLzEvdjJUM0R5dmpvWDNMeFBpQ2NaVkRjcXdkcmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9kNTZjMmYtYjk5OS00MGQxLWFkYmYtOWViZDJmMWFiMzYy
LzEvcF9DYTJLclRzelZJZGJ2cTdRVzJHbFNnTndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw8jIMA0G
CSqGSIb3DQEBCwUAA4IBAQCsGrS7V9eqzQnjWI2XJ57YMpJVWv4zwyACWTGFeLE2
I+H7QSl+V4+2Wl/c8P33yu3w69PrcWgCu7keK9tdImJLbng9CUH3M36S+cP2+J4+
17aU0Zs56DmC/9cdsCWgTKuny3dwsemeLrT4Hm6JVlyTqrOTN1S/MBF+EwUR9svN
g+RwuiPxQbgf3EitWvAysb233iENDzG+iHLCaK9HdA8SK/0DHYdgPlXlVsAEYM5V
Cqn16qdt2NqRvzm2AQ9Ji065hniSh/dOEqA4ZrvMltpv1fIp2UWQoQrCT1xRKHEZ
Xz4LOkShWt6t8/2y+mQ2/j4ytSo7I/LcURkc289ppGDz
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:00 2025 by rpki-client