Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/1fffbb-ff24-4fab-a763-50adbeac8cb4/1/l61DfF5N-8fN0Nr_fLrlQQevDJ0.roa
File: l61DfF5N-8fN0Nr_fLrlQQevDJ0.roa (raw, json)
Hash identifier: QqjJ5Oh0M17/qewltK4zv4ouJV0CqQJqb/bsd6078fU=
Subject key identifier: 97:AD:43:7C:5E:4D:FB:C7:CD:D0:DA:FF:7C:BA:E5:41:07:AF:0C:9D
Certificate issuer: /CN=d34274c8fc397bdbc6c7585a15c83212b050221f
Certificate serial: 01856AF7F9EE8D1979E9FC723BF36B216509
Authority key identifier: D3:42:74:C8:FC:39:7B:DB:C6:C7:58:5A:15:C8:32:12:B0:50:22:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00J0yPw5e9vGx1haFcgyErBQIh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/1fffbb-ff24-4fab-a763-50adbeac8cb4/1/l61DfF5N-8fN0Nr_fLrlQQevDJ0.roa
Signing time: Sun 01 Jan 2023 01:35:14 +0000
ROA not before: Sun 01 Jan 2023 01:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8823
IP address blocks: 195.189.174.0/23 maxlen: 24
195.189.168.0/23 maxlen: 23
2a0f:53c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:f7:f9:ee:8d:19:79:e9:fc:72:3b:f3:6b:21:65:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34274c8fc397bdbc6c7585a15c83212b050221f
Validity
Not Before: Jan 1 01:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97ad437c5e4dfbc7cdd0daff7cbae54107af0c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:62:e3:59:42:f4:5e:04:8c:f4:98:73:ca:71:
67:02:19:ef:25:2b:23:1b:56:f6:c2:2c:9a:d2:d0:
d7:cc:63:10:a3:59:f4:c1:5b:fb:e4:66:5c:ad:c9:
02:eb:65:57:e5:9e:69:bd:4d:b7:85:26:62:78:19:
65:65:39:94:3a:2a:ab:47:6c:bf:50:db:dc:3c:a2:
71:8a:3a:03:7c:8f:a4:8d:fc:e2:6f:6a:5a:c9:c8:
20:f9:e6:b7:fb:e7:89:ef:9d:f4:b1:c1:2e:8f:98:
fe:75:17:c6:63:34:e4:a9:92:e4:23:63:00:d9:c9:
e1:96:04:49:92:3d:63:61:73:4c:72:9d:9d:16:63:
bf:af:0b:ec:e5:73:12:12:24:b8:e8:a2:ff:af:b4:
ac:6a:cd:3c:10:6b:ac:a5:0f:09:59:ed:a9:7b:22:
c1:c8:5c:2a:84:5e:9b:58:d4:7a:f1:5d:6d:b5:05:
d1:f3:80:36:59:66:f4:1b:51:66:2d:5a:77:0b:60:
d7:5e:0c:2c:e1:84:b6:d9:19:77:1e:b6:0c:0c:3a:
09:1e:4a:65:d1:35:4d:00:49:94:9d:17:4a:59:cc:
47:20:b4:c3:0d:dc:af:10:39:41:23:f8:b0:eb:e6:
95:61:c1:b0:38:59:b5:3e:f7:79:7a:b5:48:78:fa:
92:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AD:43:7C:5E:4D:FB:C7:CD:D0:DA:FF:7C:BA:E5:41:07:AF:0C:9D
X509v3 Authority Key Identifier:
keyid:D3:42:74:C8:FC:39:7B:DB:C6:C7:58:5A:15:C8:32:12:B0:50:22:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00J0yPw5e9vGx1haFcgyErBQIh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/1fffbb-ff24-4fab-a763-50adbeac8cb4/1/l61DfF5N-8fN0Nr_fLrlQQevDJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/1fffbb-ff24-4fab-a763-50adbeac8cb4/1/00J0yPw5e9vGx1haFcgyErBQIh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.168.0/23
