Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/48f99e-1a10-45c3-aa34-4cd15cbc501b/1/KpwBpWa-YoaP2yX7ctPPlvNo348.roa
File: KpwBpWa-YoaP2yX7ctPPlvNo348.roa (raw, json)
Hash identifier: zMlJ1IgZpD8ZrnS2625KrjuRpNTGZXxUw+UAxzaMjP0=
Subject key identifier: 2A:9C:01:A5:66:BE:62:86:8F:DB:25:FB:72:D3:CF:96:F3:68:DF:8F
Certificate issuer: /CN=95a904ac6093e1e229a074c50506ffecda010ccf
Certificate serial: 018CC64B4E1BB216F948AF8F6B29D2BFE425
Authority key identifier: 95:A9:04:AC:60:93:E1:E2:29:A0:74:C5:05:06:FF:EC:DA:01:0C:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lakErGCT4eIpoHTFBQb_7NoBDM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/48f99e-1a10-45c3-aa34-4cd15cbc501b/1/KpwBpWa-YoaP2yX7ctPPlvNo348.roa
Signing time: Mon 01 Jan 2024 18:31:13 +0000
ROA not before: Mon 01 Jan 2024 18:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50689
IP address blocks: 195.210.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 08 Feb 2024 11:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:4e:1b:b2:16:f9:48:af:8f:6b:29:d2:bf:e4:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95a904ac6093e1e229a074c50506ffecda010ccf
Validity
Not Before: Jan 1 18:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a9c01a566be62868fdb25fb72d3cf96f368df8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:71:a7:35:3c:3b:fd:6e:2f:89:2f:c5:2a:81:
93:9a:c1:16:10:54:09:99:c4:00:e6:9c:53:4c:cd:
e5:74:c7:93:cc:16:f9:43:06:46:8c:ba:18:e8:f1:
23:6d:97:1f:d5:8e:e3:7f:11:ff:f7:74:9b:a3:42:
45:0f:31:8e:eb:55:24:05:6b:0f:00:0d:d7:d5:eb:
b1:64:7d:35:b5:39:b7:f4:c3:09:c1:53:d2:2b:7d:
53:d3:c1:a5:77:1e:51:6a:3b:fd:6b:7e:ee:0e:ca:
08:45:4c:d2:c9:f2:7f:f2:0b:67:cc:cb:e5:b1:8f:
86:0a:22:bb:4e:1f:18:77:e3:31:96:29:23:dd:58:
d3:40:c8:8f:c1:93:50:f8:4f:4f:36:b5:b1:12:59:
7c:d0:85:00:65:e5:13:92:5f:3a:05:b7:63:72:96:
99:7b:43:05:c5:0a:2f:f4:3a:6d:6c:80:0e:94:f2:
ed:5c:c9:7f:4a:a1:ff:c3:0a:1e:4c:9c:e2:2c:79:
7e:1a:a7:1a:35:95:1b:c9:24:7b:28:30:79:dd:c5:
2d:78:40:0b:10:ff:52:81:d0:bf:6d:21:19:57:50:
95:62:04:35:52:47:49:7b:37:92:1d:1d:3c:d0:67:
22:c8:d0:5e:bb:36:bb:0a:ce:1a:11:b5:22:b2:25:
ba:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9C:01:A5:66:BE:62:86:8F:DB:25:FB:72:D3:CF:96:F3:68:DF:8F
X509v3 Authority Key Identifier:
keyid:95:A9:04:AC:60:93:E1:E2:29:A0:74:C5:05:06:FF:EC:DA:01:0C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lakErGCT4eIpoHTFBQb_7NoBDM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/48f99e-1a10-45c3-aa34-4cd15cbc501b/1/KpwBpWa-YoaP2yX7ctPPlvNo348.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/48f99e-1a10-45c3-aa34-4cd15cbc501b/1/lakErGCT4eIpoHTFBQb_7NoBDM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.210.0.0/23
