Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/de97dd-e721-4192-b8b4-d4b725d0676c/1/kFH8uGXUjic7zcD5woSdPjo4fng.roa
File: kFH8uGXUjic7zcD5woSdPjo4fng.roa (raw, json)
Hash identifier: GECgukuP96Cra/XQwtKsV0Mxi8Csuc8uNeylDmCN3Ac=
Subject key identifier: 90:51:FC:B8:65:D4:8E:27:3B:CD:C0:F9:C2:84:9D:3E:3A:38:7E:78
Certificate issuer: /CN=1375aa5e37c42f7deb7f3b0e9670bf59a2aca6b5
Certificate serial: 01930E0D6E7735011D3CF306121DF1EC11AA
Authority key identifier: 13:75:AA:5E:37:C4:2F:7D:EB:7F:3B:0E:96:70:BF:59:A2:AC:A6:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3WqXjfEL33rfzsOlnC_WaKsprU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/de97dd-e721-4192-b8b4-d4b725d0676c/1/kFH8uGXUjic7zcD5woSdPjo4fng.roa
Signing time: Fri 08 Nov 2024 23:13:01 +0000
ROA not before: Fri 08 Nov 2024 23:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214754
IP address blocks: 195.26.234.0/23 maxlen: 24
2a0a:9940::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 10 Nov 2024 15:53:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0e:0d:6e:77:35:01:1d:3c:f3:06:12:1d:f1:ec:11:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1375aa5e37c42f7deb7f3b0e9670bf59a2aca6b5
Validity
Not Before: Nov 8 23:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9051fcb865d48e273bcdc0f9c2849d3e3a387e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:8c:eb:ad:5c:02:4b:d1:70:69:f3:5e:1c:34:
60:25:ae:78:ef:1d:59:6c:9c:7f:4a:9a:d5:bd:26:
18:5c:27:12:64:e9:3c:e7:18:1d:65:69:13:6f:a3:
24:22:a5:25:be:80:9c:5d:6e:6d:55:67:cf:3b:02:
54:22:07:63:20:37:39:79:5b:79:65:68:89:98:ed:
bd:24:91:c4:e1:57:db:5c:1e:36:28:c5:42:8b:c4:
3b:02:e7:5f:2f:e8:6e:d0:5d:c5:d3:ef:22:3d:c0:
f6:d5:68:e1:c6:5a:69:9c:b8:40:6e:12:37:9f:44:
05:7f:b1:c3:5d:aa:78:89:02:57:93:12:0c:3c:fa:
bc:ab:51:6b:70:50:c8:6d:b8:0a:c6:6a:ee:6b:8b:
07:23:78:fe:8c:d0:68:6b:ac:2d:c0:c6:9c:3f:06:
53:40:21:48:77:8b:33:33:57:75:11:cf:d9:30:29:
d4:fb:83:71:ac:34:f7:e1:21:53:59:e0:0e:ed:b3:
07:71:e3:6e:08:ea:e4:58:04:2b:5b:fd:5d:ee:b0:
66:0a:3a:9b:d9:eb:a6:68:cf:c9:04:76:64:3c:3d:
ac:76:a4:13:0a:01:56:f5:13:ca:e4:95:da:8f:dd:
94:86:8e:80:60:de:59:3c:13:ff:09:58:5f:1c:bb:
89:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:51:FC:B8:65:D4:8E:27:3B:CD:C0:F9:C2:84:9D:3E:3A:38:7E:78
X509v3 Authority Key Identifier:
keyid:13:75:AA:5E:37:C4:2F:7D:EB:7F:3B:0E:96:70:BF:59:A2:AC:A6:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3WqXjfEL33rfzsOlnC_WaKsprU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/de97dd-e721-4192-b8b4-d4b725d0676c/1/kFH8uGXUjic7zcD5woSdPjo4fng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/de97dd-e721-4192-b8b4-d4b725d0676c/1/E3WqXjfEL33rfzsOlnC_WaKsprU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.234.0/23
