Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a2ddad-7d4d-41cb-a693-d2d9241ec5db/1/Jd6OYuIuTMPlaSV0hB8R0Ygutkk.roa
File: Jd6OYuIuTMPlaSV0hB8R0Ygutkk.roa (raw, json)
Hash identifier: 5IZJRDOIK/MADSTActE0bAUMK9HAESW/8sVz1zX75Ec=
Subject key identifier: 25:DE:8E:62:E2:2E:4C:C3:E5:69:25:74:84:1F:11:D1:88:2E:B6:49
Certificate issuer: /CN=3372f5d118abd1291ae248e6c69d64a99a9aef06
Certificate serial: 01856EC23297592F89072848D2E57FF1CDC6
Authority key identifier: 33:72:F5:D1:18:AB:D1:29:1A:E2:48:E6:C6:9D:64:A9:9A:9A:EF:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M3L10Rir0Ska4kjmxp1kqZqa7wY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a2ddad-7d4d-41cb-a693-d2d9241ec5db/1/Jd6OYuIuTMPlaSV0hB8R0Ygutkk.roa
Signing time: Sun 01 Jan 2023 19:14:58 +0000
ROA not before: Sun 01 Jan 2023 19:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39345
IP address blocks: 195.178.102.0/23 maxlen: 23
2001:678:164::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:32:97:59:2f:89:07:28:48:d2:e5:7f:f1:cd:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3372f5d118abd1291ae248e6c69d64a99a9aef06
Validity
Not Before: Jan 1 19:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25de8e62e22e4cc3e5692574841f11d1882eb649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3d:e5:1c:25:e5:18:d1:d6:52:bf:87:7c:f3:
24:26:28:79:08:01:3c:66:07:ae:32:18:51:6b:88:
19:86:a6:e4:41:4f:c1:33:3f:69:99:82:56:b0:f9:
69:7d:fb:3a:52:c8:a9:e2:94:3e:e1:74:18:41:09:
f6:7f:0e:df:07:72:a1:70:10:c9:b7:dc:4d:32:07:
db:b0:bc:58:ba:75:f4:75:92:8b:3c:95:b5:a8:4a:
d9:1d:ca:a0:c9:ef:d9:23:51:cd:b6:7d:de:88:61:
4d:b0:07:33:4c:0f:80:93:2c:54:3f:c7:bf:fa:3d:
41:dd:1e:09:62:ca:43:6c:52:f2:b2:9f:98:ce:26:
b5:b5:0c:a1:e1:8d:b4:2f:55:3d:98:a5:70:94:a3:
59:3b:a7:dc:7c:7e:84:78:0b:ce:57:c8:91:99:66:
2c:3e:f9:b7:02:d6:da:4d:cb:d3:28:21:01:d2:14:
a3:f0:a9:90:77:f5:8d:0e:f6:5b:9e:30:95:a5:8f:
af:e0:23:3a:2f:21:0c:1b:ab:18:e1:b6:ff:54:c8:
c4:14:dd:e2:f6:3e:d1:ec:52:89:bb:4e:c5:8f:51:
aa:d1:e7:2c:07:40:93:12:f0:d8:f7:6f:46:2f:c6:
28:de:93:30:2a:53:bd:92:b0:31:99:2a:e7:9f:18:
47:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:DE:8E:62:E2:2E:4C:C3:E5:69:25:74:84:1F:11:D1:88:2E:B6:49
X509v3 Authority Key Identifier:
keyid:33:72:F5:D1:18:AB:D1:29:1A:E2:48:E6:C6:9D:64:A9:9A:9A:EF:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M3L10Rir0Ska4kjmxp1kqZqa7wY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a2ddad-7d4d-41cb-a693-d2d9241ec5db/1/Jd6OYuIuTMPlaSV0hB8R0Ygutkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a2ddad-7d4d-41cb-a693-d2d9241ec5db/1/M3L10Rir0Ska4kjmxp1kqZqa7wY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.178.102.0/23
