Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/4tYXAXAIQuEel24gzpiC4TGNqhM.roa
File: 4tYXAXAIQuEel24gzpiC4TGNqhM.roa (raw, json)
Hash identifier: 6KWsWCuf6yrNWLluOhoNJb+v10fyLL1AlnEmQ+azKUs=
Subject key identifier: E2:D6:17:01:70:08:42:E1:1E:97:6E:20:CE:98:82:E1:31:8D:AA:13
Certificate issuer: /CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Certificate serial: 01856EAFD54AA2B37A14B2E3721D1DE27063
Authority key identifier: EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/4tYXAXAIQuEel24gzpiC4TGNqhM.roa
Signing time: Sun 01 Jan 2023 18:54:55 +0000
ROA not before: Sun 01 Jan 2023 18:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39142
IP address blocks: 195.191.240.0/23 maxlen: 23
195.191.240.0/24 maxlen: 24
195.191.241.0/24 maxlen: 24
2a0a:dc07::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:d5:4a:a2:b3:7a:14:b2:e3:72:1d:1d:e2:70:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Validity
Not Before: Jan 1 18:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2d61701700842e11e976e20ce9882e1318daa13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2f:ec:f4:c8:ff:bf:0b:b5:8a:98:11:d7:c0:
ab:50:91:4d:6d:dd:a1:87:c7:56:5a:b7:77:94:6e:
9a:97:ab:d1:9d:e9:05:2e:17:c9:38:f1:46:30:98:
18:f9:f1:80:f7:3a:e0:b3:75:97:a3:ef:47:6c:5c:
a1:24:23:0e:13:09:d1:bf:7e:0f:ac:65:69:54:4c:
e6:37:ce:0a:4b:e6:0d:56:79:98:d8:cb:ef:0d:3d:
bb:2d:4a:54:61:ec:93:1e:3f:28:b4:7e:a5:fb:59:
20:21:2e:98:4b:6f:f5:82:98:11:48:db:f0:2d:4a:
2e:1c:23:d4:e6:d6:dc:42:45:92:31:5d:2e:10:16:
27:10:69:5a:f2:7f:c3:ee:2e:a0:d1:6d:7c:f8:13:
74:43:0a:26:47:6e:92:ad:c1:c6:14:eb:5d:8d:e8:
f8:e3:53:57:5f:af:56:32:72:a2:9e:0c:ba:30:f6:
f0:77:94:8f:56:24:17:7a:04:21:0a:e7:66:8b:1d:
69:dd:5e:76:c8:11:94:cd:ca:02:c6:4a:dc:3c:51:
ff:cc:a5:04:ce:82:6c:e1:65:ff:28:8c:fe:9c:97:
fd:d5:ad:a7:43:cd:ff:e8:b9:d3:e4:01:cd:52:bb:
fa:0c:d9:99:d2:d3:00:cd:4b:7c:23:32:8d:dd:22:
76:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D6:17:01:70:08:42:E1:1E:97:6E:20:CE:98:82:E1:31:8D:AA:13
X509v3 Authority Key Identifier:
keyid:EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/4tYXAXAIQuEel24gzpiC4TGNqhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/7-aRQnxuQYBvbOseIYp9xjIP3u0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.240.0/23
IPv6:
2a0a:dc07::/32
Signature Algorithm: sha256WithRSAEncryption
03:bf:12:3b:ee:7e:a3:0e:de:39:d2:16:fc:34:7a:10:ef:15:
73:7d:46:43:0a:ff:8d:2c:5c:1e:ec:72:a5:93:3d:d1:7b:d2:
76:c0:45:61:5c:a4:da:56:d2:a8:6f:f2:2f:32:f7:ff:51:6a:
d2:ea:fb:e0:97:30:53:17:e5:a1:35:0d:29:42:42:02:7e:f1:
bb:e6:a2:76:ce:7a:ea:91:9f:76:d6:b9:63:81:39:76:ed:72:
2e:1f:4f:10:94:0b:72:93:cc:53:8a:12:c1:d4:98:16:32:4b:
89:31:c5:5b:95:da:e9:23:aa:b8:a2:d2:4e:e5:b6:ab:97:59:
a2:f6:84:00:5c:00:96:85:4d:e0:9c:f6:3e:06:ac:5c:17:db:
f1:13:b0:71:4d:17:11:8c:5f:23:28:88:d1:a4:8b:ed:4c:36:
af:30:7e:9e:5f:28:b1:40:8a:ef:04:47:e4:8d:15:87:c5:86:
67:e2:52:3b:92:3c:90:ca:f3:34:5f:ea:af:5a:ef:24:70:8f:
68:d9:be:d7:a2:2a:3f:ec:80:76:71:14:af:eb:3a:95:af:ba:
85:51:19:f6:3c:c0:48:7f:74:d3:73:ca:1a:a5:63:e2:34:50:
ab:74:9b:4a:61:a0:32:b6:a7:8b:70:d1:94:91:59:5e:6c:5e:
cf:22:be:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVur9VKorN6FLLjch0d4nBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZTY5MTQyN2M2ZTQxODA2ZjZjZWIxZTIxOGE3ZGM2MzIw
ZmRlZWQwHhcNMjMwMTAxMTg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQ2MTcwMTcwMDg0MmUxMWU5NzZlMjBjZTk4ODJlMTMxOGRhYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5S/s9Mj/vwu1ipgR18CrUJFNbd2h
h8dWWrd3lG6al6vRnekFLhfJOPFGMJgY+fGA9zrgs3WXo+9HbFyhJCMOEwnRv34P
rGVpVEzmN84KS+YNVnmY2MvvDT27LUpUYeyTHj8otH6l+1kgIS6YS2/1gpgRSNvw
LUouHCPU5tbcQkWSMV0uEBYnEGla8n/D7i6g0W18+BN0QwomR26SrcHGFOtdjej4
41NXX69WMnKingy6MPbwd5SPViQXegQhCudmix1p3V52yBGUzcoCxkrcPFH/zKUE
zoJs4WX/KIz+nJf91a2nQ83/6LnT5AHNUrv6DNmZ0tMAzUt8IzKN3SJ2ZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOLWFwFwCELhHpduIM6YguExjaoTMB8GA1UdIwQY
MBaAFO/mkUJ8bkGAb2zrHiGKfcYyD97tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMt
MzgxNGM1N2ZlOWJiLzEvNHRZWEFYQUlRdUVlbDI0Z3pwaUM0VEdOcWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMtMzgxNGM1N2ZlOWJi
LzEvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw7/wMA0E
AgACMAcDBQAqCtwHMA0GCSqGSIb3DQEBCwUAA4IBAQADvxI77n6jDt450hb8NHoQ
7xVzfUZDCv+NLFwe7HKlkz3Re9J2wEVhXKTaVtKob/IvMvf/UWrS6vvglzBTF+Wh
NQ0pQkICfvG75qJ2znrqkZ921rljgTl27XIuH08QlAtyk8xTihLB1JgWMkuJMcVb
ldrpI6q4otJO5barl1mi9oQAXACWhU3gnPY+BqxcF9vxE7BxTRcRjF8jKIjRpIvt
TDavMH6eXyixQIrvBEfkjRWHxYZn4lI7kjyQyvM0X+qvWu8kcI9o2b7Xoio/7IB2
cRSv6zqVr7qFURn2PMBIf3TTc8oapWPiNFCrdJtKYaAytqeLcNGUkVlebF7PIr7B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:36 2024 by rpki-client on console-ams.rpki-client.org