Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/4ab35b-0a61-4b40-9623-d0fd82c23f6d/1/duXt1OB4kJ5kRzdGLmxVFGeulDM.roa
File: duXt1OB4kJ5kRzdGLmxVFGeulDM.roa (raw, json)
Hash identifier: w1aAiWiKt906KdwzP/aIxm+gylvNPE1ZO1xeLp+5Hkw=
Subject key identifier: 76:E5:ED:D4:E0:78:90:9E:64:47:37:46:2E:6C:55:14:67:AE:94:33
Certificate issuer: /CN=6bef3fe86b727af26a90ef1cc0b11aa2c8685ffe
Certificate serial: 01856FDDD9A6E16C6C49FF9024BFD5F9FDC9
Authority key identifier: 6B:EF:3F:E8:6B:72:7A:F2:6A:90:EF:1C:C0:B1:1A:A2:C8:68:5F:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a-8_6GtyevJqkO8cwLEaoshoX_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/4ab35b-0a61-4b40-9623-d0fd82c23f6d/1/duXt1OB4kJ5kRzdGLmxVFGeulDM.roa
Signing time: Mon 02 Jan 2023 00:24:48 +0000
ROA not before: Mon 02 Jan 2023 00:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59589
IP address blocks: 195.93.248.0/24 maxlen: 24
2a10:1040::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:d9:a6:e1:6c:6c:49:ff:90:24:bf:d5:f9:fd:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bef3fe86b727af26a90ef1cc0b11aa2c8685ffe
Validity
Not Before: Jan 2 00:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76e5edd4e078909e644737462e6c551467ae9433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:60:d7:18:2d:f4:6f:b4:94:cd:83:e8:d3:bc:
6b:6b:0d:81:05:55:45:28:66:fb:81:07:0a:f9:20:
96:6d:13:d1:c8:c4:9b:3c:28:29:b2:97:ce:a5:08:
2c:dc:e5:32:9e:e5:c5:b6:19:9a:0a:92:9b:39:66:
d7:61:96:f7:ac:63:42:54:63:9c:e4:ac:54:25:a9:
37:c1:73:de:25:06:76:9b:f5:61:5f:6f:90:aa:ee:
7f:c7:a3:22:e0:9c:21:58:7b:c3:9c:7f:37:a8:9f:
db:08:fe:bf:1b:02:e5:5d:f0:db:0f:f4:b4:4a:22:
dd:b0:54:74:25:bf:b0:d4:26:10:e0:e9:37:da:25:
3a:0f:61:19:d0:e7:e0:02:f2:92:d0:26:b1:a3:b9:
69:83:06:9d:a2:95:29:50:a1:a4:1c:fe:e0:36:de:
90:cc:78:32:25:39:9f:68:df:cd:69:fd:0f:07:9c:
f5:a5:f2:57:6c:00:6a:31:31:ec:9f:93:46:13:be:
74:bc:8b:90:cd:03:d6:e8:f7:80:a2:fd:ce:e1:aa:
d0:7c:b5:fe:45:fa:0e:17:33:fc:f2:0b:2e:bd:99:
92:84:9e:28:c0:e1:36:69:d5:e8:d7:53:81:59:b0:
51:90:af:5b:2e:50:49:a7:5f:0b:06:00:87:99:b4:
6c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E5:ED:D4:E0:78:90:9E:64:47:37:46:2E:6C:55:14:67:AE:94:33
X509v3 Authority Key Identifier:
keyid:6B:EF:3F:E8:6B:72:7A:F2:6A:90:EF:1C:C0:B1:1A:A2:C8:68:5F:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-8_6GtyevJqkO8cwLEaoshoX_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/4ab35b-0a61-4b40-9623-d0fd82c23f6d/1/duXt1OB4kJ5kRzdGLmxVFGeulDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/4ab35b-0a61-4b40-9623-d0fd82c23f6d/1/a-8_6GtyevJqkO8cwLEaoshoX_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.93.248.0/24
