Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/sx1mnAfJ5gIS_bz03HfkzKB716c.roa
File: sx1mnAfJ5gIS_bz03HfkzKB716c.roa (raw, json)
Hash identifier: p6rUwfYpVmooEm5/G9d995qs1UY8uF2LrZqtt0bBRXA=
Subject key identifier: B3:1D:66:9C:07:C9:E6:02:12:FD:BC:F4:DC:77:E4:CC:A0:7B:D7:A7
Certificate issuer: /CN=21a00080cd2cb1bb073903b32b25ad660a366486
Certificate serial: 0192E704744C4E6A6DEDB158C2F8833E7FA9
Authority key identifier: 21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/sx1mnAfJ5gIS_bz03HfkzKB716c.roa
Signing time: Fri 01 Nov 2024 09:18:01 +0000
ROA not before: Fri 01 Nov 2024 09:18:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51167
IP address blocks: 195.191.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 09:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e7:04:74:4c:4e:6a:6d:ed:b1:58:c2:f8:83:3e:7f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a00080cd2cb1bb073903b32b25ad660a366486
Validity
Not Before: Nov 1 09:18:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b31d669c07c9e60212fdbcf4dc77e4cca07bd7a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:06:94:48:b7:8b:3a:0f:05:32:9f:35:c7:23:
44:e3:b5:12:cc:d9:a0:47:cc:d9:e4:82:bb:ec:9a:
90:b0:c2:e5:c9:cc:8a:d3:f1:e5:ea:02:e1:b7:31:
00:d2:87:bf:a3:6f:98:d1:10:b4:91:02:b5:88:a5:
13:7f:dd:52:ac:99:ec:6d:95:20:9a:5a:a2:1a:78:
66:c9:dd:20:9f:81:6c:13:98:0b:d5:98:d5:65:47:
2a:52:8a:14:6c:d9:e6:10:65:6d:9f:94:ce:29:d0:
76:66:6b:cc:af:82:1a:3e:d2:45:5e:37:a3:56:cb:
35:17:8f:47:b6:60:6b:37:97:4a:a1:1b:45:05:7d:
e9:c6:80:bb:ac:7a:12:f9:4a:99:dc:99:1b:a6:20:
89:fe:03:de:b5:7e:75:a5:08:f1:f9:56:02:39:97:
cc:19:00:08:03:5b:7d:b5:cc:fb:c6:17:9b:c9:f4:
bc:83:1a:0f:c4:67:d3:52:bd:cb:97:8d:bd:d2:9f:
33:ec:bf:55:a6:b8:6b:88:b7:f9:42:cb:bf:57:ec:
b8:0e:79:77:d4:c3:20:30:41:ca:06:6c:28:05:fb:
a7:0c:39:3f:2e:cb:df:4c:98:fd:9a:96:bf:63:bc:
25:3d:0d:8c:23:a4:fc:b1:70:6b:de:e7:9e:38:1c:
3a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1D:66:9C:07:C9:E6:02:12:FD:BC:F4:DC:77:E4:CC:A0:7B:D7:A7
X509v3 Authority Key Identifier:
keyid:21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/sx1mnAfJ5gIS_bz03HfkzKB716c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.65.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c7:ae:02:44:71:8f:92:7e:42:d6:28:67:2a:2a:f0:ab:db:
8f:26:fc:cd:b4:67:26:b7:0a:00:42:50:2f:77:1b:c3:03:66:
95:d4:85:ae:43:87:09:37:ed:39:1d:6a:a9:78:58:23:38:a2:
e7:58:98:6c:b0:ad:9a:e2:82:65:f2:9c:94:5d:b6:c3:2b:e8:
ea:f5:bd:3a:07:73:9b:ef:cd:ae:6a:3e:b4:23:35:7e:58:31:
31:6b:b4:e8:04:52:5d:47:8d:00:2a:c1:cf:88:e6:74:ca:a0:
52:91:b5:95:61:fc:ba:57:c8:6e:14:3c:81:86:1b:83:ed:5c:
0e:96:e8:3e:50:e4:8c:20:6b:41:45:3e:ed:63:17:03:3f:58:
aa:dd:2e:75:71:9b:6f:45:d4:f0:9c:13:8c:05:40:d1:d9:fd:
5f:97:7a:3c:f6:b1:cd:bc:bb:f1:ed:48:49:f3:ca:13:2c:21:
fe:33:0f:3d:41:04:3c:0b:fc:1a:39:99:aa:05:df:bf:1e:18:
f8:94:52:b5:53:13:9b:c0:36:41:f5:ce:ea:56:d1:04:47:a8:
aa:fb:77:a8:ff:5a:e8:a7:10:4a:fa:b6:83:4b:ad:d2:b5:50:
b2:a4:b5:c8:42:22:78:3e:62:82:df:e8:d6:0f:ba:a1:e7:1a:
47:4c:cc:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLnBHRMTmpt7bFYwviDPn+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYTAwMDgwY2QyY2IxYmIwNzM5MDNiMzJiMjVhZDY2MGEz
NjY0ODYwHhcNMjQxMTAxMDkxODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzFkNjY5YzA3YzllNjAyMTJmZGJjZjRkYzc3ZTRjY2EwN2JkN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AaUSLeLOg8FMp81xyNE47USzNmg
R8zZ5IK77JqQsMLlycyK0/Hl6gLhtzEA0oe/o2+Y0RC0kQK1iKUTf91SrJnsbZUg
mlqiGnhmyd0gn4FsE5gL1ZjVZUcqUooUbNnmEGVtn5TOKdB2ZmvMr4IaPtJFXjej
Vss1F49HtmBrN5dKoRtFBX3pxoC7rHoS+UqZ3JkbpiCJ/gPetX51pQjx+VYCOZfM
GQAIA1t9tcz7xhebyfS8gxoPxGfTUr3Ll4290p8z7L9VprhriLf5Qsu/V+y4Dnl3
1MMgMEHKBmwoBfunDDk/LsvfTJj9mpa/Y7wlPQ2MI6T8sXBr3ueeOBw6NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMdZpwHyeYCEv289Nx35Myge9enMB8GA1UdIwQY
MBaAFCGgAIDNLLG7BzkDsyslrWYKNmSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1Nzkt
ZTkyZWNlNGQzY2IzLzEvc3gxbW5BZko1Z0lTX2J6MDNIZmt6S0I3MTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1NzktZTkyZWNlNGQzY2Iz
LzEvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw79BMA0G
CSqGSIb3DQEBCwUAA4IBAQBfx64CRHGPkn5C1ihnKirwq9uPJvzNtGcmtwoAQlAv
dxvDA2aV1IWuQ4cJN+05HWqpeFgjOKLnWJhssK2a4oJl8pyUXbbDK+jq9b06B3Ob
782uaj60IzV+WDExa7ToBFJdR40AKsHPiOZ0yqBSkbWVYfy6V8huFDyBhhuD7VwO
lug+UOSMIGtBRT7tYxcDP1iq3S51cZtvRdTwnBOMBUDR2f1fl3o89rHNvLvx7UhJ
88oTLCH+Mw89QQQ8C/waOZmqBd+/Hhj4lFK1UxObwDZB9c7qVtEER6iq+3eo/1ro
pxBK+raDS63StVCypLXIQiJ4PmKC3+jWD7qh5xpHTMzg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:57 2025 by rpki-client