Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/p-bp9CXBMIkRmbX_JcIrdQ57gcw.roa
File: p-bp9CXBMIkRmbX_JcIrdQ57gcw.roa (raw, json)
Hash identifier: U6pIXMfRifWg0m1l9Qrzq9Y0mIHapHZAChqgU57QQB0=
Subject key identifier: A7:E6:E9:F4:25:C1:30:89:11:99:B5:FF:25:C2:2B:75:0E:7B:81:CC
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018A561AB15FC278A22C37AB8A7334CB92E7
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/p-bp9CXBMIkRmbX_JcIrdQ57gcw.roa
Signing time: Sat 02 Sep 2023 13:35:04 +0000
ROA not before: Sat 02 Sep 2023 13:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211432
IP address blocks: 195.95.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:56:1a:b1:5f:c2:78:a2:2c:37:ab:8a:73:34:cb:92:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Sep 2 13:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7e6e9f425c130891199b5ff25c22b750e7b81cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:86:b0:d5:a2:8c:0e:b5:d8:e6:fd:25:d1:94:
1f:eb:41:46:0e:fa:7f:04:9a:8c:29:ca:2c:be:71:
a5:dc:04:91:0f:2b:d0:06:a3:77:f6:cd:98:e1:d6:
98:d6:16:ff:45:93:cd:15:69:cc:d7:7d:21:49:a8:
8e:ad:3b:0d:3c:86:b0:4f:48:3c:e6:05:d9:cd:ec:
07:ad:64:45:88:5b:65:2e:2c:79:3f:5b:b6:27:10:
bd:b6:cc:57:14:37:5f:5f:fb:52:1d:27:e8:9b:cb:
bd:0f:1b:64:7a:aa:4b:e7:78:ec:9b:e7:4e:b3:d6:
b2:4a:d7:7d:44:aa:44:66:46:c7:1b:35:42:9c:49:
cd:ea:10:92:71:06:52:b2:31:bc:e0:bc:71:17:91:
d1:10:60:08:a8:76:82:04:23:fe:b8:52:0f:89:c6:
ee:e3:49:36:22:72:7c:f5:a4:0d:70:75:33:65:70:
94:bc:dc:9f:7f:99:ea:ce:c0:69:18:49:6f:0f:57:
ea:7b:e3:6b:30:8a:92:f3:87:5a:e5:dc:14:46:bf:
cd:d5:eb:95:96:20:77:4f:c1:99:79:fc:2c:05:2d:
96:49:20:72:7d:ef:1f:97:d4:7b:98:9b:5c:1b:d7:
7c:aa:bb:10:36:4d:e8:b9:3c:8a:2a:f3:5c:d6:9e:
af:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:E6:E9:F4:25:C1:30:89:11:99:B5:FF:25:C2:2B:75:0E:7B:81:CC
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/p-bp9CXBMIkRmbX_JcIrdQ57gcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.205.0/24
Signature Algorithm: sha256WithRSAEncryption
94:aa:84:d3:16:23:71:ec:70:f3:ce:dc:90:96:ee:bd:af:90:
a0:fd:aa:6a:2f:97:72:5b:b0:0b:e2:57:b2:36:0a:ba:29:10:
a1:5c:3a:93:47:70:e5:fe:a4:bc:4d:20:b9:18:39:10:14:9c:
00:4a:bc:18:0b:94:e2:9d:2d:30:84:20:da:3b:01:f4:17:9a:
49:6d:7b:bf:f3:2b:12:2b:9e:78:2c:e8:47:bc:2c:e0:c5:07:
c1:fe:7c:83:93:0a:b5:c0:40:87:bf:09:01:4e:fb:10:70:dc:
36:91:94:3d:a8:3a:2d:b3:65:1f:88:ec:4a:ab:ca:c1:70:2e:
58:3d:4f:5e:5b:0b:c6:91:f3:8e:dc:31:0d:27:21:0f:4f:d3:
59:7a:58:5b:96:ae:5f:6d:e1:a6:d1:3b:31:98:2c:48:bd:36:
8f:1e:70:f6:98:49:63:11:29:bb:d2:00:b9:92:7f:de:03:01:
9d:ab:fc:54:31:66:5b:5e:b0:2c:a9:ca:93:52:65:97:f0:8e:
a1:70:7b:d9:4f:53:f3:36:53:69:cd:c9:ed:23:80:6b:29:db:
53:bf:09:05:47:9b:33:3b:7f:da:ce:a3:9f:fc:00:92:36:bf:
b7:31:dd:da:ce:1e:ed:34:4f:5f:b0:14:38:33:3f:31:77:ef:
26:8f:a2:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpWGrFfwniiLDerinM0y5LnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwOTAyMTMzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2U2ZTlmNDI1YzEzMDg5MTE5OWI1ZmYyNWMyMmI3NTBlN2I4MWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4aw1aKMDrXY5v0l0ZQf60FGDvp/
BJqMKcosvnGl3ASRDyvQBqN39s2Y4daY1hb/RZPNFWnM130hSaiOrTsNPIawT0g8
5gXZzewHrWRFiFtlLix5P1u2JxC9tsxXFDdfX/tSHSfom8u9DxtkeqpL53jsm+dO
s9ayStd9RKpEZkbHGzVCnEnN6hCScQZSsjG84LxxF5HREGAIqHaCBCP+uFIPicbu
40k2InJ89aQNcHUzZXCUvNyff5nqzsBpGElvD1fqe+NrMIqS84da5dwURr/N1euV
liB3T8GZefwsBS2WSSByfe8fl9R7mJtcG9d8qrsQNk3ouTyKKvNc1p6vewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKfm6fQlwTCJEZm1/yXCK3UOe4HMMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvcC1icDlDWEJNSWtSbWJYX0pjSXJkUTU3Z2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1/NMA0G
CSqGSIb3DQEBCwUAA4IBAQCUqoTTFiNx7HDzztyQlu69r5Cg/apqL5dyW7AL4ley
Ngq6KRChXDqTR3Dl/qS8TSC5GDkQFJwASrwYC5TinS0whCDaOwH0F5pJbXu/8ysS
K554LOhHvCzgxQfB/nyDkwq1wECHvwkBTvsQcNw2kZQ9qDots2UfiOxKq8rBcC5Y
PU9eWwvGkfOO3DENJyEPT9NZelhblq5fbeGm0TsxmCxIvTaPHnD2mEljESm70gC5
kn/eAwGdq/xUMWZbXrAsqcqTUmWX8I6hcHvZT1PzNlNpzcntI4BrKdtTvwkFR5sz
O3/azqOf/ACSNr+3Md3azh7tNE9fsBQ4Mz8xd+8mj6JN
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:13 2024 by rpki-client on console-fra.rpki-client.org