Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/hxM4rWW8m7RhXiNlJCYz7IOJuSk.roa
File: hxM4rWW8m7RhXiNlJCYz7IOJuSk.roa (raw, json)
Hash identifier: tjtYMgZJdk0l45AKYvcbwGjV+YY0hZ0oYkKAvhduZOc=
Subject key identifier: 87:13:38:AD:65:BC:9B:B4:61:5E:23:65:24:26:33:EC:83:89:B9:29
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 018573BA891B2EFBF2559CE603B5822F63D3
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/hxM4rWW8m7RhXiNlJCYz7IOJuSk.roa
Signing time: Mon 02 Jan 2023 18:24:42 +0000
ROA not before: Mon 02 Jan 2023 18:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1290
IP address blocks: 195.152.0.0/15 maxlen: 15
Validation: Failed, certificate revoked on Wed 28 Jun 2023 02:10:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:89:1b:2e:fb:f2:55:9c:e6:03:b5:82:2f:63:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Jan 2 18:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=871338ad65bc9bb4615e2365242633ec8389b929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:56:22:49:d9:b7:44:c2:ac:7f:51:32:f0:ba:
e7:15:17:64:c5:18:e8:2a:6d:57:43:df:ac:4d:f0:
8e:81:ab:ba:ff:67:2d:6d:b5:be:7b:07:88:b1:15:
e8:0d:28:bd:39:ad:45:d6:a8:99:e0:12:75:9c:0b:
7a:9c:3d:fe:13:b9:cb:f7:2d:f7:70:d9:41:0a:00:
e0:0d:92:d0:29:61:42:08:7a:5f:e2:e8:f9:22:08:
dd:c8:5c:ee:ed:e3:f5:bf:99:c4:2c:63:dd:76:59:
f4:72:84:3a:45:42:b3:a3:72:3f:3e:16:d3:c3:54:
ee:42:bc:e1:53:38:df:f4:5b:12:56:34:ad:94:9d:
11:65:37:74:47:fc:a8:6b:f0:46:23:be:ce:69:5e:
f9:61:fa:c5:e0:92:dd:07:4a:82:fd:7b:0e:ac:da:
a9:0b:7c:a2:a4:9b:70:c7:1c:a1:9e:0a:1b:0d:69:
9e:09:08:aa:e3:e9:ec:ba:21:18:5d:79:51:2d:c1:
a6:5a:ef:9a:85:c3:c4:76:81:8a:85:ee:16:2d:77:
22:df:10:92:54:a4:02:6c:15:15:ad:1f:ca:e2:ed:
ba:f3:9f:7c:38:92:50:bf:3e:56:ef:e5:8b:55:a1:
b5:70:22:9a:97:dc:51:6e:24:64:65:c1:d4:48:70:
2d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:13:38:AD:65:BC:9B:B4:61:5E:23:65:24:26:33:EC:83:89:B9:29
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/hxM4rWW8m7RhXiNlJCYz7IOJuSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1e:cf:9a:d7:db:61:ed:49:35:92:56:77:52:ba:95:46:83:69:
a0:b3:bc:c7:1a:cd:6f:2b:cd:0b:7f:a6:28:74:ac:dd:81:d7:
14:8c:fd:b2:15:ed:70:0a:0e:5f:9e:1a:ba:bd:4b:43:b0:66:
f3:dc:56:5e:12:ce:92:08:0e:99:f7:f3:fb:15:e8:e3:be:8e:
8f:31:33:21:b5:86:ea:69:c3:76:09:c6:eb:73:f4:c5:63:6f:
6b:d5:2f:2c:56:cc:40:a1:7e:24:39:68:73:a4:7a:4f:51:5e:
02:53:f2:29:1f:54:da:96:82:ad:34:47:b5:17:bf:db:45:c1:
06:8c:29:80:b8:c5:08:79:31:68:bb:94:00:8b:4d:3d:98:9a:
4a:c0:4b:5f:de:e9:8f:d5:7f:a9:39:42:cc:ac:f7:b8:ea:50:
d3:92:6a:d7:5e:da:9b:9a:53:2b:57:cd:70:41:ba:69:0d:57:
45:fe:8d:c2:c0:f7:5a:5a:cb:54:5c:c6:76:d2:93:c8:1b:e0:
b9:f1:19:b7:11:14:92:fe:2f:df:bd:96:fa:fb:54:b9:47:6e:
2c:9e:ed:80:1d:2a:7e:cd:02:06:cb:87:12:41:2d:d4:10:7a:
30:2f:53:09:e9:4e:d8:f6:45:bf:0d:dc:88:7e:fa:18:c1:91:
41:c2:a4:20
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVzuokbLvvyVZzmA7WCL2PTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjMwMTAyMTgyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzEzMzhhZDY1YmM5YmI0NjE1ZTIzNjUyNDI2MzNlYzgzODliOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1YiSdm3RMKsf1Ey8LrnFRdkxRjo
Km1XQ9+sTfCOgau6/2ctbbW+eweIsRXoDSi9Oa1F1qiZ4BJ1nAt6nD3+E7nL9y33
cNlBCgDgDZLQKWFCCHpf4uj5IgjdyFzu7eP1v5nELGPddln0coQ6RUKzo3I/PhbT
w1TuQrzhUzjf9FsSVjStlJ0RZTd0R/yoa/BGI77OaV75YfrF4JLdB0qC/XsOrNqp
C3yipJtwxxyhngobDWmeCQiq4+nsuiEYXXlRLcGmWu+ahcPEdoGKhe4WLXci3xCS
VKQCbBUVrR/K4u268598OJJQvz5W7+WLVaG1cCKal9xRbiRkZcHUSHAt4QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIcTOK1lvJu0YV4jZSQmM+yDibkpMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvaHhNNHJXVzhtN1JoWGlObEpDWXo3SU9KdVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBw5gwDQYJ
KoZIhvcNAQELBQADggEBAB7PmtfbYe1JNZJWd1K6lUaDaaCzvMcazW8rzQt/pih0
rN2B1xSM/bIV7XAKDl+eGrq9S0OwZvPcVl4SzpIIDpn38/sV6OO+jo8xMyG1hupp
w3YJxutz9MVjb2vVLyxWzEChfiQ5aHOkek9RXgJT8ikfVNqWgq00R7UXv9tFwQaM
KYC4xQh5MWi7lACLTT2YmkrAS1/e6Y/Vf6k5Qsys97jqUNOSatde2puaUytXzXBB
umkNV0X+jcLA91pay1RcxnbSk8gb4LnxGbcRFJL+L9+9lvr7VLlHbiye7YAdKn7N
AgbLhxJBLdQQejAvUwnpTtj2Rb8N3Ih++hjBkUHCpCA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org