Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/7a96cb-c3e0-49c6-ae34-da81f08f6001/1/pU3TAr8ROVvCB_iRU49bILZzoas.roa
File: pU3TAr8ROVvCB_iRU49bILZzoas.roa (raw, json)
Hash identifier: aIrOTyq5ElibqaetiObSxXLL+LibKJwmQIkzLTVmdGo=
Subject key identifier: A5:4D:D3:02:BF:11:39:5B:C2:07:F8:91:53:8F:5B:20:B6:73:A1:AB
Certificate issuer: /CN=5f14a4e6558bab89d36e3ba21c95e2afdd68fbea
Certificate serial: 018CC64B742F1638CF4156E8E5B65CBE8261
Authority key identifier: 5F:14:A4:E6:55:8B:AB:89:D3:6E:3B:A2:1C:95:E2:AF:DD:68:FB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XxSk5lWLq4nTbjuiHJXir91o--o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/7a96cb-c3e0-49c6-ae34-da81f08f6001/1/pU3TAr8ROVvCB_iRU49bILZzoas.roa
Signing time: Mon 01 Jan 2024 18:31:22 +0000
ROA not before: Mon 01 Jan 2024 18:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213049
IP address blocks: 195.182.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:74:2f:16:38:cf:41:56:e8:e5:b6:5c:be:82:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f14a4e6558bab89d36e3ba21c95e2afdd68fbea
Validity
Not Before: Jan 1 18:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a54dd302bf11395bc207f891538f5b20b673a1ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b9:c4:12:6a:22:ea:62:49:87:09:23:79:1b:
b8:bc:ef:e9:73:22:10:f2:0f:9f:d4:41:72:9b:c2:
7a:12:04:c4:6a:70:0f:7f:11:a1:7b:21:fb:b3:aa:
e5:62:8c:43:07:4c:bf:0a:5d:73:c9:0e:d6:85:27:
fa:71:59:2b:96:70:bf:9e:d7:79:36:ba:76:be:97:
11:f9:22:e6:eb:94:20:62:ec:dc:dc:9f:96:eb:a4:
ce:87:18:71:c2:16:f4:6a:bd:67:14:46:64:aa:58:
e0:e8:d5:8d:7b:d9:05:5e:10:a0:83:16:39:a5:64:
f0:49:a5:22:51:8b:87:0b:99:e3:d2:8c:c3:0e:28:
8d:59:ce:70:ab:c6:20:3b:d3:a4:3e:01:14:81:9b:
d4:a5:2c:a1:25:8b:5c:88:b2:d8:92:63:75:f9:0b:
e8:3b:d2:3c:f6:69:bd:24:5d:cd:ff:2c:57:5a:c4:
bc:ca:32:4b:3a:f3:14:09:c4:f7:88:5d:81:97:b8:
08:a9:e1:3e:89:db:a7:64:3a:f1:06:84:dd:5c:5c:
47:24:92:57:b4:08:5d:57:5b:aa:85:16:98:2b:59:
58:ac:3a:eb:85:24:dd:81:bf:55:d6:3c:30:28:9e:
86:e2:22:96:99:21:40:34:ce:f3:9a:ab:21:d5:0b:
3c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4D:D3:02:BF:11:39:5B:C2:07:F8:91:53:8F:5B:20:B6:73:A1:AB
X509v3 Authority Key Identifier:
keyid:5F:14:A4:E6:55:8B:AB:89:D3:6E:3B:A2:1C:95:E2:AF:DD:68:FB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XxSk5lWLq4nTbjuiHJXir91o--o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/7a96cb-c3e0-49c6-ae34-da81f08f6001/1/pU3TAr8ROVvCB_iRU49bILZzoas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/7a96cb-c3e0-49c6-ae34-da81f08f6001/1/XxSk5lWLq4nTbjuiHJXir91o--o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.50.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:a0:14:6e:7e:53:91:33:96:2d:5b:2c:e1:18:6b:91:cf:18:
c6:d4:66:6b:84:1d:5d:7e:40:57:bf:06:71:93:d4:3e:e8:dc:
6b:00:4d:9f:7f:c9:57:3b:96:aa:20:82:13:d2:3a:7e:74:cc:
6e:f8:94:9a:27:81:24:a0:5a:f4:45:4e:de:e6:94:fc:4e:1f:
16:32:55:f8:5e:89:57:9b:df:8c:8a:ad:22:3d:5f:f3:0a:15:
f1:b8:16:3f:31:68:20:76:e5:5d:f9:27:15:ff:ab:b5:2b:e2:
55:83:c2:4f:44:35:f2:fa:01:1d:1f:f4:91:79:cf:79:a9:c3:
a6:05:62:30:8f:54:18:24:da:3d:fc:cb:b1:7d:ff:2c:82:9c:
26:0f:a5:77:38:4f:95:bc:ca:ea:08:09:32:79:eb:f8:28:87:
4c:53:bb:db:14:92:cf:06:03:d6:77:89:7e:be:24:42:16:37:
a9:16:4c:0d:4d:08:38:9c:5b:8e:ed:d1:b5:26:50:42:20:e4:
63:f6:54:5a:8d:d5:f7:42:ab:d3:58:67:2c:3e:db:5d:54:80:
ac:1c:6e:f2:e4:32:a7:74:12:18:07:f9:40:2c:6a:21:a9:fe:
f7:79:23:cf:ff:2c:c0:36:af:7b:b8:ad:04:ef:c7:0c:dc:db:
8e:c6:92:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS3QvFjjPQVbo5bZcvoJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMTRhNGU2NTU4YmFiODlkMzZlM2JhMjFjOTVlMmFmZGQ2
OGZiZWEwHhcNMjQwMTAxMTgzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTRkZDMwMmJmMTEzOTViYzIwN2Y4OTE1MzhmNWIyMGI2NzNhMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LnEEmoi6mJJhwkjeRu4vO/pcyIQ
8g+f1EFym8J6EgTEanAPfxGheyH7s6rlYoxDB0y/Cl1zyQ7WhSf6cVkrlnC/ntd5
Nrp2vpcR+SLm65QgYuzc3J+W66TOhxhxwhb0ar1nFEZkqljg6NWNe9kFXhCggxY5
pWTwSaUiUYuHC5nj0ozDDiiNWc5wq8YgO9OkPgEUgZvUpSyhJYtciLLYkmN1+Qvo
O9I89mm9JF3N/yxXWsS8yjJLOvMUCcT3iF2Bl7gIqeE+idunZDrxBoTdXFxHJJJX
tAhdV1uqhRaYK1lYrDrrhSTdgb9V1jwwKJ6G4iKWmSFANM7zmqsh1Qs8BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKVN0wK/ETlbwgf4kVOPWyC2c6GrMB8GA1UdIwQY
MBaAFF8UpOZVi6uJ0247ohyV4q/daPvqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHhTazVsV0xxNG5UYmp1aUhKWGlyOTFvLS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83YTk2Y2ItYzNlMC00OWM2LWFlMzQt
ZGE4MWYwOGY2MDAxLzEvcFUzVEFyOFJPVnZDQl9pUlU0OWJJTFp6b2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83YTk2Y2ItYzNlMC00OWM2LWFlMzQtZGE4MWYwOGY2MDAx
LzEvWHhTazVsV0xxNG5UYmp1aUhKWGlyOTFvLS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7YyMA0G
CSqGSIb3DQEBCwUAA4IBAQDMoBRuflORM5YtWyzhGGuRzxjG1GZrhB1dfkBXvwZx
k9Q+6NxrAE2ff8lXO5aqIIIT0jp+dMxu+JSaJ4EkoFr0RU7e5pT8Th8WMlX4XolX
m9+Miq0iPV/zChXxuBY/MWggduVd+ScV/6u1K+JVg8JPRDXy+gEdH/SRec95qcOm
BWIwj1QYJNo9/Muxff8sgpwmD6V3OE+VvMrqCAkyeev4KIdMU7vbFJLPBgPWd4l+
viRCFjepFkwNTQg4nFuO7dG1JlBCIORj9lRajdX3QqvTWGcsPttdVICsHG7y5DKn
dBIYB/lALGohqf73eSPP/yzANq97uK0E78cM3NuOxpLb
-----END CERTIFICATE-----
Generated at Fri Jan 31 18:53:42 2025 by rpki-client