Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/9LRknBUSudPOCELbT_MlIG58aTo.roa
File: 9LRknBUSudPOCELbT_MlIG58aTo.roa (raw, json)
Hash identifier: va1DNiTXSImQwX8LgK/vQ3aU1i7D87SXQN7SHc3Y+Io=
Subject key identifier: F4:B4:64:9C:15:12:B9:D3:CE:08:42:DB:4F:F3:25:20:6E:7C:69:3A
Certificate issuer: /CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Certificate serial: 018CCA2B853D432FA35C8303A65C30D586E9
Authority key identifier: 0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/9LRknBUSudPOCELbT_MlIG58aTo.roa
Signing time: Tue 02 Jan 2024 12:34:58 +0000
ROA not before: Tue 02 Jan 2024 12:34:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29182
IP address blocks: 195.140.144.0/23 maxlen: 23
195.140.146.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 07 Feb 2024 03:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:85:3d:43:2f:a3:5c:83:03:a6:5c:30:d5:86:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Validity
Not Before: Jan 2 12:34:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4b4649c1512b9d3ce0842db4ff325206e7c693a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:23:ed:72:ef:55:6d:70:68:74:af:fd:4a:1a:
8c:2d:72:b4:f9:a2:5d:90:97:79:23:00:b5:98:0c:
1b:e0:fe:14:e2:1c:6b:1d:c2:27:60:e2:52:1b:d3:
bc:3b:9e:4a:8b:e5:d1:57:80:9b:20:2f:ea:3f:54:
9d:80:bb:3c:55:6e:69:9c:26:22:6a:44:66:11:42:
a3:26:db:d6:70:a5:79:25:b8:5c:8c:c6:97:7e:bb:
f9:00:bc:13:1e:61:d1:a3:9b:e5:0e:cd:bd:27:12:
9f:e0:3b:f0:ff:59:1b:c6:9b:d9:1a:50:f9:47:5a:
1a:04:07:cc:80:a6:63:a4:81:d5:a7:be:db:a9:e6:
3b:57:27:e9:56:ef:12:fd:c9:38:b9:42:e9:07:c8:
74:31:cd:72:fd:53:ce:57:26:55:71:6d:e6:19:e8:
2d:31:5c:ad:91:a4:5e:09:e6:44:46:59:55:cd:fa:
bf:d1:2b:ea:3d:d8:eb:b1:b9:a6:64:93:e5:c0:1a:
f5:e5:92:fe:44:64:27:86:2b:e1:be:35:27:95:e4:
99:3e:2f:a5:87:30:9a:5c:d4:88:d3:8d:a4:11:0d:
4f:18:6f:e1:1b:ec:ef:8d:eb:2e:27:3c:6d:94:f1:
eb:e9:04:ca:56:9a:36:ee:58:80:62:b5:df:d0:37:
cb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B4:64:9C:15:12:B9:D3:CE:08:42:DB:4F:F3:25:20:6E:7C:69:3A
X509v3 Authority Key Identifier:
keyid:0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/9LRknBUSudPOCELbT_MlIG58aTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.140.144.0/22
Signature Algorithm: sha256WithRSAEncryption
53:85:08:59:d5:47:d7:b6:1e:7b:38:5b:53:e0:13:10:27:ae:
f3:0a:94:c8:fa:67:d9:7e:0a:e8:d7:c6:20:b1:4f:4a:a2:7f:
05:cd:f3:f7:e0:f7:f1:ee:d4:00:e4:38:c3:af:17:0f:a4:6a:
75:cf:b8:59:54:6f:bf:72:20:64:ce:e1:33:ae:4f:2a:3b:cb:
48:64:66:e9:26:e2:d2:7f:5f:1c:c5:40:b0:01:79:5f:fc:a7:
fb:84:18:28:cd:c7:43:14:95:6a:7e:b7:76:4c:7c:e1:ec:19:
19:f5:be:aa:63:24:bf:a9:3e:31:69:0a:81:93:26:0b:ef:73:
34:73:29:2a:1b:de:3a:c7:e7:01:71:8a:f6:58:9d:01:f3:48:
26:c7:6c:5a:a1:29:ac:33:ff:93:10:7a:13:88:1e:30:1f:86:
89:04:6e:d9:a7:be:3d:ea:8d:b2:c7:0c:aa:d0:82:1d:6a:b1:
cd:e0:5f:bb:22:d7:8f:39:89:84:22:a3:0a:2a:3d:e8:35:4a:
cc:29:90:15:b3:a6:24:3a:34:30:a6:d1:c2:54:b6:47:93:66:
84:f8:56:6b:ba:8c:69:0e:4e:30:a9:63:e2:af:09:4d:a3:03:
22:cc:1b:57:4a:08:92:5d:bd:6e:ca:83:dd:a7:0d:d1:64:17:
ea:35:aa:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK4U9Qy+jXIMDplww1YbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDFhNWEyYTE4MzM5NjI5Y2MxMzAzZTZkZWM4YmI2MDVk
ZGNhNjUwHhcNMjQwMTAyMTIzNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGI0NjQ5YzE1MTJiOWQzY2UwODQyZGI0ZmYzMjUyMDZlN2M2OTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCPtcu9VbXBodK/9ShqMLXK0+aJd
kJd5IwC1mAwb4P4U4hxrHcInYOJSG9O8O55Ki+XRV4CbIC/qP1SdgLs8VW5pnCYi
akRmEUKjJtvWcKV5JbhcjMaXfrv5ALwTHmHRo5vlDs29JxKf4Dvw/1kbxpvZGlD5
R1oaBAfMgKZjpIHVp77bqeY7VyfpVu8S/ck4uULpB8h0Mc1y/VPOVyZVcW3mGegt
MVytkaReCeZERllVzfq/0SvqPdjrsbmmZJPlwBr15ZL+RGQnhivhvjUnleSZPi+l
hzCaXNSI042kEQ1PGG/hG+zvjesuJzxtlPHr6QTKVpo27liAYrXf0DfLYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPS0ZJwVErnTzghC20/zJSBufGk6MB8GA1UdIwQY
MBaAFApBpaKhgzlinMEwPm3si7YF3cplMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjIt
ODBmN2ZkNmVhOWM5LzEvOUxSa25CVVN1ZFBPQ0VMYlRfTWxJRzU4YVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjItODBmN2ZkNmVhOWM5
LzEvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw4yQMA0G
CSqGSIb3DQEBCwUAA4IBAQBThQhZ1UfXth57OFtT4BMQJ67zCpTI+mfZfgro18Yg
sU9Kon8FzfP34Pfx7tQA5DjDrxcPpGp1z7hZVG+/ciBkzuEzrk8qO8tIZGbpJuLS
f18cxUCwAXlf/Kf7hBgozcdDFJVqfrd2THzh7BkZ9b6qYyS/qT4xaQqBkyYL73M0
cykqG946x+cBcYr2WJ0B80gmx2xaoSmsM/+TEHoTiB4wH4aJBG7Zp7496o2yxwyq
0IIdarHN4F+7ItePOYmEIqMKKj3oNUrMKZAVs6YkOjQwptHCVLZHk2aE+FZruoxp
Dk4wqWPirwlNowMizBtXSgiSXb1uyoPdpw3RZBfqNaqN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:00 2024 by rpki-client on console-ams.rpki-client.org