Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/631521-d4b7-4f10-8c06-87aa285f807c/1/1u9SMUGFN5ZeHw6pPo207nAopGY.roa
File: 1u9SMUGFN5ZeHw6pPo207nAopGY.roa (raw, json)
Hash identifier: eNKGOZcAjiRmfJFmWZ/VjbZgUCgHDCWXNZWAYoE+tZI=
Subject key identifier: D6:EF:52:31:41:85:37:96:5E:1F:0E:A9:3E:8D:B4:EE:70:28:A4:66
Certificate issuer: /CN=cf5ef7a870d4b148eb1d4f4fe666ed5054adeaec
Certificate serial: 01856E266F20751EBA086D82DA885B57F90A
Authority key identifier: CF:5E:F7:A8:70:D4:B1:48:EB:1D:4F:4F:E6:66:ED:50:54:AD:EA:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z173qHDUsUjrHU9P5mbtUFSt6uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/631521-d4b7-4f10-8c06-87aa285f807c/1/1u9SMUGFN5ZeHw6pPo207nAopGY.roa
Signing time: Sun 01 Jan 2023 16:24:50 +0000
ROA not before: Sun 01 Jan 2023 16:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29028
IP address blocks: 195.20.143.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:6f:20:75:1e:ba:08:6d:82:da:88:5b:57:f9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf5ef7a870d4b148eb1d4f4fe666ed5054adeaec
Validity
Not Before: Jan 1 16:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6ef5231418537965e1f0ea93e8db4ee7028a466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:01:f6:7d:de:45:8d:97:ef:85:81:ef:9f:8d:
67:82:50:b0:cd:68:4a:10:11:66:96:2c:0b:d5:f2:
21:fc:00:22:52:ff:37:fe:7a:d3:f7:1a:96:bd:f3:
6b:1a:f6:31:c1:7d:7a:25:aa:aa:69:51:02:98:62:
20:1c:05:d2:88:d3:5f:6d:01:14:55:12:89:a8:0f:
6a:ec:c6:86:49:01:ba:0a:8c:9e:cc:de:1b:73:02:
09:50:39:2c:3e:73:1a:b5:0a:74:82:ce:35:7c:f1:
cf:28:50:89:ec:3e:b7:30:b1:73:61:ea:48:63:15:
11:e0:fc:99:d0:cf:8c:f2:4d:47:e0:cb:32:02:a1:
d5:79:a0:c4:d4:21:bd:38:e2:d6:13:fa:06:9a:41:
3f:1a:16:2e:33:e6:97:4c:5c:ce:95:a2:bc:e8:62:
bb:cc:34:b5:04:1b:a0:b9:bf:60:2c:c1:1d:b4:f8:
cf:20:58:b1:3e:6d:59:ec:1b:5e:4f:d4:52:69:d9:
32:6b:1b:06:b0:80:6c:88:fb:37:45:e8:82:77:1c:
9f:c5:4c:a6:49:fc:07:9c:70:7a:cf:db:8b:10:73:
fe:0d:94:20:b6:15:21:fc:dd:fc:2f:d4:2f:39:7b:
d8:20:41:eb:49:76:3b:42:90:77:f0:3f:c0:20:a7:
b6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:EF:52:31:41:85:37:96:5E:1F:0E:A9:3E:8D:B4:EE:70:28:A4:66
X509v3 Authority Key Identifier:
keyid:CF:5E:F7:A8:70:D4:B1:48:EB:1D:4F:4F:E6:66:ED:50:54:AD:EA:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z173qHDUsUjrHU9P5mbtUFSt6uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/631521-d4b7-4f10-8c06-87aa285f807c/1/1u9SMUGFN5ZeHw6pPo207nAopGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/631521-d4b7-4f10-8c06-87aa285f807c/1/z173qHDUsUjrHU9P5mbtUFSt6uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.143.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:91:51:88:3c:d0:13:16:31:b5:39:76:4b:22:6a:65:b5:95:
1d:10:88:3c:a6:ac:33:a5:f7:a0:b7:8b:a3:d5:c6:38:46:dd:
3b:b1:40:ba:80:f1:80:3b:68:fa:85:a4:2b:c2:81:e9:c4:68:
3f:09:1d:86:08:bc:c5:7c:7c:69:48:eb:72:3d:36:51:65:29:
20:26:3c:43:ef:ec:8f:5c:5f:aa:c0:0b:1e:ae:1a:c6:4c:cc:
ed:05:b8:29:c6:d6:d7:2a:aa:2c:28:59:e6:a4:a2:d8:a1:b0:
14:7c:00:ce:c9:4e:8b:b3:52:f5:6d:c7:0f:53:4a:50:68:32:
16:a1:7b:4f:3a:2d:4c:68:46:27:fb:b4:12:a8:5d:e7:2c:a8:
1a:6b:f5:7c:33:29:d1:b7:e7:1f:91:5c:6d:55:0f:30:ee:e0:
b8:e5:92:72:18:73:fd:ff:db:a2:de:d5:b4:40:a5:9c:d7:18:
07:b5:28:be:72:11:83:2d:2e:c9:52:c2:a8:f0:25:c2:9c:b6:
e4:58:44:12:75:41:b4:75:95:05:c7:2d:2e:87:98:ee:1e:49:
09:79:49:d4:48:22:8b:8c:8b:ef:1b:84:85:b3:e8:17:7f:fb:
23:92:4c:59:93:1e:80:79:fd:01:ef:06:45:1b:90:dc:dd:4e:
91:8c:f7:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJm8gdR66CG2C2ohbV/kKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNWVmN2E4NzBkNGIxNDhlYjFkNGY0ZmU2NjZlZDUwNTRh
ZGVhZWMwHhcNMjMwMTAxMTYyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmVmNTIzMTQxODUzNzk2NWUxZjBlYTkzZThkYjRlZTcwMjhhNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQH2fd5FjZfvhYHvn41nglCwzWhK
EBFmliwL1fIh/AAiUv83/nrT9xqWvfNrGvYxwX16JaqqaVECmGIgHAXSiNNfbQEU
VRKJqA9q7MaGSQG6CoyezN4bcwIJUDksPnMatQp0gs41fPHPKFCJ7D63MLFzYepI
YxUR4PyZ0M+M8k1H4MsyAqHVeaDE1CG9OOLWE/oGmkE/GhYuM+aXTFzOlaK86GK7
zDS1BBugub9gLMEdtPjPIFixPm1Z7BteT9RSadkyaxsGsIBsiPs3ReiCdxyfxUym
SfwHnHB6z9uLEHP+DZQgthUh/N38L9QvOXvYIEHrSXY7QpB38D/AIKe2hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbvUjFBhTeWXh8OqT6NtO5wKKRmMB8GA1UdIwQY
MBaAFM9e96hw1LFI6x1PT+Zm7VBUrersMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejE3M3FIRFVzVWpySFU5UDVtYnRVRlN0NnV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82MzE1MjEtZDRiNy00ZjEwLThjMDYt
ODdhYTI4NWY4MDdjLzEvMXU5U01VR0ZONVplSHc2cFBvMjA3bkFvcEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82MzE1MjEtZDRiNy00ZjEwLThjMDYtODdhYTI4NWY4MDdj
LzEvejE3M3FIRFVzVWpySFU5UDVtYnRVRlN0NnV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxSPMA0G
CSqGSIb3DQEBCwUAA4IBAQB9kVGIPNATFjG1OXZLImpltZUdEIg8pqwzpfegt4uj
1cY4Rt07sUC6gPGAO2j6haQrwoHpxGg/CR2GCLzFfHxpSOtyPTZRZSkgJjxD7+yP
XF+qwAserhrGTMztBbgpxtbXKqosKFnmpKLYobAUfADOyU6Ls1L1bccPU0pQaDIW
oXtPOi1MaEYn+7QSqF3nLKgaa/V8MynRt+cfkVxtVQ8w7uC45ZJyGHP9/9ui3tW0
QKWc1xgHtSi+chGDLS7JUsKo8CXCnLbkWEQSdUG0dZUFxy0uh5juHkkJeUnUSCKL
jIvvG4SFs+gXf/sjkkxZkx6Aef0B7wZFG5Dc3U6RjPfY
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:13 2024 by rpki-client on console-fra.rpki-client.org