IPv6:
2a10:1040::/32
Signature Algorithm: sha256WithRSAEncryption
02:41:4e:dd:88:c9:07:86:1a:f8:50:74:bc:3b:8b:93:9a:97:
e2:6d:1b:ee:e6:24:41:b2:53:77:65:11:09:3d:d0:c3:d1:16:
3e:75:35:e7:f6:4d:41:08:50:af:4f:41:c7:4b:28:b0:4d:0b:
13:7b:5a:4d:6d:09:d8:bd:bb:c9:aa:0c:69:97:2d:d1:e5:19:
a3:b8:70:0d:17:cb:76:87:be:73:f1:b5:ba:69:3a:48:ca:a8:
4d:8f:0d:98:f3:9d:29:a0:81:63:04:6e:e6:34:99:70:05:72:
55:e7:09:48:5a:c6:36:17:4a:41:c3:62:94:14:ed:19:12:fd:
3d:f1:f6:70:e1:38:2e:5f:71:5d:4e:c0:14:9a:df:91:d5:ac:
6b:f2:36:e8:61:c5:18:53:14:5a:04:0c:d8:a1:c3:81:71:5a:
42:16:df:be:93:89:ef:db:61:13:f8:5e:d5:97:37:a4:24:3b:
e1:e9:0e:7b:6c:1d:0a:39:7a:10:35:27:61:fc:0d:3a:cc:de:
c1:e7:66:ca:41:74:cd:fb:8b:f4:70:ff:40:c2:88:fb:0c:e8:
18:ec:96:9c:7e:b6:af:ad:43:69:a6:14:d6:65:19:0d:6c:94:
3c:33:30:c2:aa:0c:77:3a:df:c8:db:2e:cd:72:7e:71:58:58:
0a:39:95:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv3dmm4WxsSf+QJL/V+f3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZWYzZmU4NmI3MjdhZjI2YTkwZWYxY2MwYjExYWEyYzg2
ODVmZmUwHhcNMjMwMTAyMDAyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmU1ZWRkNGUwNzg5MDllNjQ0NzM3NDYyZTZjNTUxNDY3YWU5NDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWDXGC30b7SUzYPo07xraw2BBVVF
KGb7gQcK+SCWbRPRyMSbPCgpspfOpQgs3OUynuXFthmaCpKbOWbXYZb3rGNCVGOc
5KxUJak3wXPeJQZ2m/VhX2+Qqu5/x6Mi4JwhWHvDnH83qJ/bCP6/GwLlXfDbD/S0
SiLdsFR0Jb+w1CYQ4Ok32iU6D2EZ0OfgAvKS0Caxo7lpgwadopUpUKGkHP7gNt6Q
zHgyJTmfaN/Naf0PB5z1pfJXbABqMTHsn5NGE750vIuQzQPW6PeAov3O4arQfLX+
RfoOFzP88gsuvZmShJ4owOE2adXo11OBWbBRkK9bLlBJp18LBgCHmbRsLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHbl7dTgeJCeZEc3Ri5sVRRnrpQzMB8GA1UdIwQY
MBaAFGvvP+hrcnryapDvHMCxGqLIaF/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS04XzZHdHlldkpxa084Y3dMRWFvc2hvWF80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi80YWIzNWItMGE2MS00YjQwLTk2MjMt
ZDBmZDgyYzIzZjZkLzEvZHVYdDFPQjRrSjVrUnpkR0xteFZGR2V1bERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi80YWIzNWItMGE2MS00YjQwLTk2MjMtZDBmZDgyYzIzZjZk
LzEvYS04XzZHdHlldkpxa084Y3dMRWFvc2hvWF80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw134MA0E
AgACMAcDBQAqEBBAMA0GCSqGSIb3DQEBCwUAA4IBAQACQU7diMkHhhr4UHS8O4uT
mpfibRvu5iRBslN3ZREJPdDD0RY+dTXn9k1BCFCvT0HHSyiwTQsTe1pNbQnYvbvJ
qgxply3R5RmjuHANF8t2h75z8bW6aTpIyqhNjw2Y850poIFjBG7mNJlwBXJV5wlI
WsY2F0pBw2KUFO0ZEv098fZw4TguX3FdTsAUmt+R1axr8jboYcUYUxRaBAzYocOB
cVpCFt++k4nv22ET+F7VlzekJDvh6Q57bB0KOXoQNSdh/A06zN7B52bKQXTN+4v0
cP9Awoj7DOgY7JacfravrUNpphTWZRkNbJQ8MzDCqgx3Ot/I2y7Ncn5xWFgKOZWV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:30 2024 by rpki-client on console-fra.rpki-client.org