Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/q6s8J7oPKF30WYZssj-P3xA29Kc.roa
File: q6s8J7oPKF30WYZssj-P3xA29Kc.roa (raw, json)
Hash identifier: 5G/rZyucOxBSgEPTh+uOBQDqoOayTTbC2CG9jW8WSqw=
Subject key identifier: AB:AB:3C:27:BA:0F:28:5D:F4:59:86:6C:B2:3F:8F:DF:10:36:F4:A7
Certificate issuer: /CN=09fbb3ed2f029c4bacc6ea2c4c7f4c1cd6e80e79
Certificate serial: 018CC8704FBE5C81A1EF8A2E4BB19A7CF162
Authority key identifier: 09:FB:B3:ED:2F:02:9C:4B:AC:C6:EA:2C:4C:7F:4C:1C:D6:E8:0E:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cfuz7S8CnEusxuosTH9MHNboDnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/q6s8J7oPKF30WYZssj-P3xA29Kc.roa
Signing time: Tue 02 Jan 2024 04:30:52 +0000
ROA not before: Tue 02 Jan 2024 04:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212062
IP address blocks: 195.244.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:4f:be:5c:81:a1:ef:8a:2e:4b:b1:9a:7c:f1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fbb3ed2f029c4bacc6ea2c4c7f4c1cd6e80e79
Validity
Not Before: Jan 2 04:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abab3c27ba0f285df459866cb23f8fdf1036f4a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f2:17:b8:d6:1a:ac:26:40:49:c5:22:a5:3e:
a3:59:e3:a8:0a:f8:a0:b9:14:f9:ed:a1:bb:42:b2:
83:03:7e:dd:13:6f:e3:be:07:d3:35:cd:06:6e:76:
b1:63:d6:51:74:5f:43:9b:79:cc:11:bb:2e:ba:9b:
0e:ec:1a:d0:a1:1d:7f:ef:5b:ea:90:70:11:d5:37:
a8:a0:a1:cd:90:15:74:bf:b7:9d:c9:df:52:b3:14:
f7:45:4f:9d:34:af:f7:71:34:30:7b:3e:14:4a:c8:
58:31:46:4e:53:f9:70:13:31:99:18:f0:cf:af:7f:
6e:d0:19:1c:6b:e4:33:b9:9b:aa:1e:1b:1d:7a:c7:
4b:cd:1e:f8:f9:fe:1f:b7:8e:42:8b:3d:8c:a4:39:
30:43:bb:e0:ee:da:fc:66:96:ec:fb:57:cd:7e:52:
28:6c:ad:ac:d1:19:a1:4e:63:a6:c0:bb:c7:c8:e3:
b8:51:a3:e5:4a:56:9a:7f:8a:80:ff:6a:de:24:1e:
41:5e:0b:0c:d2:68:c0:20:dc:65:d6:ea:94:9d:ea:
7c:b5:6d:55:5b:c1:c2:78:e1:62:03:1b:8e:34:e3:
51:a5:18:31:19:92:ff:40:26:c2:70:ee:31:04:c4:
d7:98:e8:b0:23:4d:1f:02:1f:61:14:1c:25:9a:0d:
fb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AB:3C:27:BA:0F:28:5D:F4:59:86:6C:B2:3F:8F:DF:10:36:F4:A7
X509v3 Authority Key Identifier:
keyid:09:FB:B3:ED:2F:02:9C:4B:AC:C6:EA:2C:4C:7F:4C:1C:D6:E8:0E:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfuz7S8CnEusxuosTH9MHNboDnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/q6s8J7oPKF30WYZssj-P3xA29Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9d5bcf-2db9-4afa-b000-822953f8cf77/1/Cfuz7S8CnEusxuosTH9MHNboDnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.13.0/24
