Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/bMAH1DPdJr41DNE3mfRSRgcgUZI.roa
File: bMAH1DPdJr41DNE3mfRSRgcgUZI.roa (raw, json)
Hash identifier: NBSSJkgTEgfvBSuuUjryfE0vTIHXYmTi4ZOc1lBkaZc=
Subject key identifier: 6C:C0:07:D4:33:DD:26:BE:35:0C:D1:37:99:F4:52:46:07:20:51:92
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018FBF7A6D0F96E40E67F9573BB0B9432563
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/bMAH1DPdJr41DNE3mfRSRgcgUZI.roa
Signing time: Tue 28 May 2024 13:53:42 +0000
ROA not before: Tue 28 May 2024 13:53:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205733
IP address blocks: 195.95.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 07:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:7a:6d:0f:96:e4:0e:67:f9:57:3b:b0:b9:43:25:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: May 28 13:53:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cc007d433dd26be350cd13799f4524607205192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c6:a0:62:46:54:b1:44:b2:60:dd:65:5d:de:
bd:de:4c:78:e5:83:ef:4e:6a:af:93:25:50:e7:1d:
06:a9:5a:cf:56:67:4c:d5:a6:6f:78:c5:ac:75:be:
71:e1:11:d4:b6:31:a8:00:33:3a:17:bd:df:73:03:
94:ff:ae:2d:50:a4:fb:03:76:1d:b8:ee:cc:f3:b8:
c1:93:99:7c:1a:c3:6b:1e:89:1a:2d:9f:d0:6e:24:
f6:36:59:a1:f6:0e:ea:53:63:93:d8:89:e7:a9:23:
aa:0c:00:6e:22:30:ff:cc:3f:b3:c9:76:5b:1b:d8:
e4:61:80:dd:ef:81:31:42:76:cc:08:e7:d6:b7:4c:
5a:f4:ba:7f:52:d6:d5:56:a0:fe:67:c5:bd:9f:1c:
f5:59:0c:64:18:9f:49:bb:6e:0b:72:f1:61:97:43:
10:0f:fd:c0:86:7b:fc:bf:7f:ea:a8:3f:48:91:25:
ae:7b:e7:a4:7f:14:d5:98:f4:c0:09:e3:a4:f2:7c:
8c:53:18:c9:27:7a:b8:df:01:a1:bb:c1:96:9f:26:
f4:8a:0b:37:b9:81:5a:34:e0:33:1b:99:7d:27:35:
67:19:2c:ec:5a:80:e9:a4:02:24:30:5f:a1:ec:51:
ed:45:e5:2c:73:ee:e7:a3:2c:c7:95:c6:1b:c4:04:
ff:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C0:07:D4:33:DD:26:BE:35:0C:D1:37:99:F4:52:46:07:20:51:92
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/bMAH1DPdJr41DNE3mfRSRgcgUZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.200.0/24
Signature Algorithm: sha256WithRSAEncryption
77:8f:9f:43:15:cf:29:dd:c9:40:24:3f:26:03:62:24:b5:7d:
cd:6a:a4:ed:f6:d8:89:9e:4d:93:cf:01:40:06:3b:ec:24:65:
39:50:54:a5:65:22:21:95:99:7d:ba:2c:8d:ff:82:88:ba:86:
48:32:59:bd:f4:7e:39:94:4e:0a:49:1f:bf:af:72:e8:85:ff:
68:b8:20:b0:f9:07:1b:7a:e6:2b:2e:ea:d0:dd:bc:ee:6f:1a:
a5:7f:75:a0:0c:d9:b8:b4:5e:bc:15:54:90:f3:f8:1d:fb:89:
cc:e8:59:8b:08:1c:94:27:a3:2c:16:1a:bf:cb:f4:0d:6c:7c:
c5:42:70:f2:e6:79:5f:45:36:72:87:5c:36:11:16:4e:f2:f1:
53:f9:55:d9:53:3e:4f:d7:48:d3:79:33:9e:e7:9a:0f:2d:0d:
0a:c4:32:f1:6e:ca:1a:48:c5:3a:f4:4d:f5:e8:20:cf:9d:33:
5c:b9:e3:cf:bf:04:8e:56:3a:e9:9e:cb:ef:e9:21:92:23:7d:
34:ee:92:74:12:d6:98:26:fa:1f:d1:1f:dd:1e:f1:a9:ff:da:
0e:f4:94:d3:bf:b8:68:a3:41:80:5e:2b:97:ba:a0:73:b2:f8:
c2:2b:5e:3a:2a:89:f0:6e:7d:dd:72:a5:b9:6c:f5:6b:39:b6:
df:fb:a4:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+/em0PluQOZ/lXO7C5QyVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjQwNTI4MTM1MzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2MwMDdkNDMzZGQyNmJlMzUwY2QxMzc5OWY0NTI0NjA3MjA1MTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcagYkZUsUSyYN1lXd693kx45YPv
TmqvkyVQ5x0GqVrPVmdM1aZveMWsdb5x4RHUtjGoADM6F73fcwOU/64tUKT7A3Yd
uO7M87jBk5l8GsNrHokaLZ/QbiT2Nlmh9g7qU2OT2InnqSOqDABuIjD/zD+zyXZb
G9jkYYDd74ExQnbMCOfWt0xa9Lp/UtbVVqD+Z8W9nxz1WQxkGJ9Ju24LcvFhl0MQ
D/3Ahnv8v3/qqD9IkSWue+ekfxTVmPTACeOk8nyMUxjJJ3q43wGhu8GWnyb0igs3
uYFaNOAzG5l9JzVnGSzsWoDppAIkMF+h7FHtReUsc+7noyzHlcYbxAT/ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzAB9Qz3Sa+NQzRN5n0UkYHIFGSMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvYk1BSDFEUGRKcjQxRE5FM21mUlNSZ2NnVVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1/IMA0G
CSqGSIb3DQEBCwUAA4IBAQB3j59DFc8p3clAJD8mA2IktX3NaqTt9tiJnk2TzwFA
BjvsJGU5UFSlZSIhlZl9uiyN/4KIuoZIMlm99H45lE4KSR+/r3Lohf9ouCCw+Qcb
euYrLurQ3bzubxqlf3WgDNm4tF68FVSQ8/gd+4nM6FmLCByUJ6MsFhq/y/QNbHzF
QnDy5nlfRTZyh1w2ERZO8vFT+VXZUz5P10jTeTOe55oPLQ0KxDLxbsoaSMU69E31
6CDPnTNcuePPvwSOVjrpnsvv6SGSI3007pJ0EtaYJvof0R/dHvGp/9oO9JTTv7ho
o0GAXiuXuqBzsvjCK146Konwbn3dcqW5bPVrObbf+6TS
-----END CERTIFICATE-----
Generated at Mon Aug 5 09:21:43 2024 by rpki-client on console-fra.rpki-client.org