Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/kEv3N8pBsK8Ai345aL50PqxGrVY.roa
File: kEv3N8pBsK8Ai345aL50PqxGrVY.roa (raw, json)
Hash identifier: Gzx7+XyK/ZFzy/dV63lLABCCSWUJRABz/oBmlgb4FhA=
Subject key identifier: 90:4B:F7:37:CA:41:B0:AF:00:8B:7E:39:68:BE:74:3E:AC:46:AD:56
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 018F1A14E267AA787D959BE59FC410C551C9
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/kEv3N8pBsK8Ai345aL50PqxGrVY.roa
Signing time: Fri 26 Apr 2024 11:05:27 +0000
ROA not before: Fri 26 Apr 2024 11:05:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215066
IP address blocks: 195.144.8.0/24 maxlen: 24
2a07:244::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Jun 2024 12:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1a:14:e2:67:aa:78:7d:95:9b:e5:9f:c4:10:c5:51:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Apr 26 11:05:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=904bf737ca41b0af008b7e3968be743eac46ad56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c7:de:a7:22:11:f6:c9:c7:5d:62:e3:7e:bd:
b4:ee:e1:36:46:43:f6:a3:55:f2:84:91:9a:c6:5e:
25:14:80:75:e6:e1:07:3e:57:41:74:24:ba:bc:c6:
5d:ff:64:3e:2d:3a:7d:a8:22:06:53:2d:7f:98:c7:
58:0e:b7:76:cc:83:85:ea:18:86:38:f6:d6:95:01:
8d:d5:bf:1f:da:a2:d3:2b:d1:ff:ca:d4:ca:94:06:
61:82:83:ea:8a:05:08:08:d6:a6:3c:5f:19:03:cb:
03:73:b8:5d:ce:59:e1:12:a9:d2:c9:30:01:68:05:
76:a9:5d:ac:14:47:65:a2:af:fa:c8:1a:8f:9c:a0:
a5:a3:18:f7:d9:36:5f:c6:50:97:e1:ae:7b:bc:1d:
6b:16:8a:be:f4:85:65:db:67:c2:27:c5:c5:10:d9:
7f:8c:e6:50:dc:04:b8:71:30:37:e3:f2:e5:a8:c0:
42:27:e2:53:b4:c1:98:f8:31:a5:10:1d:0c:55:58:
8c:f5:4e:43:11:db:72:66:51:e4:d8:29:f9:4a:1b:
3d:ec:a5:3e:bd:83:ca:e3:86:ff:e9:bf:61:45:6d:
a7:f5:3c:02:30:21:ef:b7:6e:e4:b8:3a:6c:0f:b4:
57:b6:ac:13:3c:97:fe:76:a2:93:39:e7:d2:30:1b:
51:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4B:F7:37:CA:41:B0:AF:00:8B:7E:39:68:BE:74:3E:AC:46:AD:56
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/kEv3N8pBsK8Ai345aL50PqxGrVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.144.8.0/24
IPv6:
2a07:244::/32
Signature Algorithm: sha256WithRSAEncryption
7a:8f:45:45:9f:3e:aa:97:36:32:92:ea:1a:e7:e8:1d:fb:66:
a6:50:39:e7:39:2f:8a:02:06:de:2c:91:3b:f9:c4:aa:80:ec:
10:89:f6:c0:d9:b6:76:83:e2:8a:5e:75:c0:0f:d2:9d:1a:ac:
4b:fd:65:a1:ce:ef:6f:d6:37:7d:8b:a5:5b:0f:f3:94:e8:88:
0c:ce:83:c3:ec:30:37:85:15:99:16:3c:45:33:ff:05:1e:d8:
ee:fc:2b:7c:1f:e4:b5:52:c0:94:1c:e6:67:bc:68:88:40:b3:
88:aa:14:0f:f9:36:36:0f:a1:ff:0f:16:da:5a:6c:38:a1:6e:
fd:ce:73:5f:a8:f1:ba:f8:f7:26:bd:a7:23:be:66:3c:91:dc:
20:13:ae:ea:17:1c:a7:5f:67:aa:43:b0:a5:38:88:2c:6e:be:
72:d2:33:9f:2b:86:ed:56:68:e8:f3:9c:27:60:12:a0:a4:70:
ec:d3:a3:b0:ef:55:ba:5d:c6:39:dc:cb:e4:51:05:6f:f7:46:
3a:15:17:75:1f:20:ec:b5:26:c6:77:32:f3:c6:71:d1:7c:4a:
a5:62:79:56:d7:38:66:28:a3:17:2b:e3:a3:88:14:62:30:fa:
81:29:c9:c6:79:02:d3:be:bf:26:a0:b9:a8:d6:d1:f5:4d:f3:
d4:fc:9f:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8aFOJnqnh9lZvln8QQxVHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjQwNDI2MTEwNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRiZjczN2NhNDFiMGFmMDA4YjdlMzk2OGJlNzQzZWFjNDZhZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8fepyIR9snHXWLjfr207uE2RkP2
o1XyhJGaxl4lFIB15uEHPldBdCS6vMZd/2Q+LTp9qCIGUy1/mMdYDrd2zIOF6hiG
OPbWlQGN1b8f2qLTK9H/ytTKlAZhgoPqigUICNamPF8ZA8sDc7hdzlnhEqnSyTAB
aAV2qV2sFEdloq/6yBqPnKCloxj32TZfxlCX4a57vB1rFoq+9IVl22fCJ8XFENl/
jOZQ3AS4cTA34/LlqMBCJ+JTtMGY+DGlEB0MVViM9U5DEdtyZlHk2Cn5Shs97KU+
vYPK44b/6b9hRW2n9TwCMCHvt27kuDpsD7RXtqwTPJf+dqKTOefSMBtRXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJBL9zfKQbCvAIt+OWi+dD6sRq1WMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEva0V2M044cEJzSzhBaTM0NWFMNTBQcXhHclZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw5AIMA0E
AgACMAcDBQAqBwJEMA0GCSqGSIb3DQEBCwUAA4IBAQB6j0VFnz6qlzYykuoa5+gd
+2amUDnnOS+KAgbeLJE7+cSqgOwQifbA2bZ2g+KKXnXAD9KdGqxL/WWhzu9v1jd9
i6VbD/OU6IgMzoPD7DA3hRWZFjxFM/8FHtju/Ct8H+S1UsCUHOZnvGiIQLOIqhQP
+TY2D6H/DxbaWmw4oW79znNfqPG6+PcmvacjvmY8kdwgE67qFxynX2eqQ7ClOIgs
br5y0jOfK4btVmjo85wnYBKgpHDs06Ow71W6XcY53MvkUQVv90Y6FRd1HyDstSbG
dzLzxnHRfEqlYnlW1zhmKKMXK+OjiBRiMPqBKcnGeQLTvr8moLmo1tH1TfPU/J/A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:06 2024 by rpki-client on console-ams.rpki-client.org