Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0ec7a7-0abc-4ff9-9958-5867ca77897e/1/o9nfS2ACoiziDrenHBGzYs7pGvo.roa
File: o9nfS2ACoiziDrenHBGzYs7pGvo.roa (raw, json)
Hash identifier: uVALN/8UbDs5VMJxnRd1hRA45hxBrD1VrdMXW8kIySI=
Subject key identifier: A3:D9:DF:4B:60:02:A2:2C:E2:0E:B7:A7:1C:11:B3:62:CE:E9:1A:FA
Certificate issuer: /CN=ab6da834b32cb12c4bdae33f672f348d983f3176
Certificate serial: 01856FC26CBADDAEECE4697DC53FA3415F10
Authority key identifier: AB:6D:A8:34:B3:2C:B1:2C:4B:DA:E3:3F:67:2F:34:8D:98:3F:31:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q22oNLMssSxL2uM_Zy80jZg_MXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0ec7a7-0abc-4ff9-9958-5867ca77897e/1/o9nfS2ACoiziDrenHBGzYs7pGvo.roa
Signing time: Sun 01 Jan 2023 23:54:50 +0000
ROA not before: Sun 01 Jan 2023 23:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28967
IP address blocks: 195.39.225.0/24 maxlen: 24
195.39.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:6c:ba:dd:ae:ec:e4:69:7d:c5:3f:a3:41:5f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab6da834b32cb12c4bdae33f672f348d983f3176
Validity
Not Before: Jan 1 23:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3d9df4b6002a22ce20eb7a71c11b362cee91afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e7:b9:20:d4:c3:a5:11:76:fd:d1:5c:58:b1:
26:00:b4:4d:1a:5f:28:c5:73:71:00:f0:40:01:4a:
f2:33:85:19:c9:57:e9:ec:15:42:a5:e4:8f:8c:ae:
3a:90:45:42:9a:9b:0a:98:9a:9a:43:2f:26:43:18:
41:2c:e3:c8:cd:36:44:7d:21:51:ab:d5:94:29:79:
7a:f8:7f:03:6d:86:58:08:fe:c3:13:06:bb:f9:01:
96:9c:7f:f6:32:9a:75:e5:87:28:20:0a:0b:f7:74:
aa:d3:ef:99:56:dc:5b:84:49:ea:6a:55:cc:1b:19:
45:b2:b6:53:62:d4:8e:56:e9:cc:40:92:30:d7:4c:
6f:72:43:2d:29:88:cc:bd:6b:b6:b7:3f:c7:b7:e5:
a8:5a:65:52:bc:a6:46:2d:1d:08:13:85:79:39:10:
c8:25:7b:54:6c:8a:26:6b:44:eb:46:ee:8a:39:27:
01:cd:26:17:0e:73:5f:1f:c1:26:ee:e4:54:cc:02:
ce:e9:77:cc:2c:15:87:fc:a8:3d:be:e1:97:f6:a1:
54:b4:46:a6:87:2d:9f:f0:27:79:30:8f:71:78:17:
9a:07:e2:93:f0:b0:33:70:6e:74:55:a4:9d:31:d9:
ac:74:a1:f1:94:f9:62:d7:b6:b4:c0:18:11:11:f1:
84:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D9:DF:4B:60:02:A2:2C:E2:0E:B7:A7:1C:11:B3:62:CE:E9:1A:FA
X509v3 Authority Key Identifier:
keyid:AB:6D:A8:34:B3:2C:B1:2C:4B:DA:E3:3F:67:2F:34:8D:98:3F:31:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q22oNLMssSxL2uM_Zy80jZg_MXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0ec7a7-0abc-4ff9-9958-5867ca77897e/1/o9nfS2ACoiziDrenHBGzYs7pGvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0ec7a7-0abc-4ff9-9958-5867ca77897e/1/q22oNLMssSxL2uM_Zy80jZg_MXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.39.224.0/23
