Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/5qnXNtfS-fS6TCLah651zNnqCSA.roa
File: 5qnXNtfS-fS6TCLah651zNnqCSA.roa (raw, json)
Hash identifier: BCisZnDyP+WOHBdNFGVmrIQvJoTYCB2vxeV3LUTKcFo=
Subject key identifier: E6:A9:D7:36:D7:D2:F9:F4:BA:4C:22:DA:87:AE:75:CC:D9:EA:09:20
Certificate issuer: /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial: 0187BD1D866EA2225C75FE296CC08FEB02F8
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/5qnXNtfS-fS6TCLah651zNnqCSA.roa
Signing time: Wed 26 Apr 2023 10:30:41 +0000
ROA not before: Wed 26 Apr 2023 10:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 195.177.230.0/24 maxlen: 24
195.177.231.0/24 maxlen: 24
195.178.104.0/24 maxlen: 24
195.178.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:1d:86:6e:a2:22:5c:75:fe:29:6c:c0:8f:eb:02:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Validity
Not Before: Apr 26 10:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6a9d736d7d2f9f4ba4c22da87ae75ccd9ea0920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6c:53:e8:f3:55:7d:29:71:19:4c:14:4c:30:
8d:48:8c:0d:02:3c:ed:cd:40:36:b5:c5:3f:4e:29:
76:c2:bd:f4:fa:a8:1f:72:2d:50:b7:eb:6c:bb:3e:
d1:fd:6e:3a:ea:59:ff:1e:b6:08:4f:a5:95:87:8f:
a8:bf:bc:e6:6f:8e:94:81:4c:f9:5c:60:c8:ae:41:
c3:e4:29:a4:87:8d:18:91:3c:17:2d:89:dd:62:26:
1e:64:66:8d:7f:4f:8a:4c:e5:60:04:58:f7:58:04:
a1:56:15:9d:df:31:8f:e0:33:d9:41:f1:40:9a:5c:
10:e8:f2:2c:cf:c5:45:6b:59:f7:b6:81:fd:23:2b:
b7:a4:f8:1c:9d:b4:18:87:5a:00:74:1f:ec:49:82:
7b:c9:cd:ed:a1:87:c3:73:08:7f:22:93:44:67:56:
22:8e:4b:3f:6a:5a:88:f0:58:86:19:18:4e:b2:31:
37:db:8e:93:ea:44:5c:c5:c7:4b:af:04:38:37:5d:
65:77:f3:32:a5:44:3c:f7:aa:be:02:38:61:9f:0b:
ad:cd:1a:a5:e0:8d:52:81:fa:c9:94:a8:b9:07:e3:
b5:2d:39:b4:64:f5:ce:4d:73:4e:11:52:b3:f0:b2:
74:90:f1:fa:4d:72:5c:87:4d:c2:06:db:84:29:ce:
c6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A9:D7:36:D7:D2:F9:F4:BA:4C:22:DA:87:AE:75:CC:D9:EA:09:20
X509v3 Authority Key Identifier:
keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/5qnXNtfS-fS6TCLah651zNnqCSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.230.0/23
195.178.104.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:ca:22:82:79:88:2c:2a:29:1a:ac:cb:91:07:af:6b:a6:c4:
ca:3c:4d:c7:d7:89:1f:63:27:a9:67:ff:7d:83:09:f3:74:64:
6f:ca:40:61:2d:85:08:4d:00:76:a0:d0:0c:3b:34:15:73:39:
cc:10:12:c1:ec:dd:39:9c:9a:4b:48:99:7e:11:38:42:81:29:
15:fb:92:a6:f9:19:11:d8:cb:5f:7b:07:ba:e8:31:62:a6:80:
6a:ff:37:3c:6b:e8:21:5e:47:17:81:dc:ec:d6:87:64:a8:0b:
42:ce:1d:07:0b:21:c6:ee:11:ad:ee:73:e2:05:5b:7f:c6:25:
f2:a4:9f:ed:35:a9:d1:60:f7:c3:5f:45:20:a9:90:2f:b2:2b:
98:8d:d9:b2:db:e5:2d:0d:cc:f1:0d:e2:7a:01:72:14:7f:0a:
9a:05:71:34:05:3e:89:5f:5c:5a:84:97:09:2c:cc:db:7f:6a:
60:07:4d:44:4c:1a:25:d4:4e:83:fb:db:7e:42:1a:7f:1f:25:
e1:f6:35:06:db:65:63:59:9a:47:0d:cd:6e:4c:48:3e:c3:5f:
91:85:2d:1e:75:58:b6:55:2f:1e:99:59:16:88:9b:64:82:2c:
64:e9:5f:df:2f:8c:e2:bf:c5:22:5b:58:91:9d:0b:76:59:6e:
65:04:bd:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYe9HYZuoiJcdf4pbMCP6wL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjMwNDI2MTAzMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmE5ZDczNmQ3ZDJmOWY0YmE0YzIyZGE4N2FlNzVjY2Q5ZWEwOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2xT6PNVfSlxGUwUTDCNSIwNAjzt
zUA2tcU/Til2wr30+qgfci1Qt+tsuz7R/W466ln/HrYIT6WVh4+ov7zmb46UgUz5
XGDIrkHD5Cmkh40YkTwXLYndYiYeZGaNf0+KTOVgBFj3WAShVhWd3zGP4DPZQfFA
mlwQ6PIsz8VFa1n3toH9Iyu3pPgcnbQYh1oAdB/sSYJ7yc3toYfDcwh/IpNEZ1Yi
jks/alqI8FiGGRhOsjE3246T6kRcxcdLrwQ4N11ld/MypUQ896q+AjhhnwutzRql
4I1SgfrJlKi5B+O1LTm0ZPXOTXNOEVKz8LJ0kPH6TXJch03CBtuEKc7GzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOap1zbX0vn0ukwi2oeudczZ6gkgMB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvNXFuWE50ZlMtZlM2VENMYWg2NTF6Tm5xQ1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw7HmAwQB
w7JoMA0GCSqGSIb3DQEBCwUAA4IBAQBeyiKCeYgsKikarMuRB69rpsTKPE3H14kf
YyepZ/99gwnzdGRvykBhLYUITQB2oNAMOzQVcznMEBLB7N05nJpLSJl+EThCgSkV
+5Km+RkR2Mtfewe66DFipoBq/zc8a+ghXkcXgdzs1odkqAtCzh0HCyHG7hGt7nPi
BVt/xiXypJ/tNanRYPfDX0UgqZAvsiuYjdmy2+UtDczxDeJ6AXIUfwqaBXE0BT6J
X1xahJcJLMzbf2pgB01ETBol1E6D+9t+Qhp/HyXh9jUG22VjWZpHDc1uTEg+w1+R
hS0edVi2VS8emVkWiJtkgixk6V/fL4ziv8UiW1iRnQt2WW5lBL1x
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:26 2024 by rpki-client on console-ams.rpki-client.org