Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/3uwCZlOzsrBVRLe4Doi_RyZ1ge8.roa
File: 3uwCZlOzsrBVRLe4Doi_RyZ1ge8.roa (raw, json)
Hash identifier: eW21nveumT1IPem5E0w6M/lLO4BXfnBkfxA388DORfs=
Subject key identifier: DE:EC:02:66:53:B3:B2:B0:55:44:B7:B8:0E:88:BF:47:26:75:81:EF
Certificate issuer: /CN=403f08bbaffa4161843203a8a757ab6e9546b0ce
Certificate serial: 018EC231E14B39D173EDC1093D1E7537CA6C
Authority key identifier: 40:3F:08:BB:AF:FA:41:61:84:32:03:A8:A7:57:AB:6E:95:46:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QD8Iu6_6QWGEMgOop1erbpVGsM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/3uwCZlOzsrBVRLe4Doi_RyZ1ge8.roa
Signing time: Tue 09 Apr 2024 09:30:32 +0000
ROA not before: Tue 09 Apr 2024 09:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213295
IP address blocks: 195.200.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 09:55:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:31:e1:4b:39:d1:73:ed:c1:09:3d:1e:75:37:ca:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=403f08bbaffa4161843203a8a757ab6e9546b0ce
Validity
Not Before: Apr 9 09:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=deec026653b3b2b05544b7b80e88bf47267581ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:85:de:32:78:a9:1e:28:4b:ca:46:58:67:8f:
28:b1:21:8b:f5:d7:13:59:eb:b0:d8:b1:7b:ab:5d:
52:e2:e4:77:ad:6f:7d:28:b6:bc:51:d2:d9:11:d3:
b7:bd:f9:ff:3f:d4:69:dc:ed:d3:50:f0:5b:16:6e:
94:c3:94:65:5e:8e:44:f2:ac:6b:c1:fc:da:24:a7:
7d:90:ba:a4:68:0c:f8:02:0e:4a:58:26:0c:7d:f6:
ef:0f:99:02:23:70:1b:92:94:69:75:d7:bb:13:5c:
12:33:da:1a:32:5e:04:8c:4d:b2:ce:09:d7:a9:6d:
2b:ec:24:0e:8a:89:9b:5f:42:b8:f7:52:22:4c:9d:
88:14:e4:39:38:5d:51:a2:28:3f:55:b7:9b:7b:9d:
0d:48:53:20:a3:2d:db:3d:fc:15:24:cb:3f:04:51:
cb:f5:4e:b0:49:e5:e7:87:d1:7c:79:b2:8f:28:79:
3a:ee:9f:da:2f:67:72:54:d8:b9:49:f3:35:99:79:
b2:c2:bc:a4:d7:e5:97:11:6e:ff:39:f7:14:b8:ec:
c6:75:d9:c3:95:2d:59:50:1e:27:61:36:7a:4f:b6:
b5:a3:11:c0:29:34:95:c8:63:ae:76:b4:c6:42:b0:
00:19:4f:29:2d:26:65:75:00:63:d7:15:e3:ba:81:
ab:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:EC:02:66:53:B3:B2:B0:55:44:B7:B8:0E:88:BF:47:26:75:81:EF
X509v3 Authority Key Identifier:
keyid:40:3F:08:BB:AF:FA:41:61:84:32:03:A8:A7:57:AB:6E:95:46:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QD8Iu6_6QWGEMgOop1erbpVGsM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/3uwCZlOzsrBVRLe4Doi_RyZ1ge8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.234.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:4b:35:92:7a:a4:6f:fb:4d:f3:47:85:23:dd:a9:f9:e8:ee:
c1:66:15:00:ce:df:65:4b:18:84:30:e4:09:aa:88:37:87:0e:
5b:69:fd:9d:67:ea:2f:7f:52:3f:ac:d8:7d:6b:96:c1:62:45:
c3:34:e2:1e:0d:1f:ec:e0:5e:70:42:52:3d:50:13:83:47:e2:
16:f4:d4:35:a8:90:a6:16:69:65:74:32:da:67:6a:fa:eb:53:
3d:9b:ce:6b:e6:82:08:ac:31:2f:2d:4c:a4:95:fc:bf:a3:83:
f7:6d:32:ff:9b:76:49:0b:40:53:1d:50:ac:c3:d0:5c:92:0d:
4c:32:c0:12:88:b0:4a:0e:d1:b4:60:7f:d1:ce:06:f5:47:5f:
0d:d1:1e:ac:05:a8:58:8c:6c:21:c3:d5:76:df:94:aa:85:9f:
79:c2:1e:91:88:4e:ad:56:d4:fc:df:cf:a6:28:06:fc:f4:33:
6d:34:63:e1:c0:4c:8e:db:18:01:b7:50:cb:6e:61:8d:8d:dd:
43:1f:3d:3c:80:7e:ad:ff:a6:45:be:97:8f:0d:a6:a7:ad:b7:
b6:53:68:f4:7e:2e:d8:91:00:86:0a:20:17:c4:a7:2e:23:d1:
d9:e2:c1:01:7e:a9:e9:e6:17:ed:1d:fb:4d:bc:f7:ff:5a:71:
ba:a5:fb:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7CMeFLOdFz7cEJPR51N8psMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwM2YwOGJiYWZmYTQxNjE4NDMyMDNhOGE3NTdhYjZlOTU0
NmIwY2UwHhcNMjQwNDA5MDkzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWVjMDI2NjUzYjNiMmIwNTU0NGI3YjgwZTg4YmY0NzI2NzU4MWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4XeMnipHihLykZYZ48osSGL9dcT
Weuw2LF7q11S4uR3rW99KLa8UdLZEdO3vfn/P9Rp3O3TUPBbFm6Uw5RlXo5E8qxr
wfzaJKd9kLqkaAz4Ag5KWCYMffbvD5kCI3AbkpRpdde7E1wSM9oaMl4EjE2yzgnX
qW0r7CQOiombX0K491IiTJ2IFOQ5OF1Roig/Vbebe50NSFMgoy3bPfwVJMs/BFHL
9U6wSeXnh9F8ebKPKHk67p/aL2dyVNi5SfM1mXmywryk1+WXEW7/OfcUuOzGddnD
lS1ZUB4nYTZ6T7a1oxHAKTSVyGOudrTGQrAAGU8pLSZldQBj1xXjuoGr3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7sAmZTs7KwVUS3uA6Iv0cmdYHvMB8GA1UdIwQY
MBaAFEA/CLuv+kFhhDIDqKdXq26VRrDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUQ4SXU2XzZRV0dFTWdPb3AxZXJicFZHc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9kMDY4MzItZGJkZi00Zjg3LTk5Yjgt
MzhkOGE3OGE0ODYyLzEvM3V3Q1psT3pzckJWUkxlNERvaV9SeVoxZ2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9kMDY4MzItZGJkZi00Zjg3LTk5YjgtMzhkOGE3OGE0ODYy
LzEvUUQ4SXU2XzZRV0dFTWdPb3AxZXJicFZHc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw8jqMA0G
CSqGSIb3DQEBCwUAA4IBAQBfSzWSeqRv+03zR4Uj3an56O7BZhUAzt9lSxiEMOQJ
qog3hw5baf2dZ+ovf1I/rNh9a5bBYkXDNOIeDR/s4F5wQlI9UBODR+IW9NQ1qJCm
FmlldDLaZ2r661M9m85r5oIIrDEvLUyklfy/o4P3bTL/m3ZJC0BTHVCsw9Bckg1M
MsASiLBKDtG0YH/Rzgb1R18N0R6sBahYjGwhw9V235SqhZ95wh6RiE6tVtT838+m
KAb89DNtNGPhwEyO2xgBt1DLbmGNjd1DHz08gH6t/6ZFvpePDaanrbe2U2j0fi7Y
kQCGCiAXxKcuI9HZ4sEBfqnp5hftHftNvPf/WnG6pfuh
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:06:38 2025 by rpki-client