IPv6:
2a0a:9940::/29
Signature Algorithm: sha256WithRSAEncryption
ce:81:61:f5:1b:eb:ce:55:4b:ee:46:d8:a2:3c:65:5d:3c:a0:
de:05:17:ea:50:90:ef:15:36:23:4b:a0:13:45:bd:5d:aa:a8:
0e:d2:be:70:1e:f8:8f:01:35:7b:fd:ea:36:65:3f:ae:c2:9f:
cb:4b:5d:5c:d0:e4:ae:26:a8:e0:ed:4d:25:e1:f8:d8:f3:bc:
fa:d5:c7:65:4e:c0:68:a4:ab:a2:8c:9c:c5:ea:50:43:8f:d8:
9e:53:f2:47:0d:31:fe:73:d8:d3:eb:0b:f2:5e:3b:8b:9d:22:
02:99:99:a3:8b:9d:52:fc:c9:65:7a:b3:7d:59:e3:4d:36:80:
dd:c1:7b:1c:71:c9:ce:80:1a:72:7b:4e:2b:b9:11:01:24:3c:
a7:83:53:a0:2e:b7:e0:f3:c0:9f:ad:a5:c3:4f:b9:c8:8c:0d:
83:89:6a:cb:53:ef:75:18:43:12:9f:a9:5a:0f:1d:10:24:43:
de:fa:94:b0:12:3c:50:e5:80:70:bd:4b:80:3f:ed:58:21:8f:
64:a7:d3:b3:0a:c3:bc:39:05:af:de:fc:63:47:31:4b:e2:b6:
3d:0f:37:03:63:ed:40:9a:37:10:f9:c1:b9:28:09:37:3c:d0:
35:33:8e:24:72:2a:ba:17:53:ed:af:90:07:5e:b3:fd:d9:14:
9d:f3:ae:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMODW53NQEdPPMGEh3x7BGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzVhYTVlMzdjNDJmN2RlYjdmM2IwZTk2NzBiZjU5YTJh
Y2E2YjUwHhcNMjQxMTA4MjMxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDUxZmNiODY1ZDQ4ZTI3M2JjZGMwZjljMjg0OWQzZTNhMzg3ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IzrrVwCS9FwafNeHDRgJa547x1Z
bJx/SprVvSYYXCcSZOk85xgdZWkTb6MkIqUlvoCcXW5tVWfPOwJUIgdjIDc5eVt5
ZWiJmO29JJHE4VfbXB42KMVCi8Q7AudfL+hu0F3F0+8iPcD21WjhxlppnLhAbhI3
n0QFf7HDXap4iQJXkxIMPPq8q1FrcFDIbbgKxmrua4sHI3j+jNBoa6wtwMacPwZT
QCFId4szM1d1Ec/ZMCnU+4NxrDT34SFTWeAO7bMHceNuCOrkWAQrW/1d7rBmCjqb
2eumaM/JBHZkPD2sdqQTCgFW9RPK5JXaj92Uho6AYN5ZPBP/CVhfHLuJbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJBR/Lhl1I4nO83A+cKEnT46OH54MB8GA1UdIwQY
MBaAFBN1ql43xC996387DpZwv1mirKa1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNXcVhqZkVMMzNyZnpzT2xuQ19XYUtzcHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZTk3ZGQtZTcyMS00MTkyLWI4YjQt
ZDRiNzI1ZDA2NzZjLzEva0ZIOHVHWFVqaWM3emNENXdvU2RQam80Zm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZTk3ZGQtZTcyMS00MTkyLWI4YjQtZDRiNzI1ZDA2NzZj
LzEvRTNXcVhqZkVMMzNyZnpzT2xuQ19XYUtzcHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwxrqMA0E
AgACMAcDBQMqCplAMA0GCSqGSIb3DQEBCwUAA4IBAQDOgWH1G+vOVUvuRtiiPGVd
PKDeBRfqUJDvFTYjS6ATRb1dqqgO0r5wHviPATV7/eo2ZT+uwp/LS11c0OSuJqjg
7U0l4fjY87z61cdlTsBopKuijJzF6lBDj9ieU/JHDTH+c9jT6wvyXjuLnSICmZmj
i51S/MllerN9WeNNNoDdwXscccnOgBpye04ruREBJDyng1OgLrfg88CfraXDT7nI
jA2DiWrLU+91GEMSn6laDx0QJEPe+pSwEjxQ5YBwvUuAP+1YIY9kp9OzCsO8OQWv
3vxjRzFL4rY9DzcDY+1AmjcQ+cG5KAk3PNA1M44kciq6F1Ptr5AHXrP92RSd866z
-----END CERTIFICATE-----
Generated at Sun Nov 10 18:27:47 2024 by rpki-client on console-fra.rpki-client.org