Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/iXh2Oy3V0N_d8xDyVBUaXE9Cr_4.roa
File: iXh2Oy3V0N_d8xDyVBUaXE9Cr_4.roa (raw, json)
Hash identifier: u27UNq5T+//GcZrYyP86lTJM9FkxgpiSiMlFTTFPKcE=
Subject key identifier: 89:78:76:3B:2D:D5:D0:DF:DD:F3:10:F2:54:15:1A:5C:4F:42:AF:FE
Certificate issuer: /CN=5643415c22e141972c0d7e76c24e88b22427b024
Certificate serial: 01856EF4240958BA9C5C87EB678B1A30F739
Authority key identifier: 56:43:41:5C:22:E1:41:97:2C:0D:7E:76:C2:4E:88:B2:24:27:B0:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VkNBXCLhQZcsDX52wk6IsiQnsCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/iXh2Oy3V0N_d8xDyVBUaXE9Cr_4.roa
Signing time: Sun 01 Jan 2023 20:09:31 +0000
ROA not before: Sun 01 Jan 2023 20:09:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8265
IP address blocks: 195.96.192.0/19 maxlen: 24
185.28.52.0/22 maxlen: 24
2a02:2888::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:24:09:58:ba:9c:5c:87:eb:67:8b:1a:30:f7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5643415c22e141972c0d7e76c24e88b22427b024
Validity
Not Before: Jan 1 20:09:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8978763b2dd5d0dfddf310f254151a5c4f42affe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:34:d5:d2:9c:5a:eb:06:97:03:15:de:58:53:
07:6a:56:03:67:1e:14:bc:5e:f5:b1:d1:bd:a9:a1:
2a:00:65:fc:09:50:68:87:3a:19:9c:88:65:48:e6:
68:3a:40:06:01:2d:b4:e0:6f:1d:30:25:b4:fe:e5:
ce:27:8b:3d:7f:22:b8:8c:30:fd:14:72:b8:14:db:
12:9b:52:d3:44:e5:0b:3b:a0:70:01:f1:55:e3:44:
84:2d:51:91:05:ad:a4:30:7a:a1:e9:ea:dd:98:54:
09:ee:9f:12:33:fb:d4:ac:f9:27:a9:02:da:f8:5c:
40:bf:3d:fc:48:af:f0:f6:db:9e:32:b5:dd:72:d5:
2a:56:21:f5:d5:17:21:ef:eb:3f:9b:93:7e:bf:c6:
5f:bf:4f:84:5c:11:46:f1:9f:37:a6:c8:65:88:97:
5d:c8:b1:ee:4b:6e:d2:f7:4c:ec:11:23:fa:35:8f:
e3:c6:0d:5a:ef:1e:53:f9:34:bb:af:12:c7:f3:78:
89:3a:3e:0e:ff:13:e9:92:5b:4e:4e:d2:39:4d:cb:
d3:98:95:da:ec:03:15:9c:ef:f8:d6:7b:f7:01:e6:
ac:3a:66:89:90:aa:0e:04:20:fd:8b:d2:e0:30:62:
a9:f1:99:ea:0b:ff:eb:83:62:ba:08:63:38:d1:ea:
22:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:78:76:3B:2D:D5:D0:DF:DD:F3:10:F2:54:15:1A:5C:4F:42:AF:FE
X509v3 Authority Key Identifier:
keyid:56:43:41:5C:22:E1:41:97:2C:0D:7E:76:C2:4E:88:B2:24:27:B0:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkNBXCLhQZcsDX52wk6IsiQnsCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/iXh2Oy3V0N_d8xDyVBUaXE9Cr_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/VkNBXCLhQZcsDX52wk6IsiQnsCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.52.0/22
195.96.192.0/19
IPv6:
2a02:2888::/32
