Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/AST4lVqFK-ascuVwnrVKH6Sc_hU.roa
File: AST4lVqFK-ascuVwnrVKH6Sc_hU.roa (raw, json)
Hash identifier: TLAlbDbrXUN9uqI212dV75phdKQqO2pfNrTqBpZnNFM=
Subject key identifier: 01:24:F8:95:5A:85:2B:E6:AC:72:E5:70:9E:B5:4A:1F:A4:9C:FE:15
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 0188CD97E799684C8DB5D0B3E2E5E0CCC16E
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/AST4lVqFK-ascuVwnrVKH6Sc_hU.roa
Signing time: Sun 18 Jun 2023 08:21:04 +0000
ROA not before: Sun 18 Jun 2023 08:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212939
IP address blocks: 195.238.247.0/24 maxlen: 24
195.238.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 08:57:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:cd:97:e7:99:68:4c:8d:b5:d0:b3:e2:e5:e0:cc:c1:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jun 18 08:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0124f8955a852be6ac72e5709eb54a1fa49cfe15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:59:0c:27:11:1f:b7:df:7c:72:89:0f:89:
4a:28:a1:10:00:8a:cf:8f:42:d0:7e:09:af:a3:8e:
19:b5:41:6e:d5:2f:f4:96:a9:fe:fc:e2:72:db:8b:
05:34:4d:c5:ec:3b:c9:45:b4:92:a2:cb:2e:cb:44:
27:b4:34:5b:fc:d1:8a:59:f3:7b:79:84:f1:63:25:
0f:20:cd:a7:89:e8:4d:a2:a0:4a:d1:df:3c:fa:3f:
1b:ef:97:52:00:8d:aa:24:7f:44:e6:52:3b:4f:8c:
90:1b:9f:bd:e7:9f:6b:1b:ed:f5:89:e2:31:11:f3:
5a:65:1b:31:11:3b:6a:2e:12:6c:22:9e:5a:69:0d:
df:9f:e2:87:bd:44:9e:85:1a:1c:98:ff:87:7a:fa:
cf:2f:82:84:46:40:15:a1:1e:4d:f4:08:fc:df:54:
79:16:da:cb:cf:3c:ac:e2:1b:91:5f:00:65:a9:48:
60:5e:b5:fa:69:43:44:76:87:f1:92:93:68:30:43:
88:fd:9c:2d:8e:08:7a:43:c8:3e:98:aa:01:ea:30:
25:6b:69:4e:b2:5d:ef:2d:86:be:86:32:4d:df:58:
3b:6a:a5:4b:dd:df:a9:bc:0c:e9:cb:72:f4:44:4c:
dd:aa:3d:ec:25:97:28:55:b5:1c:80:2f:c2:d0:7d:
1b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:24:F8:95:5A:85:2B:E6:AC:72:E5:70:9E:B5:4A:1F:A4:9C:FE:15
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/AST4lVqFK-ascuVwnrVKH6Sc_hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.231.0/24
195.238.247.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:55:4b:02:97:39:98:0a:ed:6b:02:15:e2:fd:2b:5b:24:cb:
1b:1f:56:e8:61:43:a3:46:93:c7:cb:49:5f:7f:b1:dd:e8:18:
92:29:a8:0b:d4:eb:7c:7b:cb:63:a5:23:83:25:6a:db:90:c5:
55:03:b9:d9:af:63:3f:fd:70:3a:fa:68:2f:51:c9:dc:ce:d0:
0b:61:10:80:b6:96:30:69:e5:9c:11:f6:b1:f2:cd:8e:f1:da:
02:36:bf:b3:8f:a1:91:bd:3e:d8:3f:1b:38:81:5b:f6:98:33:
e2:bd:cf:bf:90:22:70:89:1d:92:ca:ae:dd:6c:3d:5d:8e:53:
60:82:59:a5:d8:ae:a9:f4:07:05:1e:27:fa:76:36:fe:a7:61:
a7:a3:e4:b4:74:00:5b:96:7a:b8:e8:ad:c5:ad:46:be:b2:b6:
67:14:92:03:e6:80:d9:35:00:bd:f0:4d:a5:a8:4f:cd:2b:21:
aa:b4:15:10:01:60:f3:ce:79:3d:56:31:dd:e0:43:58:f3:8a:
a3:8f:0b:ad:24:91:b0:86:ba:d2:70:af:fe:a4:e3:e9:5a:32:
b6:84:1d:6f:19:59:84:ca:b0:d0:fe:b0:e8:63:26:e5:57:8c:
68:f5:e3:6c:2b:22:2f:43:15:ce:fd:2e:ba:49:04:e7:5d:ac:
a2:0d:9c:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjNl+eZaEyNtdCz4uXgzMFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjMwNjE4MDgyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTI0Zjg5NTVhODUyYmU2YWM3MmU1NzA5ZWI1NGExZmE0OWNmZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7dZDCcRH7fffHKJD4lKKKEQAIrP
j0LQfgmvo44ZtUFu1S/0lqn+/OJy24sFNE3F7DvJRbSSossuy0QntDRb/NGKWfN7
eYTxYyUPIM2niehNoqBK0d88+j8b75dSAI2qJH9E5lI7T4yQG5+9559rG+31ieIx
EfNaZRsxETtqLhJsIp5aaQ3fn+KHvUSehRocmP+HevrPL4KERkAVoR5N9Aj831R5
FtrLzzys4huRXwBlqUhgXrX6aUNEdofxkpNoMEOI/Zwtjgh6Q8g+mKoB6jAla2lO
sl3vLYa+hjJN31g7aqVL3d+pvAzpy3L0REzdqj3sJZcoVbUcgC/C0H0bbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAEk+JVahSvmrHLlcJ61Sh+knP4VMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvQVNUNGxWcUZLLWFzY3VWd25yVktINlNjX2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw+7nAwQA
w+73MA0GCSqGSIb3DQEBCwUAA4IBAQCiVUsClzmYCu1rAhXi/StbJMsbH1boYUOj
RpPHy0lff7Hd6BiSKagL1Ot8e8tjpSODJWrbkMVVA7nZr2M//XA6+mgvUcncztAL
YRCAtpYwaeWcEfax8s2O8doCNr+zj6GRvT7YPxs4gVv2mDPivc+/kCJwiR2Syq7d
bD1djlNgglml2K6p9AcFHif6djb+p2Gno+S0dABblnq46K3FrUa+srZnFJID5oDZ
NQC98E2lqE/NKyGqtBUQAWDzznk9VjHd4ENY84qjjwutJJGwhrrScK/+pOPpWjK2
hB1vGVmEyrDQ/rDoYyblV4xo9eNsKyIvQxXO/S66SQTnXayiDZyH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:05 2024 by rpki-client on console-fra.rpki-client.org