Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/9WsJZfkS2BvOuxQu3cT_yFgCKSY.roa
File: 9WsJZfkS2BvOuxQu3cT_yFgCKSY.roa (raw, json)
Hash identifier: 4exrobWzdrxObpLrifn+2qzMPCzFSpEDLU4H4wsncFs=
Subject key identifier: F5:6B:09:65:F9:12:D8:1B:CE:BB:14:2E:DD:C4:FF:C8:58:02:29:26
Certificate issuer: /CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Certificate serial: 018CF20237B1BBBD71F03A9281147EAAF757
Authority key identifier: 5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/9WsJZfkS2BvOuxQu3cT_yFgCKSY.roa
Signing time: Wed 10 Jan 2024 06:14:40 +0000
ROA not before: Wed 10 Jan 2024 06:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198610
IP address blocks: 195.135.237.0/24 maxlen: 24
195.135.238.0/24 maxlen: 24
195.135.239.0/24 maxlen: 24
195.135.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 12:41:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:02:37:b1:bb:bd:71:f0:3a:92:81:14:7e:aa:f7:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Validity
Not Before: Jan 10 06:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f56b0965f912d81bcebb142eddc4ffc858022926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:41:58:88:55:16:05:87:15:ad:d2:36:af:2e:
35:eb:37:7e:30:43:42:63:dc:80:a1:ef:57:19:99:
6b:a7:be:e1:11:5f:61:c6:b3:92:5b:7b:97:50:d8:
4a:c1:de:99:f3:06:2d:9f:3e:2e:0d:6f:24:83:f0:
db:27:85:7f:11:c2:d4:c9:7c:6f:99:b5:56:38:e2:
ee:51:a8:3c:ab:7a:68:de:d8:de:ce:e1:18:91:9e:
5e:39:ef:44:e5:81:44:86:08:da:22:1f:35:b5:a4:
32:92:52:d8:99:0c:c1:14:47:de:7c:79:b1:02:8b:
27:f1:ea:2c:5f:c8:30:d2:aa:ce:3b:16:33:d0:32:
0a:be:03:bb:f4:2f:f7:d9:ca:b0:3e:13:9e:db:58:
48:11:c6:e9:de:ec:0c:d3:fb:72:01:64:4a:4a:a8:
75:d8:d2:b7:0f:95:3c:37:a0:be:24:5f:ef:93:e3:
94:53:46:c4:76:db:d4:c5:70:47:90:67:00:f6:6d:
fb:8b:fc:50:3c:9f:58:86:1f:3c:87:1c:d8:62:97:
f8:e4:67:74:b6:04:ac:fb:13:98:12:a8:35:a9:6e:
72:12:bf:bd:74:78:04:3b:94:4a:81:8d:2f:f1:91:
0c:91:cc:dd:38:e4:98:6a:c3:b8:15:38:6d:bc:cc:
af:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:6B:09:65:F9:12:D8:1B:CE:BB:14:2E:DD:C4:FF:C8:58:02:29:26
X509v3 Authority Key Identifier:
keyid:5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/9WsJZfkS2BvOuxQu3cT_yFgCKSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.135.236.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:da:51:b5:d3:a4:7a:18:97:e5:96:b2:85:3b:5c:1e:8d:49:
76:88:06:e0:f1:b0:1b:c0:b5:0b:68:ec:69:ac:6b:1b:2a:43:
2a:83:34:19:bc:c1:77:9c:f9:b0:ef:bd:08:01:e4:f0:ce:c8:
3e:67:94:67:41:9c:6d:d7:f9:d0:87:ba:ea:c0:34:24:39:07:
89:94:f3:8a:45:05:e7:8e:c7:56:c0:53:d3:7d:ac:c3:c2:e3:
f6:e4:09:b9:ea:51:f7:13:a8:4c:9c:10:92:28:37:2c:dd:02:
dd:20:0c:7c:2c:ce:66:a6:be:22:09:5b:6a:0f:a0:64:b5:ff:
fd:ee:9e:70:3a:9d:7c:4a:92:97:d2:17:5a:70:65:e1:23:da:
df:4c:ad:ad:91:ec:51:df:12:49:af:a1:62:e5:90:00:b3:37:
10:80:bd:b2:5c:c0:7d:5f:66:fe:a2:b4:5a:82:bb:cf:05:a9:
78:19:a9:0b:06:fc:44:fe:72:8d:1d:23:e1:89:1b:40:d1:ec:
1d:30:fd:58:39:fd:ee:9c:3c:3b:be:3f:2a:07:fc:15:de:14:
19:87:ae:49:de:2e:a3:73:55:a8:bb:77:93:15:5c:33:d7:03:
a0:d4:7f:d8:96:58:4e:9d:15:9c:9b:76:73:7b:96:96:01:bd:
c9:8e:ed:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzyAjexu71x8DqSgRR+qvdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzYyNDVjYTgyMDg5OWQ3ZWI0MTQwMzAyYzIxMDQxYjVk
YmNhMDYwHhcNMjQwMTEwMDYxNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTZiMDk2NWY5MTJkODFiY2ViYjE0MmVkZGM0ZmZjODU4MDIyOTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEFYiFUWBYcVrdI2ry416zd+MENC
Y9yAoe9XGZlrp77hEV9hxrOSW3uXUNhKwd6Z8wYtnz4uDW8kg/DbJ4V/EcLUyXxv
mbVWOOLuUag8q3po3tjezuEYkZ5eOe9E5YFEhgjaIh81taQyklLYmQzBFEfefHmx
Aosn8eosX8gw0qrOOxYz0DIKvgO79C/32cqwPhOe21hIEcbp3uwM0/tyAWRKSqh1
2NK3D5U8N6C+JF/vk+OUU0bEdtvUxXBHkGcA9m37i/xQPJ9Yhh88hxzYYpf45Gd0
tgSs+xOYEqg1qW5yEr+9dHgEO5RKgY0v8ZEMkczdOOSYasO4FThtvMyv3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPVrCWX5EtgbzrsULt3E/8hYAikmMB8GA1UdIwQY
MBaAFF3GJFyoIImdfrQUAwLCEEG128oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDkt
MDc0ZWQ3MGI0NjczLzEvOVdzSlpma1MyQnZPdXhRdTNjVF95RmdDS1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDktMDc0ZWQ3MGI0Njcz
LzEvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw4fsMA0G
CSqGSIb3DQEBCwUAA4IBAQDH2lG106R6GJfllrKFO1wejUl2iAbg8bAbwLULaOxp
rGsbKkMqgzQZvMF3nPmw770IAeTwzsg+Z5RnQZxt1/nQh7rqwDQkOQeJlPOKRQXn
jsdWwFPTfazDwuP25Am56lH3E6hMnBCSKDcs3QLdIAx8LM5mpr4iCVtqD6Bktf/9
7p5wOp18SpKX0hdacGXhI9rfTK2tkexR3xJJr6Fi5ZAAszcQgL2yXMB9X2b+orRa
grvPBal4GakLBvxE/nKNHSPhiRtA0ewdMP1YOf3unDw7vj8qB/wV3hQZh65J3i6j
c1Wou3eTFVwz1wOg1H/YllhOnRWcm3Zze5aWAb3Jju06
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:04 2024 by rpki-client on console-fra.rpki-client.org