Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/54e8a6-4d81-4875-a987-feb0e515c02c/1/XKDxZh6N-uVMpGIHif_a_RvAlwg.roa
File: XKDxZh6N-uVMpGIHif_a_RvAlwg.roa (raw, json)
Hash identifier: g6H5KWSgFFfDiZkEURyDWpjiMciH0b9UmmMbatESIfg=
Subject key identifier: 5C:A0:F1:66:1E:8D:FA:E5:4C:A4:62:07:89:FF:DA:FD:1B:C0:97:08
Certificate issuer: /CN=bd90bc3e371140b42a21d697d8300d9410a249aa
Certificate serial: 018BF6D69B0878B563CA91962F1F2AF8613E
Authority key identifier: BD:90:BC:3E:37:11:40:B4:2A:21:D6:97:D8:30:0D:94:10:A2:49:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vZC8PjcRQLQqIdaX2DANlBCiSao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/54e8a6-4d81-4875-a987-feb0e515c02c/1/XKDxZh6N-uVMpGIHif_a_RvAlwg.roa
Signing time: Wed 22 Nov 2023 11:42:21 +0000
ROA not before: Wed 22 Nov 2023 11:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15557
IP address blocks: 195.234.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:d6:9b:08:78:b5:63:ca:91:96:2f:1f:2a:f8:61:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd90bc3e371140b42a21d697d8300d9410a249aa
Validity
Not Before: Nov 22 11:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ca0f1661e8dfae54ca4620789ffdafd1bc09708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:00:33:b1:af:ca:f6:f6:d3:1a:f2:40:16:2d:
df:17:2f:09:4e:72:95:16:fc:57:eb:a6:b5:86:82:
af:8b:46:a7:51:e0:c1:a3:1e:03:f8:00:ff:58:b6:
4e:2f:6d:a2:ed:91:5c:36:43:1d:57:7f:af:6b:c6:
e3:8e:34:a8:79:c8:85:b2:36:fc:ed:b0:59:2e:9f:
dc:65:68:3a:b1:45:53:9f:2d:47:71:15:35:92:53:
07:3c:e0:7c:db:c5:8b:75:ab:b3:9a:c7:f6:e9:8e:
43:6a:41:fe:3a:af:33:b9:61:b7:80:93:05:cb:da:
8a:af:15:0f:99:42:25:8d:ac:71:b0:5f:7b:0d:07:
78:21:8d:5d:cb:92:2b:08:ee:38:c0:47:c6:cf:19:
bc:8e:7f:d9:e8:ea:3b:55:72:03:88:31:17:c7:7e:
4b:34:38:6f:59:45:37:f7:80:62:46:12:16:c8:72:
d8:b0:47:1e:c2:82:27:17:8b:fc:22:df:64:3a:20:
2d:95:67:50:ea:bd:5d:4d:ad:c3:49:48:89:a6:92:
b7:36:28:0c:25:98:75:23:5d:78:4f:2a:30:13:57:
dd:e9:d9:d8:cc:e6:a6:fb:67:8c:a6:2c:4f:de:e7:
a0:99:71:19:9e:d2:41:b1:18:75:61:86:56:50:b2:
7f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A0:F1:66:1E:8D:FA:E5:4C:A4:62:07:89:FF:DA:FD:1B:C0:97:08
X509v3 Authority Key Identifier:
keyid:BD:90:BC:3E:37:11:40:B4:2A:21:D6:97:D8:30:0D:94:10:A2:49:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vZC8PjcRQLQqIdaX2DANlBCiSao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/54e8a6-4d81-4875-a987-feb0e515c02c/1/XKDxZh6N-uVMpGIHif_a_RvAlwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/54e8a6-4d81-4875-a987-feb0e515c02c/1/vZC8PjcRQLQqIdaX2DANlBCiSao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.41.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:6c:45:ef:47:40:a8:94:e6:71:e9:e6:b6:b0:72:15:dc:fe:
ef:e1:89:7d:25:11:4d:68:51:54:dd:03:50:a7:81:1a:ba:b2:
21:58:37:59:20:11:12:17:99:05:c1:f6:44:98:23:af:42:53:
17:16:d0:b1:63:12:2f:dc:91:9d:fe:f2:23:67:25:4e:37:d1:
6b:09:08:4d:cc:fd:2d:75:e2:c2:83:01:34:a0:05:17:a7:10:
3a:a3:48:10:a8:bf:10:b7:27:85:3b:8d:24:7c:a5:0d:17:ba:
41:f2:de:1c:27:0d:bd:88:ff:73:87:5b:37:5b:68:55:f2:b7:
f5:fc:b1:4e:ad:f9:54:8c:8e:7b:c9:15:59:b8:24:fb:f6:2a:
e7:c5:c6:c5:b2:54:30:05:43:39:39:af:11:cc:4e:23:0e:17:
70:dd:35:c2:02:44:29:47:d4:5c:88:dc:58:c0:4b:86:f4:28:
03:64:bd:da:3a:8f:61:bd:f8:af:fa:4f:dd:90:4a:49:67:23:
d6:02:9a:61:d5:1a:71:01:40:3a:53:04:eb:9b:dd:c5:f3:83:
48:3a:1d:6f:5d:58:88:23:2d:05:b4:17:b9:22:18:a8:05:b9:
02:4b:04:69:6a:34:1e:75:14:ee:86:70:aa:15:ab:3d:92:50:
61:aa:42:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv21psIeLVjypGWLx8q+GE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOTBiYzNlMzcxMTQwYjQyYTIxZDY5N2Q4MzAwZDk0MTBh
MjQ5YWEwHhcNMjMxMTIyMTE0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2EwZjE2NjFlOGRmYWU1NGNhNDYyMDc4OWZmZGFmZDFiYzA5NzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigAzsa/K9vbTGvJAFi3fFy8JTnKV
FvxX66a1hoKvi0anUeDBox4D+AD/WLZOL22i7ZFcNkMdV3+va8bjjjSoeciFsjb8
7bBZLp/cZWg6sUVTny1HcRU1klMHPOB828WLdauzmsf26Y5DakH+Oq8zuWG3gJMF
y9qKrxUPmUIljaxxsF97DQd4IY1dy5IrCO44wEfGzxm8jn/Z6Oo7VXIDiDEXx35L
NDhvWUU394BiRhIWyHLYsEcewoInF4v8It9kOiAtlWdQ6r1dTa3DSUiJppK3NigM
JZh1I114TyowE1fd6dnYzOam+2eMpixP3uegmXEZntJBsRh1YYZWULJ/GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyg8WYejfrlTKRiB4n/2v0bwJcIMB8GA1UdIwQY
MBaAFL2QvD43EUC0KiHWl9gwDZQQokmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlpDOFBqY1JRTFFxSWRhWDJEQU5sQkNpU2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81NGU4YTYtNGQ4MS00ODc1LWE5ODct
ZmViMGU1MTVjMDJjLzEvWEtEeFpoNk4tdVZNcEdJSGlmX2FfUnZBbHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81NGU4YTYtNGQ4MS00ODc1LWE5ODctZmViMGU1MTVjMDJj
LzEvdlpDOFBqY1JRTFFxSWRhWDJEQU5sQkNpU2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+opMA0G
CSqGSIb3DQEBCwUAA4IBAQB8bEXvR0ColOZx6ea2sHIV3P7v4Yl9JRFNaFFU3QNQ
p4EaurIhWDdZIBESF5kFwfZEmCOvQlMXFtCxYxIv3JGd/vIjZyVON9FrCQhNzP0t
deLCgwE0oAUXpxA6o0gQqL8QtyeFO40kfKUNF7pB8t4cJw29iP9zh1s3W2hV8rf1
/LFOrflUjI57yRVZuCT79irnxcbFslQwBUM5Oa8RzE4jDhdw3TXCAkQpR9RciNxY
wEuG9CgDZL3aOo9hvfiv+k/dkEpJZyPWApph1RpxAUA6UwTrm93F84NIOh1vXViI
Iy0FtBe5IhioBbkCSwRpajQedRTuhnCqFas9klBhqkKG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:23 2024 by rpki-client on console-fra.rpki-client.org