Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/C1HDkkBcq4-KtScVHtuA9UBF5KE.roa
File: C1HDkkBcq4-KtScVHtuA9UBF5KE.roa (raw, json)
Hash identifier: HV43YCPVvkgiOGtZNBj4KYmSlsBqv8zhBN16p540h78=
Subject key identifier: 0B:51:C3:92:40:5C:AB:8F:8A:B5:27:15:1E:DB:80:F5:40:45:E4:A1
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 018B075615A36AEBEA54579468768539B4FC
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/C1HDkkBcq4-KtScVHtuA9UBF5KE.roa
Signing time: Fri 06 Oct 2023 23:32:43 +0000
ROA not before: Fri 06 Oct 2023 23:32:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50098
IP address blocks: 195.211.220.0/24 maxlen: 24
195.211.221.0/24 maxlen: 24
195.211.222.0/24 maxlen: 24
195.211.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:07:56:15:a3:6a:eb:ea:54:57:94:68:76:85:39:b4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Oct 6 23:32:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b51c392405cab8f8ab527151edb80f54045e4a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:71:ef:37:5b:3c:a8:79:93:d9:55:d6:63:d5:
6f:7b:7c:ee:3d:05:5b:f0:45:6b:72:79:b0:f1:7d:
89:41:43:13:c4:fb:c4:21:40:fc:62:a5:ca:12:50:
39:53:66:9a:4b:23:7b:51:30:5c:38:6c:d8:5f:36:
99:88:eb:10:8d:e4:a3:37:0b:ca:60:3a:41:05:b2:
97:df:74:cc:38:26:38:a8:c1:fe:e3:68:a2:a5:0d:
79:db:8e:bf:d3:3f:b0:e3:e4:2b:79:da:a9:81:6d:
2e:a8:5b:2e:eb:5e:37:c7:df:ca:df:3e:3b:25:a0:
2d:5d:0d:e5:bc:09:ea:ce:5b:e4:cc:29:75:7f:9f:
c7:9a:e2:1b:8e:58:d8:83:5f:8b:38:f7:de:33:88:
f1:64:7a:d1:87:3b:86:7c:f4:f3:e0:6c:4e:9b:ef:
c8:bf:1c:61:d7:29:af:01:29:88:da:1d:92:ed:e2:
fe:59:ac:15:66:07:c2:af:c6:89:ae:27:9a:37:cc:
97:80:82:bb:09:7d:f9:cf:20:40:00:61:e3:38:6e:
f1:d8:ce:50:2e:00:da:59:de:89:15:1f:32:8d:8c:
60:ca:f2:9f:ee:09:62:c8:80:30:8a:92:0b:b8:db:
c7:ec:00:d2:17:b2:cb:5f:77:81:3a:04:ca:de:3c:
7a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:51:C3:92:40:5C:AB:8F:8A:B5:27:15:1E:DB:80:F5:40:45:E4:A1
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/C1HDkkBcq4-KtScVHtuA9UBF5KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.220.0/22
Signature Algorithm: sha256WithRSAEncryption
46:46:06:f4:bf:db:79:e7:4c:ff:ef:df:79:71:89:3a:4b:45:
5b:e7:ba:76:5b:ef:f8:cd:56:98:37:6a:61:b9:28:78:44:b1:
0e:b2:c7:aa:e5:fa:6f:46:27:1d:61:8d:a1:b4:db:43:72:e9:
45:32:49:cf:64:63:ed:6e:92:12:00:72:6b:2b:97:b3:0d:83:
28:68:03:bd:b8:f7:30:79:4f:2a:30:26:67:ce:a7:a8:ce:85:
22:46:fb:5d:58:3b:e3:85:a2:85:ad:10:ad:37:39:df:f3:b6:
f8:e9:c1:12:70:1d:f6:c3:ca:d8:49:4e:c3:e8:b6:11:31:10:
17:8b:1c:0a:67:d0:c3:65:5f:05:be:c8:99:2d:9c:d3:58:88:
0c:84:f2:99:37:61:f7:0b:f5:ce:ee:30:45:f0:89:6e:cf:dd:
55:32:da:14:44:8d:ac:e8:02:5b:26:9f:85:c7:f2:f6:ad:35:
4b:75:0a:d2:58:71:95:c3:20:a9:a1:42:b9:d5:71:c0:30:a2:
a2:41:33:08:e1:b4:b0:f6:03:e1:92:3d:89:98:42:1a:25:df:
9a:df:7a:d9:0f:2f:e4:aa:31:18:6a:89:da:6e:db:3e:09:a9:
67:00:9e:47:5d:5a:50:86:bd:ef:2b:c2:88:7c:06:2c:55:b2:
4c:30:af:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsHVhWjauvqVFeUaHaFObT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMxMDA2MjMzMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjUxYzM5MjQwNWNhYjhmOGFiNTI3MTUxZWRiODBmNTQwNDVlNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXHvN1s8qHmT2VXWY9Vve3zuPQVb
8EVrcnmw8X2JQUMTxPvEIUD8YqXKElA5U2aaSyN7UTBcOGzYXzaZiOsQjeSjNwvK
YDpBBbKX33TMOCY4qMH+42iipQ15246/0z+w4+QredqpgW0uqFsu6143x9/K3z47
JaAtXQ3lvAnqzlvkzCl1f5/HmuIbjljYg1+LOPfeM4jxZHrRhzuGfPTz4GxOm+/I
vxxh1ymvASmI2h2S7eL+WawVZgfCr8aJrieaN8yXgIK7CX35zyBAAGHjOG7x2M5Q
LgDaWd6JFR8yjYxgyvKf7gliyIAwipILuNvH7ADSF7LLX3eBOgTK3jx6bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtRw5JAXKuPirUnFR7bgPVAReShMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvQzFIRGtrQmNxNC1LdFNjVkh0dUE5VUJGNUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw9PcMA0G
CSqGSIb3DQEBCwUAA4IBAQBGRgb0v9t550z/7995cYk6S0Vb57p2W+/4zVaYN2ph
uSh4RLEOsseq5fpvRicdYY2htNtDculFMknPZGPtbpISAHJrK5ezDYMoaAO9uPcw
eU8qMCZnzqeozoUiRvtdWDvjhaKFrRCtNznf87b46cEScB32w8rYSU7D6LYRMRAX
ixwKZ9DDZV8FvsiZLZzTWIgMhPKZN2H3C/XO7jBF8Iluz91VMtoURI2s6AJbJp+F
x/L2rTVLdQrSWHGVwyCpoUK51XHAMKKiQTMI4bSw9gPhkj2JmEIaJd+a33rZDy/k
qjEYaonabts+CalnAJ5HXVpQhr3vK8KIfAYsVbJMMK/X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:37 2024 by rpki-client on console-ams.rpki-client.org