Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/cf2f87-8197-4600-a3ab-576ce4101483/1/SsIAauWvRrk-zGDlY9YYuZoptLM.roa
File: SsIAauWvRrk-zGDlY9YYuZoptLM.roa (raw, json)
Hash identifier: ON8isZHY24Ykyu3rxifWW8X+30ff1PHi6lxJTL/wTfo=
Subject key identifier: 4A:C2:00:6A:E5:AF:46:B9:3E:CC:60:E5:63:D6:18:B9:9A:29:B4:B3
Certificate issuer: /CN=95ed1b93d3bce6b6afcde9020b80167b85c68f5b
Certificate serial: 01856DB893212FB88E34A3D2247F290EA00B
Authority key identifier: 95:ED:1B:93:D3:BC:E6:B6:AF:CD:E9:02:0B:80:16:7B:85:C6:8F:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/le0bk9O85ravzekCC4AWe4XGj1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/cf2f87-8197-4600-a3ab-576ce4101483/1/SsIAauWvRrk-zGDlY9YYuZoptLM.roa
Signing time: Sun 01 Jan 2023 14:24:50 +0000
ROA not before: Sun 01 Jan 2023 14:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41634
IP address blocks: 193.239.232.0/24 maxlen: 24
195.96.151.0/24 maxlen: 24
2001:678:b30::/48 maxlen: 48
2a12:1e01::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:93:21:2f:b8:8e:34:a3:d2:24:7f:29:0e:a0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95ed1b93d3bce6b6afcde9020b80167b85c68f5b
Validity
Not Before: Jan 1 14:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ac2006ae5af46b93ecc60e563d618b99a29b4b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c5:57:59:b6:0d:57:6d:28:54:f2:68:30:0d:
2f:18:cf:8d:ef:c1:ed:ba:59:3b:9a:8e:21:01:62:
2a:c4:48:41:ac:76:a7:67:62:d4:11:69:cc:8b:e0:
f6:1b:68:00:1e:d5:df:e7:30:30:e4:40:6f:57:00:
e2:f9:f7:af:33:10:19:fc:ce:60:dc:c3:fa:05:45:
d0:4a:3b:1e:93:cf:50:3d:ff:7c:f2:c8:a0:40:1a:
c9:7b:8b:20:88:cc:7e:64:f5:83:1d:3b:fa:03:c4:
13:1f:93:9a:83:63:96:ce:de:e8:36:c1:f6:91:1e:
16:43:1b:1d:c4:15:df:24:e0:6e:34:f9:e8:96:50:
1c:c8:1e:14:d9:a7:7f:01:ef:3c:d3:c9:f7:da:f3:
7d:20:60:e9:c2:9f:a8:4b:38:01:69:9c:e7:f2:3b:
a1:40:15:5b:47:00:08:ed:cc:17:10:33:8d:8b:42:
d2:0a:c0:d8:40:d7:58:f2:c0:2a:b5:4e:6f:11:19:
a0:2c:6b:65:e5:33:25:46:e0:b0:97:a5:da:1c:29:
0b:62:3e:2d:0a:4a:59:31:21:dc:ab:44:ea:7e:bc:
c6:c0:a8:64:d7:8c:f1:64:cc:35:b4:c9:af:32:6c:
09:4d:9c:32:f7:02:9e:69:6b:fd:87:9e:e8:0f:33:
90:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C2:00:6A:E5:AF:46:B9:3E:CC:60:E5:63:D6:18:B9:9A:29:B4:B3
X509v3 Authority Key Identifier:
keyid:95:ED:1B:93:D3:BC:E6:B6:AF:CD:E9:02:0B:80:16:7B:85:C6:8F:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/le0bk9O85ravzekCC4AWe4XGj1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/cf2f87-8197-4600-a3ab-576ce4101483/1/SsIAauWvRrk-zGDlY9YYuZoptLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/cf2f87-8197-4600-a3ab-576ce4101483/1/le0bk9O85ravzekCC4AWe4XGj1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.232.0/24
