Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/gI_qAlH6um-t-EAz7PFCXAqoo7w.roa
File: gI_qAlH6um-t-EAz7PFCXAqoo7w.roa (raw, json)
Hash identifier: /Pxer+53SeSmlrsT+1GouAlL9AlOlICm2xm9jJCZxaw=
Subject key identifier: 80:8F:EA:02:51:FA:BA:6F:AD:F8:40:33:EC:F1:42:5C:0A:A8:A3:BC
Certificate issuer: /CN=0c6859feba7834c9322b7c6f6bd81bd3bef5ce51
Certificate serial: 018F58707858818ED417271BA298F4F527E1
Authority key identifier: 0C:68:59:FE:BA:78:34:C9:32:2B:7C:6F:6B:D8:1B:D3:BE:F5:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/gI_qAlH6um-t-EAz7PFCXAqoo7w.roa
Signing time: Wed 08 May 2024 13:41:56 +0000
ROA not before: Wed 08 May 2024 13:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215371
IP address blocks: 195.140.196.0/22 maxlen: 22
195.149.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 11:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:70:78:58:81:8e:d4:17:27:1b:a2:98:f4:f5:27:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c6859feba7834c9322b7c6f6bd81bd3bef5ce51
Validity
Not Before: May 8 13:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=808fea0251faba6fadf84033ecf1425c0aa8a3bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:77:88:64:26:e4:52:ce:d8:2d:8c:4c:b1:55:
28:93:7b:34:9e:a7:46:79:01:ee:c2:4c:93:dd:eb:
96:4c:3d:ed:9b:3d:64:0a:eb:94:a4:a6:a8:68:0b:
d3:02:b9:bc:22:6f:bf:f9:6c:9a:38:46:3f:6c:a3:
29:fa:55:a6:77:e3:21:e2:8d:e0:01:78:78:34:a4:
ef:58:39:6c:35:b8:a9:4a:7b:83:61:b5:d5:f1:39:
a4:2b:1a:85:bb:e8:dc:1c:6f:73:5d:69:e8:6c:89:
31:66:4b:d8:97:51:a4:8d:32:ec:b4:ed:03:0e:28:
44:7f:71:54:90:7e:97:35:bc:c6:33:06:81:98:f3:
fd:1c:30:0e:c9:e5:a2:11:ae:cc:fa:0f:a8:07:7a:
3c:73:69:60:43:2c:91:b1:cf:09:d0:30:c2:89:46:
be:45:ab:71:4d:8d:4c:42:8a:3c:8d:1d:a0:ab:b7:
de:c6:5e:6a:16:d1:82:4e:40:37:cd:82:bc:74:47:
1f:b4:31:72:10:c5:14:0d:09:a3:22:e1:d9:f1:c3:
f8:3f:c2:cc:6e:e6:ec:54:f5:4c:ba:46:36:2e:0b:
ce:8c:08:2b:56:47:85:57:81:48:d2:20:c5:3b:76:
a7:f5:b4:47:0f:fd:2e:27:8e:35:8f:c4:87:e3:26:
67:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:8F:EA:02:51:FA:BA:6F:AD:F8:40:33:EC:F1:42:5C:0A:A8:A3:BC
X509v3 Authority Key Identifier:
keyid:0C:68:59:FE:BA:78:34:C9:32:2B:7C:6F:6B:D8:1B:D3:BE:F5:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/gI_qAlH6um-t-EAz7PFCXAqoo7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/DGhZ_rp4NMkyK3xva9gb0771zlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.140.196.0/22
195.149.116.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:69:8b:35:1a:31:97:bb:0e:33:a4:ef:47:c5:97:4d:76:08:
cc:89:d3:f3:fc:ee:fd:6b:c1:db:9f:04:72:dc:a8:d9:31:48:
0f:b0:54:38:91:1a:8d:cb:4e:13:9c:49:e1:e1:e8:c7:71:a2:
7c:1b:35:a4:a0:3f:ea:7f:c8:90:aa:02:6e:c0:97:05:e5:2f:
6d:c6:56:82:82:3d:26:83:c1:83:4a:b8:40:da:64:f1:f5:4c:
99:a2:3a:6e:1f:ac:75:7c:89:ca:ca:17:92:f7:46:aa:d2:c1:
93:7b:24:24:bd:a3:29:9f:d4:5d:44:d6:c7:0e:c8:16:63:ed:
4f:4e:8f:43:37:f1:ac:3d:bf:bf:63:51:6b:65:eb:57:82:a2:
9e:b6:53:a7:57:be:46:87:02:4e:7f:71:cb:5b:2d:1a:a6:2d:
5d:aa:5b:16:6f:71:47:03:75:f8:b6:29:67:8d:aa:a9:de:04:
69:5b:96:ab:b9:31:31:5e:e4:51:d8:e6:66:4e:18:d3:56:e1:
01:fb:1d:65:2a:ff:72:37:c7:c4:6b:1c:48:0e:af:cc:ff:39:
8a:44:6b:5d:b3:a3:d1:e3:da:71:40:7d:01:61:8c:01:f2:0a:
47:7c:c1:16:a6:9e:08:e7:58:62:73:fc:92:b9:a2:6e:7e:ac:
26:d2:16:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9YcHhYgY7UFycbopj09SfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNjg1OWZlYmE3ODM0YzkzMjJiN2M2ZjZiZDgxYmQzYmVm
NWNlNTEwHhcNMjQwNTA4MTM0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDhmZWEwMjUxZmFiYTZmYWRmODQwMzNlY2YxNDI1YzBhYThhM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXeIZCbkUs7YLYxMsVUok3s0nqdG
eQHuwkyT3euWTD3tmz1kCuuUpKaoaAvTArm8Im+/+WyaOEY/bKMp+lWmd+Mh4o3g
AXh4NKTvWDlsNbipSnuDYbXV8TmkKxqFu+jcHG9zXWnobIkxZkvYl1GkjTLstO0D
DihEf3FUkH6XNbzGMwaBmPP9HDAOyeWiEa7M+g+oB3o8c2lgQyyRsc8J0DDCiUa+
RatxTY1MQoo8jR2gq7fexl5qFtGCTkA3zYK8dEcftDFyEMUUDQmjIuHZ8cP4P8LM
bubsVPVMukY2LgvOjAgrVkeFV4FI0iDFO3an9bRHD/0uJ441j8SH4yZnVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFICP6gJR+rpvrfhAM+zxQlwKqKO8MB8GA1UdIwQY
MBaAFAxoWf66eDTJMit8b2vYG9O+9c5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREdoWl9ycDROTWt5SzN4dmE5Z2IwNzcxemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84YzNhOGItOTE3MS00NjIwLWIxZTAt
NzdmY2E3YTMwYjlmLzEvZ0lfcUFsSDZ1bS10LUVBejdQRkNYQXFvbzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC84YzNhOGItOTE3MS00NjIwLWIxZTAtNzdmY2E3YTMwYjlm
LzEvREdoWl9ycDROTWt5SzN4dmE5Z2IwNzcxemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw4zEAwQA
w5V0MA0GCSqGSIb3DQEBCwUAA4IBAQCNaYs1GjGXuw4zpO9HxZdNdgjMidPz/O79
a8HbnwRy3KjZMUgPsFQ4kRqNy04TnEnh4ejHcaJ8GzWkoD/qf8iQqgJuwJcF5S9t
xlaCgj0mg8GDSrhA2mTx9UyZojpuH6x1fInKyheS90aq0sGTeyQkvaMpn9RdRNbH
DsgWY+1PTo9DN/GsPb+/Y1FrZetXgqKetlOnV75GhwJOf3HLWy0api1dqlsWb3FH
A3X4tilnjaqp3gRpW5aruTExXuRR2OZmThjTVuEB+x1lKv9yN8fEaxxIDq/M/zmK
RGtds6PR49pxQH0BYYwB8gpHfMEWpp4I51hic/ySuaJufqwm0hbf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:30 2025 by rpki-client