195.189.174.0/23
IPv6:
2a0f:53c0::/29
Signature Algorithm: sha256WithRSAEncryption
14:9c:52:2f:2c:0e:39:a0:c7:23:21:e8:1a:ba:63:6b:b6:d8:
27:ac:7d:50:29:23:79:c4:fc:44:ee:b4:ad:8e:2b:25:63:ee:
34:c2:bb:91:6f:f6:c6:e2:3a:6f:9f:f2:41:83:e5:70:aa:02:
b8:20:8f:21:57:43:92:90:dd:e2:66:e6:bc:bc:30:aa:9c:60:
68:ee:c2:fb:9c:42:e9:5c:02:30:7c:80:29:c9:6a:3c:29:c1:
0c:0d:a2:a6:18:65:b7:23:e2:67:f0:75:7f:86:4f:38:28:52:
5b:d3:d5:d9:d1:b6:3c:db:42:bc:06:12:89:f0:b7:0d:a9:9a:
06:f3:32:fa:c9:95:8c:82:65:0e:a3:b6:1c:3d:13:c3:f7:1c:
27:5e:07:da:77:d9:98:27:02:3b:9c:77:95:5b:9a:6c:38:5f:
4d:3f:09:6c:73:2c:d1:50:0f:02:b8:54:94:38:50:46:68:61:
48:41:db:d0:ad:9e:3d:98:52:53:55:c0:31:05:4f:9d:fc:05:
27:ca:e3:93:86:59:ed:58:02:89:bd:f2:f2:6d:f3:4c:cd:cd:
71:d0:1c:71:ff:f7:e5:ad:7c:94:f0:0c:f2:03:f2:3b:f5:9d:
4e:fb:ff:88:46:90:15:8d:da:6d:bf:d7:92:6b:7e:54:6a:66:
37:7a:b0:90
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVq9/nujRl56fxyO/NrIWUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNDI3NGM4ZmMzOTdiZGJjNmM3NTg1YTE1YzgzMjEyYjA1
MDIyMWYwHhcNMjMwMTAxMDEzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2FkNDM3YzVlNGRmYmM3Y2RkMGRhZmY3Y2JhZTU0MTA3YWYwYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGLjWUL0XgSM9JhzynFnAhnvJSsj
G1b2wiya0tDXzGMQo1n0wVv75GZcrckC62VX5Z5pvU23hSZieBllZTmUOiqrR2y/
UNvcPKJxijoDfI+kjfzib2paycgg+ea3++eJ7530scEuj5j+dRfGYzTkqZLkI2MA
2cnhlgRJkj1jYXNMcp2dFmO/rwvs5XMSEiS46KL/r7Ssas08EGuspQ8JWe2peyLB
yFwqhF6bWNR68V1ttQXR84A2WWb0G1FmLVp3C2DXXgws4YS22Rl3HrYMDDoJHkpl
0TVNAEmUnRdKWcxHILTDDdyvEDlBI/iw6+aVYcGwOFm1Pvd5erVIePqSDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJetQ3xeTfvHzdDa/3y65UEHrwydMB8GA1UdIwQY
MBaAFNNCdMj8OXvbxsdYWhXIMhKwUCIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDBKMHlQdzVlOXZHeDFoYUZjZ3lFckJRSWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8xZmZmYmItZmYyNC00ZmFiLWE3NjMt
NTBhZGJlYWM4Y2I0LzEvbDYxRGZGNU4tOGZOME5yX2ZMcmxRUWV2REowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8xZmZmYmItZmYyNC00ZmFiLWE3NjMtNTBhZGJlYWM4Y2I0
LzEvMDBKMHlQdzVlOXZHeDFoYUZjZ3lFckJRSWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBw72oAwQB
w72uMA0EAgACMAcDBQMqD1PAMA0GCSqGSIb3DQEBCwUAA4IBAQAUnFIvLA45oMcj
IegaumNrttgnrH1QKSN5xPxE7rStjislY+40wruRb/bG4jpvn/JBg+VwqgK4II8h
V0OSkN3iZua8vDCqnGBo7sL7nELpXAIwfIApyWo8KcEMDaKmGGW3I+Jn8HV/hk84
KFJb09XZ0bY820K8BhKJ8LcNqZoG8zL6yZWMgmUOo7YcPRPD9xwnXgfad9mYJwI7
nHeVW5psOF9NPwlscyzRUA8CuFSUOFBGaGFIQdvQrZ49mFJTVcAxBU+d/AUnyuOT
hlntWAKJvfLybfNMzc1x0Bxx//flrXyU8AzyA/I79Z1O+/+IRpAVjdptv9eSa35U
amY3erCQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:43 2024 by rpki-client on console-ams.rpki-client.org