Signature Algorithm: sha256WithRSAEncryption
75:f7:0e:99:6a:94:fb:39:9d:d5:4b:23:0b:37:08:e5:69:8d:
ee:9c:74:ea:a6:b3:79:46:c5:de:e4:ec:4e:41:6e:77:59:c8:
3e:48:61:4a:ed:4b:c2:d5:18:c2:13:d6:f9:6c:e4:91:31:5c:
23:86:08:79:72:b0:f4:51:22:a1:9e:de:6b:f2:48:14:f8:e1:
06:00:a9:e9:86:2b:38:4b:63:31:1e:2d:6e:cd:2f:6e:ae:30:
0e:1f:2e:21:29:3a:4a:fa:cc:b5:85:9d:12:94:09:8f:c4:00:
48:48:b4:f6:2b:d3:aa:f4:32:2a:83:d3:46:1f:ae:bb:5d:aa:
0f:7e:03:fa:ea:48:78:00:b2:a5:39:61:64:7f:11:51:0d:3e:
07:f2:de:74:bc:6c:ff:3a:17:19:2b:bf:5f:1e:d9:da:a0:45:
7a:81:22:7a:85:a0:b5:42:57:90:7f:f2:ad:7a:3f:8b:67:ce:
19:cc:6d:c3:c1:e8:2c:d4:f8:bd:73:db:20:ab:f9:5f:0a:a1:
c0:61:79:39:d5:a2:a6:dd:44:18:51:4f:5b:a2:aa:c2:c9:aa:
a4:a6:9d:34:8f:01:5c:25:c5:00:51:3a:af:7e:ed:a4:e8:43:
c5:ed:34:4b:4a:e4:7b:f2:e7:ff:c8:28:27:c4:8b:90:9f:c1:
f4:8e:80:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS04bshb5SK+PaynSv+QlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTkwNGFjNjA5M2UxZTIyOWEwNzRjNTA1MDZmZmVjZGEw
MTBjY2YwHhcNMjQwMTAxMTgzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTljMDFhNTY2YmU2Mjg2OGZkYjI1ZmI3MmQzY2Y5NmYzNjhkZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXGnNTw7/W4viS/FKoGTmsEWEFQJ
mcQA5pxTTM3ldMeTzBb5QwZGjLoY6PEjbZcf1Y7jfxH/93Sbo0JFDzGO61UkBWsP
AA3X1euxZH01tTm39MMJwVPSK31T08Gldx5Rajv9a37uDsoIRUzSyfJ/8gtnzMvl
sY+GCiK7Th8Yd+Mxlikj3VjTQMiPwZNQ+E9PNrWxEll80IUAZeUTkl86BbdjcpaZ
e0MFxQov9DptbIAOlPLtXMl/SqH/wwoeTJziLHl+GqcaNZUbySR7KDB53cUteEAL
EP9SgdC/bSEZV1CVYgQ1UkdJezeSHR080GciyNBeuza7Cs4aEbUisiW6/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqcAaVmvmKGj9sl+3LTz5bzaN+PMB8GA1UdIwQY
MBaAFJWpBKxgk+HiKaB0xQUG/+zaAQzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFrRXJHQ1Q0ZUlwb0hURkJRYl83Tm9CRE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80OGY5OWUtMWExMC00NWMzLWFhMzQt
NGNkMTVjYmM1MDFiLzEvS3B3QnBXYS1Zb2FQMnlYN2N0UFBsdk5vMzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80OGY5OWUtMWExMC00NWMzLWFhMzQtNGNkMTVjYmM1MDFi
LzEvbGFrRXJHQ1Q0ZUlwb0hURkJRYl83Tm9CRE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw9IAMA0G
CSqGSIb3DQEBCwUAA4IBAQB19w6ZapT7OZ3VSyMLNwjlaY3unHTqprN5RsXe5OxO
QW53Wcg+SGFK7UvC1RjCE9b5bOSRMVwjhgh5crD0USKhnt5r8kgU+OEGAKnphis4
S2MxHi1uzS9urjAOHy4hKTpK+sy1hZ0SlAmPxABISLT2K9Oq9DIqg9NGH667XaoP
fgP66kh4ALKlOWFkfxFRDT4H8t50vGz/OhcZK79fHtnaoEV6gSJ6haC1QleQf/Kt
ej+LZ84ZzG3Dwegs1Pi9c9sgq/lfCqHAYXk51aKm3UQYUU9boqrCyaqkpp00jwFc
JcUAUTqvfu2k6EPF7TRLSuR78uf/yCgnxIuQn8H0joAr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:35 2025 by rpki-client