Signature Algorithm: sha256WithRSAEncryption
40:69:63:a6:45:64:d9:08:6a:68:e9:a6:f0:40:61:f9:53:c2:
a3:38:6e:bc:35:ec:c2:13:7a:db:54:5c:a5:d7:01:19:4c:75:
98:d9:80:aa:bf:32:d1:6e:8c:ea:b2:6b:33:2d:d2:cd:16:b2:
68:ba:cf:d9:3e:e8:12:ca:f5:81:6c:e3:0e:bd:56:17:31:02:
46:08:f1:e7:45:47:e8:1d:0e:4d:9b:0a:5d:47:2b:17:51:be:
eb:02:ad:b1:04:09:c9:f5:72:ab:4b:59:4b:e6:78:40:b0:95:
13:51:25:79:ca:66:a1:e7:de:0a:2a:69:74:4a:09:dc:bb:d4:
6b:80:13:b1:6b:ec:d3:c3:e6:2d:33:df:5e:6b:66:5c:b5:db:
f3:2a:86:0c:06:49:2c:5b:e9:8c:20:88:12:82:6c:7c:11:ab:
9a:cf:1c:a2:24:2b:8d:ee:2d:4f:57:cd:bd:f0:6c:8e:6e:cc:
b4:01:5c:68:ce:56:40:05:fa:49:d0:0e:27:c4:a2:46:2f:f7:
e8:f3:21:2c:33:15:e3:0e:e9:b9:ee:9a:d0:b4:6a:4d:52:05:
05:6e:69:83:22:cb:fb:a0:48:44:7c:4c:90:26:48:08:d1:96:
38:0e:71:75:a5:f9:04:79:1b:a9:fb:c5:9f:c5:9b:18:d0:25:
45:97:f7:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcE++XIGh74ouS7GafPFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZmJiM2VkMmYwMjljNGJhY2M2ZWEyYzRjN2Y0YzFjZDZl
ODBlNzkwHhcNMjQwMTAyMDQzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmFiM2MyN2JhMGYyODVkZjQ1OTg2NmNiMjNmOGZkZjEwMzZmNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvIXuNYarCZAScUipT6jWeOoCvig
uRT57aG7QrKDA37dE2/jvgfTNc0GbnaxY9ZRdF9Dm3nMEbsuupsO7BrQoR1/71vq
kHAR1TeooKHNkBV0v7edyd9SsxT3RU+dNK/3cTQwez4USshYMUZOU/lwEzGZGPDP
r39u0Bkca+QzuZuqHhsdesdLzR74+f4ft45Ciz2MpDkwQ7vg7tr8Zpbs+1fNflIo
bK2s0RmhTmOmwLvHyOO4UaPlSlaaf4qA/2reJB5BXgsM0mjAINxl1uqUnep8tW1V
W8HCeOFiAxuONONRpRgxGZL/QCbCcO4xBMTXmOiwI00fAh9hFBwlmg37PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKurPCe6Dyhd9FmGbLI/j98QNvSnMB8GA1UdIwQY
MBaAFAn7s+0vApxLrMbqLEx/TBzW6A55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2Z1ejdTOENuRXVzeHVvc1RIOU1ITmJvRG5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85ZDViY2YtMmRiOS00YWZhLWIwMDAt
ODIyOTUzZjhjZjc3LzEvcTZzOEo3b1BLRjMwV1lac3NqLVAzeEEyOUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85ZDViY2YtMmRiOS00YWZhLWIwMDAtODIyOTUzZjhjZjc3
LzEvQ2Z1ejdTOENuRXVzeHVvc1RIOU1ITmJvRG5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/QNMA0G
CSqGSIb3DQEBCwUAA4IBAQBAaWOmRWTZCGpo6abwQGH5U8KjOG68NezCE3rbVFyl
1wEZTHWY2YCqvzLRbozqsmszLdLNFrJous/ZPugSyvWBbOMOvVYXMQJGCPHnRUfo
HQ5NmwpdRysXUb7rAq2xBAnJ9XKrS1lL5nhAsJUTUSV5ymah594KKml0Sgncu9Rr
gBOxa+zTw+YtM99ea2ZctdvzKoYMBkksW+mMIIgSgmx8EauazxyiJCuN7i1PV829
8GyObsy0AVxozlZABfpJ0A4nxKJGL/fo8yEsMxXjDum57prQtGpNUgUFbmmDIsv7
oEhEfEyQJkgI0ZY4DnF1pfkEeRup+8WfxZsY0CVFl/fd
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:13 2025 by rpki-client