Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/KU2F0cEptwlfZFyvC50C_huvX-w.roa
File: KU2F0cEptwlfZFyvC50C_huvX-w.roa (raw, json)
Hash identifier: AtGSfIte4q2CqnEk4HQMtfncpS4BbcD5+khKbUrOdVk=
Subject key identifier: 29:4D:85:D1:C1:29:B7:09:5F:64:5C:AF:0B:9D:02:FE:1B:AF:5F:EC
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 018D6ECE164CBEEA3A0FAF3097BD97E5EE1A
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/KU2F0cEptwlfZFyvC50C_huvX-w.roa
Signing time: Sat 03 Feb 2024 11:50:16 +0000
ROA not before: Sat 03 Feb 2024 11:50:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 195.96.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 16:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6e:ce:16:4c:be:ea:3a:0f:af:30:97:bd:97:e5:ee:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Feb 3 11:50:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=294d85d1c129b7095f645caf0b9d02fe1baf5fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:89:c6:b2:c6:f7:04:3d:57:b0:15:e2:17:62:
5c:36:15:0d:a7:7c:a9:e3:ce:5b:09:8c:db:f0:93:
53:b4:a2:36:e3:ab:81:48:06:ab:7e:6e:91:ef:46:
cf:17:74:92:28:4d:51:49:49:e3:78:fa:72:be:e2:
32:cc:e1:e3:71:1e:12:63:a9:6f:bb:91:03:c2:07:
1c:a2:29:b1:98:40:7b:96:2b:19:0b:19:35:2d:74:
92:16:be:ac:64:4a:9c:ae:ba:cf:c7:82:1c:c7:d5:
29:d6:6c:0d:8d:a2:0f:fd:fd:e3:b7:34:81:71:e1:
e5:61:d0:a0:54:df:52:42:1f:ff:05:39:18:7a:40:
76:07:9c:4c:78:32:95:69:7e:9a:52:fd:77:20:8b:
e2:7e:2f:ac:a7:0f:0e:d4:e2:cf:12:28:ed:c7:ea:
05:d2:7b:ed:2e:58:1f:bb:5e:1a:00:fd:e8:40:cc:
4e:4f:a2:98:23:09:6f:f3:31:3e:f7:37:ac:65:3a:
fe:f0:7f:2a:ef:1e:47:e5:b3:fc:89:c8:21:a6:37:
67:a6:b6:3a:5c:06:c1:4e:9d:4b:81:5c:14:5a:07:
5a:99:43:88:87:01:32:f0:1d:c4:b2:23:0b:46:72:
84:41:57:b6:c6:28:47:10:06:c9:3e:f4:e0:db:00:
d4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4D:85:D1:C1:29:B7:09:5F:64:5C:AF:0B:9D:02:FE:1B:AF:5F:EC
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/KU2F0cEptwlfZFyvC50C_huvX-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:ba:61:07:84:29:ba:12:d2:32:8d:d1:12:36:31:41:38:45:
75:20:01:13:26:e7:14:df:f5:90:55:51:46:72:76:a2:1b:b2:
c0:5a:77:e8:c1:0f:e2:c4:3f:ca:5a:e4:45:64:d4:9b:aa:b2:
28:da:c1:dc:d0:d8:49:0d:68:37:7c:d0:d5:4d:82:3f:33:9a:
6c:d3:ab:d9:3c:31:d0:b3:34:02:1b:ac:d5:a9:64:a9:25:d2:
ee:bd:5d:6c:2c:08:6d:80:bd:27:f5:bf:29:a5:9b:74:01:8a:
0f:7d:2f:a2:da:6e:1d:f1:67:9f:85:47:4b:2d:1c:c4:3d:f1:
f5:95:f3:75:f6:a4:c1:7c:04:6b:d4:21:e0:a4:f1:a9:69:c5:
ed:63:87:cf:c2:b7:7d:cc:48:00:17:e9:7a:08:55:a0:b9:fe:
07:3e:03:6c:7c:6c:e4:44:36:c1:bb:b8:c5:ec:3f:6c:8e:38:
6b:70:12:cb:61:16:d3:86:43:14:fc:80:17:e1:fd:91:70:63:
06:16:e3:d9:9a:4b:bd:60:72:a4:de:bd:a9:b2:b1:09:58:fc:
58:3a:3c:f7:c7:3f:d0:1b:5c:c3:dc:e8:c0:69:54:c5:2c:48:
34:e0:39:13:a3:63:b6:de:c4:69:d0:80:9a:02:2e:40:07:c1:
f4:c3:ee:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1uzhZMvuo6D68wl72X5e4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQwMjAzMTE1MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTRkODVkMWMxMjliNzA5NWY2NDVjYWYwYjlkMDJmZTFiYWY1ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjonGssb3BD1XsBXiF2JcNhUNp3yp
485bCYzb8JNTtKI246uBSAarfm6R70bPF3SSKE1RSUnjePpyvuIyzOHjcR4SY6lv
u5EDwgccoimxmEB7lisZCxk1LXSSFr6sZEqcrrrPx4Icx9Up1mwNjaIP/f3jtzSB
ceHlYdCgVN9SQh//BTkYekB2B5xMeDKVaX6aUv13IIvifi+spw8O1OLPEijtx+oF
0nvtLlgfu14aAP3oQMxOT6KYIwlv8zE+9zesZTr+8H8q7x5H5bP8icghpjdnprY6
XAbBTp1LgVwUWgdamUOIhwEy8B3EsiMLRnKEQVe2xihHEAbJPvTg2wDUdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClNhdHBKbcJX2RcrwudAv4br1/sMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvS1UyRjBjRXB0d2xmWkZ5dkM1MENfaHV2WC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CBMA0G
CSqGSIb3DQEBCwUAA4IBAQCwumEHhCm6EtIyjdESNjFBOEV1IAETJucU3/WQVVFG
cnaiG7LAWnfowQ/ixD/KWuRFZNSbqrIo2sHc0NhJDWg3fNDVTYI/M5ps06vZPDHQ
szQCG6zVqWSpJdLuvV1sLAhtgL0n9b8ppZt0AYoPfS+i2m4d8WefhUdLLRzEPfH1
lfN19qTBfARr1CHgpPGpacXtY4fPwrd9zEgAF+l6CFWguf4HPgNsfGzkRDbBu7jF
7D9sjjhrcBLLYRbThkMU/IAX4f2RcGMGFuPZmku9YHKk3r2psrEJWPxYOjz3xz/Q
G1zD3OjAaVTFLEg04DkTo2O23sRp0ICaAi5AB8H0w+7P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org