Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/IxMcCartSupEQgrLmv7nlPCm1bw.roa
File: IxMcCartSupEQgrLmv7nlPCm1bw.roa (raw, json)
Hash identifier: 8HI7MdoLkQtQmbCssBPGrPz6V2ve3TA1SV9gcNMp+5k=
Subject key identifier: 23:13:1C:09:AA:ED:4A:EA:44:42:0A:CB:9A:FE:E7:94:F0:A6:D5:BC
Certificate issuer: /CN=2e8edab12215e29bd38c1da9b5e396bd0c96be09
Certificate serial: 018571F0DFB7FCC3CE165AADDF132A35CA33
Authority key identifier: 2E:8E:DA:B1:22:15:E2:9B:D3:8C:1D:A9:B5:E3:96:BD:0C:96:BE:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lo7asSIV4pvTjB2pteOWvQyWvgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/IxMcCartSupEQgrLmv7nlPCm1bw.roa
Signing time: Mon 02 Jan 2023 10:04:49 +0000
ROA not before: Mon 02 Jan 2023 10:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29425
IP address blocks: 195.149.105.0/24 maxlen: 24
46.255.136.0/21 maxlen: 21
46.255.142.0/24 maxlen: 24
2a00:95a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:df:b7:fc:c3:ce:16:5a:ad:df:13:2a:35:ca:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8edab12215e29bd38c1da9b5e396bd0c96be09
Validity
Not Before: Jan 2 10:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23131c09aaed4aea44420acb9afee794f0a6d5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bc:26:af:79:53:3f:6c:95:7c:4a:ae:85:12:
99:d6:97:9d:c4:3a:6b:d3:85:50:27:fc:13:01:7d:
cc:2a:df:9f:54:91:27:be:7d:70:74:f5:3d:ef:45:
1f:3d:41:ec:8e:4d:f4:de:e9:a6:36:ee:96:66:d9:
5c:ed:60:21:6b:69:9f:d4:8e:fb:65:20:1f:01:14:
ba:87:39:be:c2:ce:d8:f7:1f:32:e3:b1:15:fd:68:
c3:ba:8f:fa:86:b1:6e:ba:33:90:8e:81:b7:08:ea:
97:f4:95:a1:81:b9:be:81:40:27:d4:e6:79:e9:f5:
a5:85:f6:c6:5d:de:05:bb:4e:d1:65:64:c3:37:15:
47:74:e5:1e:70:e5:35:e4:05:8f:21:36:67:57:70:
68:06:eb:b4:a6:38:ce:78:3c:2d:8b:0e:0b:ce:cc:
70:1a:64:a1:ab:90:e7:72:88:37:62:28:aa:2c:34:
ce:0b:92:e5:33:e5:b3:3c:bb:48:62:39:8a:44:a7:
cd:72:a2:41:af:2a:40:9e:f9:2f:5e:8c:bd:53:50:
70:a5:ff:e9:c3:66:2e:e6:55:5c:6a:e1:4c:0c:44:
f5:09:67:a6:6d:e2:9f:14:e8:b9:4e:e0:3f:e8:0a:
e9:88:ed:3b:26:8e:18:23:ad:0c:61:df:1b:42:43:
c0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:13:1C:09:AA:ED:4A:EA:44:42:0A:CB:9A:FE:E7:94:F0:A6:D5:BC
X509v3 Authority Key Identifier:
keyid:2E:8E:DA:B1:22:15:E2:9B:D3:8C:1D:A9:B5:E3:96:BD:0C:96:BE:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lo7asSIV4pvTjB2pteOWvQyWvgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/IxMcCartSupEQgrLmv7nlPCm1bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/Lo7asSIV4pvTjB2pteOWvQyWvgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.136.0/21
195.149.105.0/24
IPv6:
2a00:95a0::/32