Signature Algorithm: sha256WithRSAEncryption
12:66:05:96:68:96:02:62:4c:8b:03:b3:36:2a:4a:49:92:6d:
26:9a:c0:3c:f5:09:66:34:9d:59:49:19:27:69:b1:de:04:2c:
d8:42:26:7f:81:9f:ac:9a:a8:59:80:61:fc:bb:13:5f:94:22:
64:78:0a:fd:52:49:2b:86:c5:20:bf:bc:55:5a:28:91:0d:67:
af:d2:a3:25:7c:6a:c2:29:49:d3:fb:23:54:0b:94:f8:e1:07:
4f:2a:cf:5d:11:70:33:60:fc:33:5d:a6:10:ad:0f:dc:c7:60:
a1:df:89:a6:c1:03:2c:f3:56:b0:fe:77:3c:73:0c:de:64:6f:
b1:4b:a5:69:30:ec:f9:54:5c:ca:d8:9b:41:b7:da:ed:6e:e3:
c1:8a:f3:43:b4:08:38:26:75:58:85:22:4a:db:46:54:e3:eb:
f2:dd:4f:af:1e:b9:15:67:aa:89:98:9a:c0:d5:42:bc:33:98:
01:b6:b9:90:a6:39:3b:8b:4f:a8:c1:98:a3:14:fe:ce:20:d7:
31:f8:6f:31:b6:1e:c2:71:50:27:fa:4d:94:22:b1:4c:bf:c8:
05:75:4e:93:4c:e3:b9:87:a8:41:fa:68:d3:45:e2:02:6c:9f:
92:6a:1f:de:3a:bd:18:48:1b:3b:d9:18:c2:24:a2:e7:f8:3a:
58:74:14:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwmy63a7s5Gl9xT+jQV8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNmRhODM0YjMyY2IxMmM0YmRhZTMzZjY3MmYzNDhkOTgz
ZjMxNzYwHhcNMjMwMTAxMjM1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q5ZGY0YjYwMDJhMjJjZTIwZWI3YTcxYzExYjM2MmNlZTkxYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkue5INTDpRF2/dFcWLEmALRNGl8o
xXNxAPBAAUryM4UZyVfp7BVCpeSPjK46kEVCmpsKmJqaQy8mQxhBLOPIzTZEfSFR
q9WUKXl6+H8DbYZYCP7DEwa7+QGWnH/2Mpp15YcoIAoL93Sq0++ZVtxbhEnqalXM
GxlFsrZTYtSOVunMQJIw10xvckMtKYjMvWu2tz/Ht+WoWmVSvKZGLR0IE4V5ORDI
JXtUbIoma0TrRu6KOScBzSYXDnNfH8Em7uRUzALO6XfMLBWH/Kg9vuGX9qFUtEam
hy2f8Cd5MI9xeBeaB+KT8LAzcG50VaSdMdmsdKHxlPli17a0wBgREfGEMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPZ30tgAqIs4g63pxwRs2LO6Rr6MB8GA1UdIwQY
MBaAFKttqDSzLLEsS9rjP2cvNI2YPzF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTIyb05MTXNzU3hMMnVNX1p5ODBqWmdfTVhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wZWM3YTctMGFiYy00ZmY5LTk5NTgt
NTg2N2NhNzc4OTdlLzEvbzluZlMyQUNvaXppRHJlbkhCR3pZczdwR3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wZWM3YTctMGFiYy00ZmY5LTk5NTgtNTg2N2NhNzc4OTdl
LzEvcTIyb05MTXNzU3hMMnVNX1p5ODBqWmdfTVhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwyfgMA0G
CSqGSIb3DQEBCwUAA4IBAQASZgWWaJYCYkyLA7M2KkpJkm0mmsA89QlmNJ1ZSRkn
abHeBCzYQiZ/gZ+smqhZgGH8uxNflCJkeAr9UkkrhsUgv7xVWiiRDWev0qMlfGrC
KUnT+yNUC5T44QdPKs9dEXAzYPwzXaYQrQ/cx2Ch34mmwQMs81aw/nc8cwzeZG+x
S6VpMOz5VFzK2JtBt9rtbuPBivNDtAg4JnVYhSJK20ZU4+vy3U+vHrkVZ6qJmJrA
1UK8M5gBtrmQpjk7i0+owZijFP7OINcx+G8xth7CcVAn+k2UIrFMv8gFdU6TTOO5
h6hB+mjTReICbJ+Sah/eOr0YSBs72RjCJKLn+DpYdBSl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:29 2024 by rpki-client on console-fra.rpki-client.org