Signature Algorithm: sha256WithRSAEncryption
2d:d9:d6:04:96:1e:e8:ba:70:90:41:b3:7e:bd:fc:c3:f7:60:
ee:3a:63:bb:ba:60:20:9a:ba:e0:ea:76:0d:0a:1a:21:87:46:
a9:83:af:2c:30:5e:94:34:2a:91:b7:b3:78:54:7d:23:7e:6a:
f5:b4:70:47:98:8b:6b:df:bc:98:2e:43:46:0a:f5:96:68:6e:
3a:e5:b0:80:5c:bc:63:0d:e4:b7:f5:a9:e5:8a:c6:36:89:e1:
40:e7:36:0c:c1:1c:59:23:da:b3:19:71:14:66:df:fc:41:bb:
bd:77:90:f8:69:13:07:44:ef:f0:4d:60:8b:33:c1:cb:31:e3:
99:c6:f9:aa:dd:af:ac:ae:64:b8:43:b8:da:2f:3d:cc:18:f3:
9a:73:68:f1:9b:c5:4b:db:70:4b:fc:23:ef:91:e8:26:1b:84:
89:c7:92:d7:d3:2f:40:37:55:9b:d1:e8:18:74:65:d8:0a:1d:
25:f5:dc:c0:13:2c:e6:30:37:72:b1:96:76:32:a0:d4:11:32:
4c:ee:7a:99:f1:73:9e:2e:5a:b3:d6:73:6a:7a:f4:f0:82:56:
e8:ff:98:25:b2:30:22:b5:d9:47:45:9f:eb:98:30:75:4e:34:
fc:12:6f:29:de:1d:98:8d:a9:fa:a9:27:a6:b4:ab:cc:0e:9e:
48:1c:02:e4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVu9CQJWLqcXIfrZ4saMPc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NDM0MTVjMjJlMTQxOTcyYzBkN2U3NmMyNGU4OGIyMjQy
N2IwMjQwHhcNMjMwMTAxMjAwOTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTc4NzYzYjJkZDVkMGRmZGRmMzEwZjI1NDE1MWE1YzRmNDJhZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzTV0pxa6waXAxXeWFMHalYDZx4U
vF71sdG9qaEqAGX8CVBohzoZnIhlSOZoOkAGAS204G8dMCW0/uXOJ4s9fyK4jDD9
FHK4FNsSm1LTROULO6BwAfFV40SELVGRBa2kMHqh6erdmFQJ7p8SM/vUrPknqQLa
+FxAvz38SK/w9tueMrXdctUqViH11Rch7+s/m5N+v8Zfv0+EXBFG8Z83pshliJdd
yLHuS27S90zsESP6NY/jxg1a7x5T+TS7rxLH83iJOj4O/xPpkltOTtI5TcvTmJXa
7AMVnO/41nv3AeasOmaJkKoOBCD9i9LgMGKp8ZnqC//rg2K6CGM40eoiswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIl4djst1dDf3fMQ8lQVGlxPQq/+MB8GA1UdIwQY
MBaAFFZDQVwi4UGXLA1+dsJOiLIkJ7AkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmtOQlhDTGhRWmNzRFg1MndrNklzaVFuc0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNGM3NGEtZTNiMi00ZTA5LTg2N2Mt
Zjk5NjdjM2FkM2U0LzEvaVhoMk95M1YwTl9kOHhEeVZCVWFYRTlDcl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iNGM3NGEtZTNiMi00ZTA5LTg2N2MtZjk5NjdjM2FkM2U0
LzEvVmtOQlhDTGhRWmNzRFg1MndrNklzaVFuc0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRw0AwQF
w2DAMA0EAgACMAcDBQAqAiiIMA0GCSqGSIb3DQEBCwUAA4IBAQAt2dYElh7ounCQ
QbN+vfzD92DuOmO7umAgmrrg6nYNChohh0apg68sMF6UNCqRt7N4VH0jfmr1tHBH
mItr37yYLkNGCvWWaG465bCAXLxjDeS39anlisY2ieFA5zYMwRxZI9qzGXEUZt/8
Qbu9d5D4aRMHRO/wTWCLM8HLMeOZxvmq3a+srmS4Q7jaLz3MGPOac2jxm8VL23BL
/CPvkegmG4SJx5LX0y9AN1Wb0egYdGXYCh0l9dzAEyzmMDdysZZ2MqDUETJM7nqZ
8XOeLlqz1nNqevTwglbo/5glsjAitdlHRZ/rmDB1TjT8Em8p3h2Yjan6qSemtKvM
Dp5IHALk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:35 2024 by rpki-client on console-fra.rpki-client.org