Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/I0aXGbtHiWYD4yUV-E-PZd5ewX4.roa
File: I0aXGbtHiWYD4yUV-E-PZd5ewX4.roa (raw, json)
Hash identifier: /1b9WndZE5XQv8XstfAn8LuS2jB1lA+NQyHsPKId86U=
Subject key identifier: 23:46:97:19:BB:47:89:66:03:E3:25:15:F8:4F:8F:65:DE:5E:C1:7E
Certificate issuer: /CN=eae2653179cafe5ff6651c6058b67ad2d2c8485e
Certificate serial: 018CC5014898EF122EF0165F72BF740A5BDA
Authority key identifier: EA:E2:65:31:79:CA:FE:5F:F6:65:1C:60:58:B6:7A:D2:D2:C8:48:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6uJlMXnK_l_2ZRxgWLZ60tLISF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/I0aXGbtHiWYD4yUV-E-PZd5ewX4.roa
Signing time: Mon 01 Jan 2024 12:30:44 +0000
ROA not before: Mon 01 Jan 2024 12:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213291
IP address blocks: 195.242.16.0/20 maxlen: 24
2a13:5947::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Apr 2024 10:28:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:48:98:ef:12:2e:f0:16:5f:72:bf:74:0a:5b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eae2653179cafe5ff6651c6058b67ad2d2c8485e
Validity
Not Before: Jan 1 12:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23469719bb47896603e32515f84f8f65de5ec17e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f4:4a:00:01:3e:ed:4d:af:9b:c4:b2:52:b0:
46:50:97:64:b7:c5:5d:cb:dd:0d:8b:d3:a3:61:e1:
bd:d5:91:21:8f:8f:b5:40:c3:55:e8:ce:22:4c:d2:
15:a7:34:0c:b9:fd:bc:fa:2f:4a:a0:8a:fc:e4:3e:
bf:c0:d8:5a:57:50:db:43:e1:c9:59:0d:71:63:b0:
53:4d:f3:ea:aa:b0:6e:c2:a7:c5:b0:30:f4:5a:cb:
61:93:fd:ce:02:66:6c:a4:a1:7e:6e:36:6e:5f:b7:
d6:cf:c2:3b:d1:e7:30:67:24:ca:4c:10:84:02:ba:
cc:cd:e6:dc:cc:c8:26:4d:c9:94:98:d6:d4:aa:d9:
11:69:df:cf:7a:80:7c:48:7d:e5:c1:45:ec:7c:eb:
6d:24:f7:a5:aa:82:9f:bd:e6:6c:41:97:f9:7f:9d:
07:06:65:f3:51:f4:6f:a6:7d:4d:1f:f0:06:b1:71:
4c:77:2a:e8:61:03:11:c6:7c:83:7e:49:60:50:22:
6d:a6:d3:71:a7:92:6b:ca:a8:0e:2e:a0:d6:91:bb:
78:3d:f6:4a:f4:8d:6f:a8:cf:a0:1b:c9:c4:f9:13:
eb:65:30:65:6b:d9:4b:f6:9d:fa:e3:f0:71:49:88:
63:4f:db:db:fe:07:ec:cd:89:8b:ca:6b:05:ae:31:
4a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:46:97:19:BB:47:89:66:03:E3:25:15:F8:4F:8F:65:DE:5E:C1:7E
X509v3 Authority Key Identifier:
keyid:EA:E2:65:31:79:CA:FE:5F:F6:65:1C:60:58:B6:7A:D2:D2:C8:48:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6uJlMXnK_l_2ZRxgWLZ60tLISF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/I0aXGbtHiWYD4yUV-E-PZd5ewX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/6uJlMXnK_l_2ZRxgWLZ60tLISF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.16.0/20
IPv6:
2a13:5947::/40
