Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/xHJZCDT6nM289W1WZgyPkXY4pY0.roa
File: xHJZCDT6nM289W1WZgyPkXY4pY0.roa (raw, json)
Hash identifier: CNoyl2+xAw2E1+B1TQQpDNW7AjTz4jN6UmyKg30boHY=
Subject key identifier: C4:72:59:08:34:FA:9C:CD:BC:F5:6D:56:66:0C:8F:91:76:38:A5:8D
Certificate issuer: /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial: 018D237D7C6C8B1322DE53B083286F5B0A70
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/xHJZCDT6nM289W1WZgyPkXY4pY0.roa
Signing time: Fri 19 Jan 2024 20:50:42 +0000
ROA not before: Fri 19 Jan 2024 20:50:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203446
IP address blocks: 195.14.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 15:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:23:7d:7c:6c:8b:13:22:de:53:b0:83:28:6f:5b:0a:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Validity
Not Before: Jan 19 20:50:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c472590834fa9ccdbcf56d56660c8f917638a58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:21:ae:9f:72:8d:9e:08:42:a6:69:7e:ea:36:
17:9a:78:cc:0e:ee:d0:09:bf:de:82:bb:05:d8:73:
91:e2:20:2e:85:82:8e:7e:3d:54:98:62:fa:ba:96:
b1:90:7d:e2:f2:d4:f4:b5:c1:f7:2b:6b:c7:fa:3b:
cf:b5:c6:85:67:f7:9d:fa:65:a0:51:27:5a:2d:bc:
30:56:e6:42:cb:61:72:e6:97:0e:ae:76:be:97:f1:
9c:bb:e3:09:f7:15:ac:da:1c:00:28:c9:f6:fc:75:
92:13:25:a3:e7:ec:36:62:24:d0:85:e4:5b:52:ab:
b7:5b:38:0f:ca:1c:5f:93:67:e0:9b:4e:aa:71:a6:
fe:28:39:c1:9c:58:23:ae:1d:a8:68:e9:71:e9:62:
d8:b0:b5:1f:c2:4b:48:92:3d:cc:a9:5c:d9:8d:57:
5b:1d:65:d3:b0:86:ae:98:ad:b8:88:b7:91:5e:ca:
0a:ba:b7:fb:80:4a:b7:ce:5b:e1:2d:3f:40:07:0c:
11:0d:90:36:73:e4:46:80:ba:69:1c:dd:b2:b2:a1:
a5:1c:f5:e4:1a:d0:ff:b3:98:ac:ef:f4:cf:d8:d7:
e7:bb:64:3a:4f:42:ec:0b:81:3f:91:fc:ba:6f:90:
c5:2e:a0:43:10:a5:04:f0:59:d0:0d:c6:06:ab:ca:
bf:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:72:59:08:34:FA:9C:CD:BC:F5:6D:56:66:0C:8F:91:76:38:A5:8D
X509v3 Authority Key Identifier:
keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/xHJZCDT6nM289W1WZgyPkXY4pY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.14.105.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:59:35:16:18:53:72:57:89:18:71:58:c5:cc:48:1b:0f:9f:
88:77:a7:f3:9f:1d:f3:3f:af:94:d2:a2:32:28:70:e4:43:40:
af:7e:6a:eb:b2:dd:0e:f7:f5:0c:4a:4a:41:2c:17:95:2b:0c:
dd:22:e9:40:5b:5d:0a:0e:88:31:2a:71:d2:ff:86:be:42:1b:
23:69:a6:ef:f5:6a:d3:c5:8c:a0:87:e9:92:40:76:b1:89:de:
ec:08:e1:44:f2:45:86:44:b5:7b:60:48:7c:bd:cf:37:f2:4a:
77:50:39:86:ff:d4:17:11:90:f0:88:d1:69:0e:99:39:7a:5a:
d8:ff:cc:cc:34:26:6f:dd:aa:2d:c8:7b:90:54:88:57:b4:f0:
a2:e2:db:57:43:b0:f1:f2:e3:4b:26:e8:69:0e:17:0a:36:e0:
c5:d6:1d:b7:d6:dd:9f:3e:ce:b4:96:b0:15:03:47:3d:41:87:
13:a5:da:b5:de:f7:ca:be:0f:66:7a:52:fe:ec:70:79:c1:6a:
28:44:88:d7:f1:5a:73:8b:84:5b:9e:5c:05:99:a9:76:90:70:
2c:d4:74:06:19:64:7d:d8:c9:b0:b2:73:59:5c:20:ef:f7:9e:
91:ef:b0:57:59:c5:85:67:15:09:0d:59:ee:12:9d:3a:94:d7:
8d:74:0d:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0jfXxsixMi3lOwgyhvWwpwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjQwMTE5MjA1MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDcyNTkwODM0ZmE5Y2NkYmNmNTZkNTY2NjBjOGY5MTc2MzhhNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCGun3KNnghCpml+6jYXmnjMDu7Q
Cb/egrsF2HOR4iAuhYKOfj1UmGL6upaxkH3i8tT0tcH3K2vH+jvPtcaFZ/ed+mWg
USdaLbwwVuZCy2Fy5pcOrna+l/Gcu+MJ9xWs2hwAKMn2/HWSEyWj5+w2YiTQheRb
Uqu3WzgPyhxfk2fgm06qcab+KDnBnFgjrh2oaOlx6WLYsLUfwktIkj3MqVzZjVdb
HWXTsIaumK24iLeRXsoKurf7gEq3zlvhLT9ABwwRDZA2c+RGgLppHN2ysqGlHPXk
GtD/s5is7/TP2Nfnu2Q6T0LsC4E/kfy6b5DFLqBDEKUE8FnQDcYGq8q/RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRyWQg0+pzNvPVtVmYMj5F2OKWNMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEveEhKWkNEVDZuTTI4OVcxV1pneVBrWFk0cFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMtYzBjZWIwMzdhZDQy
LzEvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAww5pMA0G
CSqGSIb3DQEBCwUAA4IBAQBfWTUWGFNyV4kYcVjFzEgbD5+Id6fznx3zP6+U0qIy
KHDkQ0Cvfmrrst0O9/UMSkpBLBeVKwzdIulAW10KDogxKnHS/4a+Qhsjaabv9WrT
xYygh+mSQHaxid7sCOFE8kWGRLV7YEh8vc838kp3UDmG/9QXEZDwiNFpDpk5elrY
/8zMNCZv3aotyHuQVIhXtPCi4ttXQ7Dx8uNLJuhpDhcKNuDF1h231t2fPs60lrAV
A0c9QYcTpdq13vfKvg9melL+7HB5wWooRIjX8Vpzi4RbnlwFmal2kHAs1HQGGWR9
2MmwsnNZXCDv956R77BXWcWFZxUJDVnuEp06lNeNdA2S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:47 2024 by rpki-client on console-fra.rpki-client.org