Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/yAQSR0MzmvFaABmUaYLastpNzSU.roa
File: yAQSR0MzmvFaABmUaYLastpNzSU.roa (raw, json)
Hash identifier: GnU6lQf1yECbeOLLIxGx9VHRQP0Hq7n/DkosW+kMGz0=
Subject key identifier: C8:04:12:47:43:33:9A:F1:5A:00:19:94:69:82:DA:B2:DA:4D:CD:25
Certificate issuer: /CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Certificate serial: 018571BA2508F9B03D4473703E04498564AD
Authority key identifier: 0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/yAQSR0MzmvFaABmUaYLastpNzSU.roa
Signing time: Mon 02 Jan 2023 09:05:02 +0000
ROA not before: Mon 02 Jan 2023 09:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29182
IP address blocks: 195.140.144.0/23 maxlen: 23
195.140.146.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:25:08:f9:b0:3d:44:73:70:3e:04:49:85:64:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Validity
Not Before: Jan 2 09:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c804124743339af15a0019946982dab2da4dcd25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c9:fe:0b:72:a3:72:4c:a0:49:4e:fc:f1:64:
74:23:f2:27:87:8a:0b:54:4e:82:2e:a1:81:76:d3:
e6:cb:82:98:85:06:f8:ce:9e:76:86:c8:01:73:38:
eb:68:31:94:c6:83:f0:cf:31:97:36:53:87:58:3f:
5c:bf:5f:ca:ef:5e:ba:95:11:74:cc:80:bc:35:1e:
b9:96:70:1a:24:bd:a4:22:9a:4b:14:12:65:bb:d2:
03:9f:5c:dd:2d:eb:f6:41:ff:14:26:aa:bd:04:c3:
00:43:7a:3a:9a:c9:73:f9:15:c1:3d:0c:58:d1:6a:
00:d4:1b:65:67:3b:4d:62:28:cd:bd:60:86:c0:ba:
63:d9:44:20:03:39:95:30:b2:b2:0e:79:6e:8c:43:
86:2f:47:30:ed:85:b4:1e:9f:93:cd:46:85:81:68:
23:ad:f0:64:33:b8:03:06:00:6c:03:7a:fb:0d:ae:
68:7d:ca:e3:37:3d:0a:54:ad:91:5e:ae:3b:64:f1:
79:6a:06:bc:14:fa:b4:6a:97:d3:ed:6d:46:74:cc:
b4:c9:85:cf:20:91:61:3b:7e:f4:d0:86:0c:45:e7:
20:c1:f6:89:d4:8f:bd:7c:27:9b:66:5e:e4:5a:6c:
01:b5:a6:10:c7:be:b7:2c:ab:cf:64:41:1b:40:5c:
e1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:04:12:47:43:33:9A:F1:5A:00:19:94:69:82:DA:B2:DA:4D:CD:25
X509v3 Authority Key Identifier:
keyid:0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/yAQSR0MzmvFaABmUaYLastpNzSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.140.144.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:ef:88:e4:18:9d:23:3e:18:74:8e:24:76:99:1b:7f:e4:59:
a1:b6:45:69:3d:c9:e5:82:7e:af:d0:77:c0:b9:f1:51:15:5d:
5d:91:c4:b4:f7:f5:b5:8b:3c:a8:6f:5c:0d:4d:1e:27:cd:af:
dd:38:79:51:df:71:3f:bf:01:a4:14:61:05:ea:8b:d4:8c:60:
91:cb:16:72:6d:af:52:8d:45:70:32:e2:39:82:7d:3b:19:c9:
96:fc:15:36:02:b2:96:4e:d8:7e:70:b4:e8:6a:3e:97:ee:14:
3a:f9:23:da:a2:4a:33:10:e1:96:0a:a9:1e:87:f7:38:a5:66:
43:95:df:77:9f:fd:ad:7a:a3:95:9f:41:ce:d7:5a:b2:05:b1:
20:44:de:9d:c9:bd:fc:99:3a:c5:19:70:1f:93:a0:d4:4b:5e:
a5:10:b4:6d:94:b0:e9:e3:2e:89:82:f6:1d:2d:34:47:94:38:
40:89:0c:58:73:59:2c:f2:42:f3:ce:05:10:b7:ba:f7:f9:31:
c1:07:bb:15:d0:ec:64:f6:b3:28:c2:17:43:d0:97:52:42:79:
9f:0f:45:a0:14:d8:dc:a4:58:7d:54:20:27:09:81:f2:56:7a:
a4:82:cc:19:80:42:f7:eb:ce:d7:50:49:9a:1f:d4:37:4f:dc:
89:63:7a:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxuiUI+bA9RHNwPgRJhWStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDFhNWEyYTE4MzM5NjI5Y2MxMzAzZTZkZWM4YmI2MDVk
ZGNhNjUwHhcNMjMwMTAyMDkwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODA0MTI0NzQzMzM5YWYxNWEwMDE5OTQ2OTgyZGFiMmRhNGRjZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMn+C3KjckygSU788WR0I/Inh4oL
VE6CLqGBdtPmy4KYhQb4zp52hsgBczjraDGUxoPwzzGXNlOHWD9cv1/K7166lRF0
zIC8NR65lnAaJL2kIppLFBJlu9IDn1zdLev2Qf8UJqq9BMMAQ3o6mslz+RXBPQxY
0WoA1BtlZztNYijNvWCGwLpj2UQgAzmVMLKyDnlujEOGL0cw7YW0Hp+TzUaFgWgj
rfBkM7gDBgBsA3r7Da5ofcrjNz0KVK2RXq47ZPF5aga8FPq0apfT7W1GdMy0yYXP
IJFhO3700IYMRecgwfaJ1I+9fCebZl7kWmwBtaYQx763LKvPZEEbQFzh6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgEEkdDM5rxWgAZlGmC2rLaTc0lMB8GA1UdIwQY
MBaAFApBpaKhgzlinMEwPm3si7YF3cplMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjIt
ODBmN2ZkNmVhOWM5LzEveUFRU1IwTXptdkZhQUJtVWFZTGFzdHBOelNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjItODBmN2ZkNmVhOWM5
LzEvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw4yQMA0G
CSqGSIb3DQEBCwUAA4IBAQAq74jkGJ0jPhh0jiR2mRt/5FmhtkVpPcnlgn6v0HfA
ufFRFV1dkcS09/W1izyob1wNTR4nza/dOHlR33E/vwGkFGEF6ovUjGCRyxZyba9S
jUVwMuI5gn07GcmW/BU2ArKWTth+cLToaj6X7hQ6+SPaokozEOGWCqkeh/c4pWZD
ld93n/2teqOVn0HO11qyBbEgRN6dyb38mTrFGXAfk6DUS16lELRtlLDp4y6JgvYd
LTRHlDhAiQxYc1ks8kLzzgUQt7r3+THBB7sV0Oxk9rMowhdD0JdSQnmfD0WgFNjc
pFh9VCAnCYHyVnqkgswZgEL3687XUEmaH9Q3T9yJY3qH
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:23 2024 by rpki-client on console-fra.rpki-client.org