Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/3d1945-d60e-48ab-88bc-8cfe4b8157d2/1/hr1O8sIsQnk2Vjqtd2wtGsKNR9Y.roa
File: hr1O8sIsQnk2Vjqtd2wtGsKNR9Y.roa (raw, json)
Hash identifier: 40PKOSpWDbLdtBS+VlmoZvn6aj9W6UIsav3bSJI/Za0=
Subject key identifier: 86:BD:4E:F2:C2:2C:42:79:36:56:3A:AD:77:6C:2D:1A:C2:8D:47:D6
Certificate issuer: /CN=5e717627f7b2fcc56f0d7be469a13171607d2427
Certificate serial: 018CC4253892EECDE2FAAE81AD6E8B8AF853
Authority key identifier: 5E:71:76:27:F7:B2:FC:C5:6F:0D:7B:E4:69:A1:31:71:60:7D:24:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XnF2J_ey_MVvDXvkaaExcWB9JCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/3d1945-d60e-48ab-88bc-8cfe4b8157d2/1/hr1O8sIsQnk2Vjqtd2wtGsKNR9Y.roa
Signing time: Mon 01 Jan 2024 08:30:22 +0000
ROA not before: Mon 01 Jan 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31732
IP address blocks: 195.254.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 12:52:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:38:92:ee:cd:e2:fa:ae:81:ad:6e:8b:8a:f8:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e717627f7b2fcc56f0d7be469a13171607d2427
Validity
Not Before: Jan 1 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86bd4ef2c22c427936563aad776c2d1ac28d47d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2f:68:bb:86:7f:1e:1c:38:52:58:61:bf:1a:
fc:41:85:72:32:fa:cc:34:92:78:4c:83:62:5d:a0:
71:ce:59:ba:91:84:c1:c1:4b:46:42:66:5a:f7:6d:
28:8c:dd:0d:6b:12:f4:e1:c8:f4:3b:be:99:66:1f:
ee:4f:03:b4:b6:61:29:35:c7:e7:93:c9:9a:c4:e0:
44:54:8b:a6:60:68:d4:6b:24:e7:93:42:d4:78:1c:
79:fe:08:73:b9:cd:f2:68:95:66:0c:f8:09:e9:68:
df:c8:66:47:fb:5c:a9:8a:29:d3:5e:c5:28:f7:15:
1b:d8:32:8e:38:92:fc:9e:94:d5:c7:dc:66:fa:2d:
32:02:b2:26:3d:19:da:b5:00:a4:8f:4c:ec:9a:35:
08:0f:a7:b6:a9:fd:d0:fd:83:88:40:8f:22:62:51:
49:96:a1:30:f4:ab:1c:5f:42:94:30:e7:96:3c:72:
90:a4:a2:65:dc:34:a3:36:a3:30:7d:10:c5:b4:87:
aa:25:f4:89:ce:f3:56:88:c9:64:f7:37:fd:7d:ea:
ea:e0:0a:ec:8c:11:32:ff:a4:31:b9:fd:e4:8e:c4:
3d:7b:ef:0e:58:16:e0:e6:81:33:e6:de:2b:54:e1:
e9:f6:54:ff:a0:72:c8:80:55:6b:03:b3:7d:24:dd:
18:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BD:4E:F2:C2:2C:42:79:36:56:3A:AD:77:6C:2D:1A:C2:8D:47:D6
X509v3 Authority Key Identifier:
keyid:5E:71:76:27:F7:B2:FC:C5:6F:0D:7B:E4:69:A1:31:71:60:7D:24:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XnF2J_ey_MVvDXvkaaExcWB9JCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/3d1945-d60e-48ab-88bc-8cfe4b8157d2/1/hr1O8sIsQnk2Vjqtd2wtGsKNR9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/3d1945-d60e-48ab-88bc-8cfe4b8157d2/1/XnF2J_ey_MVvDXvkaaExcWB9JCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.165.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:93:71:07:7d:6a:fe:11:65:2c:b8:99:da:b5:ff:03:10:90:
6d:ba:a8:75:2d:38:a7:86:ab:ce:0c:99:c7:b1:37:74:e0:1d:
97:0c:22:a3:56:dd:1a:0b:39:48:d7:a0:33:cc:b0:35:16:cd:
06:e6:8f:6e:80:dc:7c:e4:11:46:eb:1e:24:d8:4c:4e:f9:7e:
39:49:d1:b2:41:a8:d1:54:0f:91:5d:1b:1c:3d:fd:98:86:e5:
5a:a1:f3:e5:d5:87:74:71:71:3c:9b:ed:09:43:ab:e4:fc:d9:
b7:d8:88:62:9a:ca:c0:34:99:06:a7:7d:f6:5d:3b:69:6a:a0:
87:64:08:25:10:f2:53:43:b7:6f:93:b1:1b:89:e9:3f:ec:47:
d2:ef:63:09:f3:5e:a4:34:e0:69:a4:66:45:ef:9f:c3:4d:d5:
7c:ae:60:d3:9d:2f:df:fb:57:f2:59:7e:2c:5f:0b:5b:ff:d4:
88:f6:ab:a2:a1:5f:6e:dd:f2:71:7e:77:4c:04:a6:58:2b:ce:
9d:80:36:74:c5:e8:ff:53:82:3d:08:e1:f6:de:fc:0b:be:ee:
a0:20:9b:52:62:4e:e7:ad:ce:8f:2a:eb:fb:c9:5b:fb:8a:ce:
3f:4c:cc:d9:49:3c:28:91:ca:40:64:c7:da:98:d3:5b:70:24:
a3:fa:68:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJTiS7s3i+q6BrW6LivhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNzE3NjI3ZjdiMmZjYzU2ZjBkN2JlNDY5YTEzMTcxNjA3
ZDI0MjcwHhcNMjQwMTAxMDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmJkNGVmMmMyMmM0Mjc5MzY1NjNhYWQ3NzZjMmQxYWMyOGQ0N2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly9ou4Z/Hhw4Ulhhvxr8QYVyMvrM
NJJ4TINiXaBxzlm6kYTBwUtGQmZa920ojN0NaxL04cj0O76ZZh/uTwO0tmEpNcfn
k8maxOBEVIumYGjUayTnk0LUeBx5/ghzuc3yaJVmDPgJ6WjfyGZH+1ypiinTXsUo
9xUb2DKOOJL8npTVx9xm+i0yArImPRnatQCkj0zsmjUID6e2qf3Q/YOIQI8iYlFJ
lqEw9KscX0KUMOeWPHKQpKJl3DSjNqMwfRDFtIeqJfSJzvNWiMlk9zf9ferq4Ars
jBEy/6Qxuf3kjsQ9e+8OWBbg5oEz5t4rVOHp9lT/oHLIgFVrA7N9JN0Y2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIa9TvLCLEJ5NlY6rXdsLRrCjUfWMB8GA1UdIwQY
MBaAFF5xdif3svzFbw175GmhMXFgfSQnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5GMkpfZXlfTVZ2RFh2a2FhRXhjV0I5SkNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zZDE5NDUtZDYwZS00OGFiLTg4YmMt
OGNmZTRiODE1N2QyLzEvaHIxTzhzSXNRbmsyVmpxdGQyd3RHc0tOUjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zZDE5NDUtZDYwZS00OGFiLTg4YmMtOGNmZTRiODE1N2Qy
LzEvWG5GMkpfZXlfTVZ2RFh2a2FhRXhjV0I5SkNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/6lMA0G
CSqGSIb3DQEBCwUAA4IBAQCKk3EHfWr+EWUsuJnatf8DEJBtuqh1LTinhqvODJnH
sTd04B2XDCKjVt0aCzlI16AzzLA1Fs0G5o9ugNx85BFG6x4k2ExO+X45SdGyQajR
VA+RXRscPf2YhuVaofPl1Yd0cXE8m+0JQ6vk/Nm32IhimsrANJkGp332XTtpaqCH
ZAglEPJTQ7dvk7Ebiek/7EfS72MJ816kNOBppGZF75/DTdV8rmDTnS/f+1fyWX4s
Xwtb/9SI9quioV9u3fJxfndMBKZYK86dgDZ0xej/U4I9COH23vwLvu6gIJtSYk7n
rc6PKuv7yVv7is4/TMzZSTwokcpAZMfamNNbcCSj+mhZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:20 2024 by rpki-client on console-fra.rpki-client.org