195.96.151.0/24
IPv6:
2001:678:b30::/48
2a12:1e01::/32
Signature Algorithm: sha256WithRSAEncryption
72:2b:4a:e5:48:41:da:66:a4:67:4a:5c:5b:de:b2:8c:a4:b2:
ef:a8:b4:a9:4d:5f:f0:b9:8e:10:85:17:cf:01:8c:a6:d3:48:
6e:f5:ac:a7:c2:cb:d4:a5:33:9f:42:1c:1f:b0:86:07:b2:2c:
cf:83:6d:c5:b7:b4:b4:8b:80:d3:68:31:8e:6b:d5:aa:74:3e:
b5:d6:47:21:87:da:90:9f:3f:12:9d:67:b7:be:8b:1b:07:72:
75:97:5d:d9:64:8b:80:6e:ed:b8:9e:4e:cd:b3:de:e2:9f:6f:
c4:09:50:20:72:0c:48:02:1c:f7:99:74:ae:09:e5:a5:54:58:
11:e7:87:b8:77:61:01:0c:1a:fc:ee:6f:af:ff:eb:cd:f8:85:
7e:f2:90:76:fa:81:82:77:64:a2:19:5c:6b:38:61:31:06:55:
fd:a6:2a:18:28:2b:0c:d4:22:fb:b7:19:aa:fd:7e:c0:40:2e:
48:ac:1d:09:8c:11:24:01:14:07:32:ac:77:32:4d:3c:7e:e4:
84:fa:4c:af:33:df:7b:8d:b4:7b:b5:45:50:47:d8:fa:e5:ab:
cf:24:d6:af:8b:68:4d:c2:06:2b:81:3d:be:5b:b2:d7:84:ea:
1e:55:fa:20:f8:6e:dd:37:52:ea:ec:cb:f3:cb:5e:06:42:cb:
5a:5c:5e:fa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVtuJMhL7iONKPSJH8pDqALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZWQxYjkzZDNiY2U2YjZhZmNkZTkwMjBiODAxNjdiODVj
NjhmNWIwHhcNMjMwMTAxMTQyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWMyMDA2YWU1YWY0NmI5M2VjYzYwZTU2M2Q2MThiOTlhMjliNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMVXWbYNV20oVPJoMA0vGM+N78Ht
ulk7mo4hAWIqxEhBrHanZ2LUEWnMi+D2G2gAHtXf5zAw5EBvVwDi+fevMxAZ/M5g
3MP6BUXQSjsek89QPf988sigQBrJe4sgiMx+ZPWDHTv6A8QTH5Oag2OWzt7oNsH2
kR4WQxsdxBXfJOBuNPnollAcyB4U2ad/Ae8808n32vN9IGDpwp+oSzgBaZzn8juh
QBVbRwAI7cwXEDONi0LSCsDYQNdY8sAqtU5vERmgLGtl5TMlRuCwl6XaHCkLYj4t
CkpZMSHcq0TqfrzGwKhk14zxZMw1tMmvMmwJTZwy9wKeaWv9h57oDzOQkQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFErCAGrlr0a5Psxg5WPWGLmaKbSzMB8GA1UdIwQY
MBaAFJXtG5PTvOa2r83pAguAFnuFxo9bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGUwYms5Tzg1cmF2emVrQ0M0QVdlNFhHajFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9jZjJmODctODE5Ny00NjAwLWEzYWIt
NTc2Y2U0MTAxNDgzLzEvU3NJQWF1V3ZScmstekdEbFk5WVl1Wm9wdExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9jZjJmODctODE5Ny00NjAwLWEzYWItNTc2Y2U0MTAxNDgz
LzEvbGUwYms5Tzg1cmF2emVrQ0M0QVdlNFhHajFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAwe/oAwQA
w2CXMBYEAgACMBADBwAgAQZ4CzADBQAqEh4BMA0GCSqGSIb3DQEBCwUAA4IBAQBy
K0rlSEHaZqRnSlxb3rKMpLLvqLSpTV/wuY4QhRfPAYym00hu9aynwsvUpTOfQhwf
sIYHsizPg23Ft7S0i4DTaDGOa9WqdD611kchh9qQnz8SnWe3vosbB3J1l13ZZIuA
bu24nk7Ns97in2/ECVAgcgxIAhz3mXSuCeWlVFgR54e4d2EBDBr87m+v/+vN+IV+
8pB2+oGCd2SiGVxrOGExBlX9pioYKCsM1CL7txmq/X7AQC5IrB0JjBEkARQHMqx3
Mk08fuSE+kyvM997jbR7tUVQR9j65avPJNavi2hNwgYrgT2+W7LXhOoeVfog+G7d
N1Lq7Mvzy14GQstaXF76
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:09 2024 by rpki-client on console-ams.rpki-client.org