Signature Algorithm: sha256WithRSAEncryption
7d:bb:72:cb:7d:c1:4e:f8:c5:2e:56:19:e4:fb:bf:4b:82:7d:
ef:6d:df:90:38:77:e9:d9:79:4d:90:ac:35:60:76:dd:c7:15:
e2:b1:94:28:99:ec:63:66:91:c3:d5:35:5f:f4:78:b6:84:94:
3e:c1:8b:4f:e7:75:a1:3f:bb:54:cb:ea:2f:0e:51:7c:df:d7:
b4:01:74:6f:65:08:c8:21:8e:d9:ed:7a:5e:01:fa:51:e2:2a:
40:eb:02:15:6e:87:4a:cd:f6:8c:18:33:7c:f5:6e:0f:ae:f5:
67:60:0f:ce:b0:51:c9:99:97:b2:63:c2:f9:09:72:8a:c7:e9:
6e:79:6e:5e:3e:bb:41:91:f7:05:d2:99:e4:eb:cf:02:60:8b:
51:07:b5:81:53:05:26:0f:2c:3c:6a:b0:48:cd:a9:f3:2b:c7:
ea:a8:b6:91:ad:be:c2:93:f1:ab:86:15:81:70:ee:6a:22:61:
21:ae:07:06:2b:ef:e8:5b:04:33:e2:65:df:cc:41:e3:b3:64:
e0:58:96:54:37:d9:df:74:ad:7f:da:31:d3:3f:d0:18:c9:6f:
75:d5:70:80:a4:c9:fa:f9:45:ce:15:a8:e2:d9:bb:00:ba:02:
fc:48:6d:b3:7a:00:cb:42:82:c2:96:2e:c3:a4:1a:ae:23:7f:
9c:1c:82:18
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzFAUiY7xIu8BZfcr90ClvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZTI2NTMxNzljYWZlNWZmNjY1MWM2MDU4YjY3YWQyZDJj
ODQ4NWUwHhcNMjQwMTAxMTIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQ2OTcxOWJiNDc4OTY2MDNlMzI1MTVmODRmOGY2NWRlNWVjMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPRKAAE+7U2vm8SyUrBGUJdkt8Vd
y90Ni9OjYeG91ZEhj4+1QMNV6M4iTNIVpzQMuf28+i9KoIr85D6/wNhaV1DbQ+HJ
WQ1xY7BTTfPqqrBuwqfFsDD0Wsthk/3OAmZspKF+bjZuX7fWz8I70ecwZyTKTBCE
ArrMzebczMgmTcmUmNbUqtkRad/PeoB8SH3lwUXsfOttJPelqoKfveZsQZf5f50H
BmXzUfRvpn1NH/AGsXFMdyroYQMRxnyDfklgUCJtptNxp5JryqgOLqDWkbt4PfZK
9I1vqM+gG8nE+RPrZTBla9lL9p364/BxSYhjT9vb/gfszYmLymsFrjFKiwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCNGlxm7R4lmA+MlFfhPj2XeXsF+MB8GA1UdIwQY
MBaAFOriZTF5yv5f9mUcYFi2etLSyEheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnVKbE1YbktfbF8yWlJ4Z1dMWjYwdExJU0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xOWU5YzUtODJlMi00MzhiLWEwZTkt
OTkyZDc5N2Y0YmJiLzEvSTBhWEdidEhpV1lENHlVVi1FLVBaZDVld1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xOWU5YzUtODJlMi00MzhiLWEwZTktOTkyZDc5N2Y0YmJi
LzEvNnVKbE1YbktfbF8yWlJ4Z1dMWjYwdExJU0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEw/IQMA4E
AgACMAgDBgAqE1lHADANBgkqhkiG9w0BAQsFAAOCAQEAfbtyy33BTvjFLlYZ5Pu/
S4J9723fkDh36dl5TZCsNWB23ccV4rGUKJnsY2aRw9U1X/R4toSUPsGLT+d1oT+7
VMvqLw5RfN/XtAF0b2UIyCGO2e16XgH6UeIqQOsCFW6HSs32jBgzfPVuD671Z2AP
zrBRyZmXsmPC+QlyisfpbnluXj67QZH3BdKZ5OvPAmCLUQe1gVMFJg8sPGqwSM2p
8yvH6qi2ka2+wpPxq4YVgXDuaiJhIa4HBivv6FsEM+Jl38xB47Nk4FiWVDfZ33St
f9ox0z/QGMlvddVwgKTJ+vlFzhWo4tm7ALoC/Ehts3oAy0KCwpYuw6QariN/nByC
GA==
-----END CERTIFICATE-----
Generated at Wed Apr 10 13:52:51 2024 by rpki-client on console-ams.rpki-client.org