IPv6:
2001:678:164::/48
Signature Algorithm: sha256WithRSAEncryption
44:99:b7:06:ec:86:88:83:c0:3a:fc:87:f6:99:9b:6e:28:3c:
ea:a7:af:60:df:06:90:33:df:65:dc:f6:3d:5d:20:03:67:c5:
74:85:8e:b7:be:99:9d:e6:83:f2:1b:7d:61:aa:f4:c2:ef:30:
20:55:c4:e3:d3:a5:3b:77:b9:70:45:09:4b:d5:61:cb:3c:f7:
9d:fd:c1:d1:9a:26:30:8c:c5:1d:18:02:60:d0:79:fb:10:2b:
83:2e:1a:2d:d6:22:f3:da:71:33:21:88:67:a3:42:58:2a:e8:
d6:10:d1:d7:c1:f4:a0:3e:9f:17:2c:a7:52:db:ac:f6:53:ae:
d0:be:ef:2e:5f:4a:83:c4:75:20:70:56:2a:d3:ba:30:4a:f7:
e1:6f:5b:f0:81:04:c8:39:b5:81:4a:96:e9:11:cc:cd:85:b5:
7f:b3:54:06:f9:b4:98:17:c9:94:65:4e:59:c9:4b:c5:dc:11:
e6:f6:2d:f7:29:b3:e8:31:54:84:4d:54:36:af:44:c0:ba:c7:
d0:f6:59:bf:37:76:2d:b9:e3:e5:27:df:cd:01:a3:6e:7c:f5:
33:06:af:b8:20:80:32:69:b9:ca:c2:6b:c0:42:4c:4e:d5:3c:
57:b9:96:af:eb:f3:97:5a:49:e1:1e:52:04:59:db:bf:ca:00:
34:b5:fd:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuwjKXWS+JByhI0uV/8c3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNzJmNWQxMThhYmQxMjkxYWUyNDhlNmM2OWQ2NGE5OWE5
YWVmMDYwHhcNMjMwMTAxMTkxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWRlOGU2MmUyMmU0Y2MzZTU2OTI1NzQ4NDFmMTFkMTg4MmViNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgT3lHCXlGNHWUr+HfPMkJih5CAE8
ZgeuMhhRa4gZhqbkQU/BMz9pmYJWsPlpffs6Usip4pQ+4XQYQQn2fw7fB3KhcBDJ
t9xNMgfbsLxYunX0dZKLPJW1qErZHcqgye/ZI1HNtn3eiGFNsAczTA+AkyxUP8e/
+j1B3R4JYspDbFLysp+Yzia1tQyh4Y20L1U9mKVwlKNZO6fcfH6EeAvOV8iRmWYs
Pvm3AtbaTcvTKCEB0hSj8KmQd/WNDvZbnjCVpY+v4CM6LyEMG6sY4bb/VMjEFN3i
9j7R7FKJu07Fj1Gq0ecsB0CTEvDY929GL8Yo3pMwKlO9krAxmSrnnxhHIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCXejmLiLkzD5WkldIQfEdGILrZJMB8GA1UdIwQY
MBaAFDNy9dEYq9EpGuJI5sadZKmamu8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTNMMTBSaXIwU2thNGtqbXhwMWtxWnFhN3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hMmRkYWQtN2Q0ZC00MWNiLWE2OTMt
ZDJkOTI0MWVjNWRiLzEvSmQ2T1l1SXVUTVBsYVNWMGhCOFIwWWd1dGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hMmRkYWQtN2Q0ZC00MWNiLWE2OTMtZDJkOTI0MWVjNWRi
LzEvTTNMMTBSaXIwU2thNGtqbXhwMWtxWnFhN3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw7JmMA8E
AgACMAkDBwAgAQZ4AWQwDQYJKoZIhvcNAQELBQADggEBAESZtwbshoiDwDr8h/aZ
m24oPOqnr2DfBpAz32Xc9j1dIANnxXSFjre+mZ3mg/IbfWGq9MLvMCBVxOPTpTt3
uXBFCUvVYcs89539wdGaJjCMxR0YAmDQefsQK4MuGi3WIvPacTMhiGejQlgq6NYQ
0dfB9KA+nxcsp1LbrPZTrtC+7y5fSoPEdSBwVirTujBK9+FvW/CBBMg5tYFKlukR
zM2FtX+zVAb5tJgXyZRlTlnJS8XcEeb2Lfcps+gxVIRNVDavRMC6x9D2Wb83di25
4+Un380Bo2589TMGr7gggDJpucrCa8BCTE7VPFe5lq/r85daSeEeUgRZ27/KADS1
/d4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:30 2024 by rpki-client on console-fra.rpki-client.org