Signature Algorithm: sha256WithRSAEncryption
9e:cf:86:76:d2:f2:b7:20:b7:fa:38:3f:0d:91:61:ba:18:96:
e8:c5:6a:f1:4a:43:23:dc:50:79:82:36:b6:54:8b:d7:fa:ec:
9c:92:09:de:70:71:51:b0:9c:3b:b5:8e:29:fa:d4:ca:04:63:
4d:6e:4d:85:a3:2f:78:97:cd:c9:eb:f0:84:99:e3:a9:f4:c1:
3e:a8:30:fe:b8:8e:f8:fe:92:45:e1:31:94:20:0a:64:5e:d8:
99:af:a5:64:40:93:b9:6c:09:d9:82:bb:ff:f5:72:d5:c0:49:
0c:b0:09:63:c3:a9:85:2f:d2:52:41:3c:40:ba:97:f1:3a:da:
1d:3f:44:61:7f:96:00:bf:89:3f:71:f0:85:67:52:67:94:87:
84:b3:7a:d5:cc:9f:d8:2c:59:ec:15:4d:ae:cc:48:ae:e0:ff:
9e:16:c9:ac:c1:f0:a5:03:7b:27:05:1f:78:ec:f7:26:51:3a:
c4:e5:08:36:03:a5:ac:57:1e:b9:cf:c7:e7:c3:3f:8e:c4:f0:
33:89:e5:92:e2:82:f4:40:b8:af:5b:22:f7:36:b3:b9:13:85:
0e:12:64:36:20:83:27:4e:c2:a1:af:a3:34:29:ff:ad:9c:34:
6d:fa:c7:e3:c7:9f:67:3b:93:f2:51:41:c2:5f:dc:88:62:2b:
fd:77:6e:74
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVx8N+3/MPOFlqt3xMqNcozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGVkYWIxMjIxNWUyOWJkMzhjMWRhOWI1ZTM5NmJkMGM5
NmJlMDkwHhcNMjMwMTAyMTAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzEzMWMwOWFhZWQ0YWVhNDQ0MjBhY2I5YWZlZTc5NGYwYTZkNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7wmr3lTP2yVfEquhRKZ1pedxDpr
04VQJ/wTAX3MKt+fVJEnvn1wdPU970UfPUHsjk303ummNu6WZtlc7WAha2mf1I77
ZSAfARS6hzm+ws7Y9x8y47EV/WjDuo/6hrFuujOQjoG3COqX9JWhgbm+gUAn1OZ5
6fWlhfbGXd4Fu07RZWTDNxVHdOUecOU15AWPITZnV3BoBuu0pjjOeDwtiw4Lzsxw
GmShq5Dncog3YiiqLDTOC5LlM+WzPLtIYjmKRKfNcqJBrypAnvkvXoy9U1Bwpf/p
w2Yu5lVcauFMDET1CWembeKfFOi5TuA/6ArpiO07Jo4YI60MYd8bQkPAxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCMTHAmq7UrqREIKy5r+55TwptW8MB8GA1UdIwQY
MBaAFC6O2rEiFeKb04wdqbXjlr0Mlr4JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG83YXNTSVY0cHZUakIycHRlT1d2UXlXdmdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9hZjc2ZTAtNmI3ZC00MGFjLTk2MjEt
NjQzYTJmYzQ0NzNlLzEvSXhNY0NhcnRTdXBFUWdyTG12N25sUENtMWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9hZjc2ZTAtNmI3ZC00MGFjLTk2MjEtNjQzYTJmYzQ0NzNl
LzEvTG83YXNTSVY0cHZUakIycHRlT1d2UXlXdmdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLv+IAwQA
w5VpMA0EAgACMAcDBQAqAJWgMA0GCSqGSIb3DQEBCwUAA4IBAQCez4Z20vK3ILf6
OD8NkWG6GJboxWrxSkMj3FB5gja2VIvX+uyckgnecHFRsJw7tY4p+tTKBGNNbk2F
oy94l83J6/CEmeOp9ME+qDD+uI74/pJF4TGUIApkXtiZr6VkQJO5bAnZgrv/9XLV
wEkMsAljw6mFL9JSQTxAupfxOtodP0Rhf5YAv4k/cfCFZ1JnlIeEs3rVzJ/YLFns
FU2uzEiu4P+eFsmswfClA3snBR947PcmUTrE5Qg2A6WsVx65z8fnwz+OxPAzieWS
4oL0QLivWyL3NrO5E4UOEmQ2IIMnTsKhr6M0Kf+tnDRt+sfjx59nO5PyUUHCX9yI
Yiv9d250
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:52 2024 by rpki-client on console-ams.rpki-client.org