Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/151c6c-617c-4643-9f6e-69809d8b9c20/1/rjOV1lD2gTaKRUKsELaSG8xkOgU.roa
File: rjOV1lD2gTaKRUKsELaSG8xkOgU.roa (raw, json)
Hash identifier: r7Wz1YoEZUJpC3hFpD1Jvcu6Q87+d8A4iUcS5oUhs1g=
Subject key identifier: AE:33:95:D6:50:F6:81:36:8A:45:42:AC:10:B6:92:1B:CC:64:3A:05
Certificate issuer: /CN=4ccc60495b2a34d89211cc1c79524eab61ba1656
Certificate serial: 0185701508D7B48C2441724844E3EA2EB560
Authority key identifier: 4C:CC:60:49:5B:2A:34:D8:92:11:CC:1C:79:52:4E:AB:61:BA:16:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TMxgSVsqNNiSEcwceVJOq2G6FlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/151c6c-617c-4643-9f6e-69809d8b9c20/1/rjOV1lD2gTaKRUKsELaSG8xkOgU.roa
Signing time: Mon 02 Jan 2023 01:25:04 +0000
ROA not before: Mon 02 Jan 2023 01:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48921
IP address blocks: 195.20.32.0/24 maxlen: 24
83.223.48.0/22 maxlen: 22
2a04:16c0:201::/48 maxlen: 48
2a04:16c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:08:d7:b4:8c:24:41:72:48:44:e3:ea:2e:b5:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ccc60495b2a34d89211cc1c79524eab61ba1656
Validity
Not Before: Jan 2 01:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae3395d650f681368a4542ac10b6921bcc643a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c6:bb:8d:9a:f5:5f:c7:25:5f:5d:83:b4:08:
9c:8d:55:0e:36:5d:c4:6e:c1:ca:2f:37:51:d1:5f:
f3:ef:33:7e:39:09:5d:67:40:87:fe:82:d8:47:86:
e8:c3:0b:52:e6:69:62:8d:1a:ac:b0:d6:fa:4d:d5:
3f:e5:8d:36:9b:a6:31:e9:a0:bc:45:e7:be:36:91:
08:87:60:53:7c:cd:62:ea:17:0f:ff:f5:d9:bc:45:
be:26:80:b8:6e:a3:f1:e4:62:b7:6f:60:79:5b:85:
76:65:80:86:ce:f9:e3:01:13:cc:8e:81:16:44:80:
87:3e:c8:29:b0:20:c5:a0:5f:8d:be:5f:d8:b5:de:
f3:3b:08:c3:75:c1:b0:65:3f:58:75:ac:18:7f:dd:
db:7d:e9:e3:48:61:ad:fd:6d:fd:bb:ef:89:06:3c:
c4:a8:a1:4d:04:05:1f:fa:47:38:28:29:1e:24:a0:
4c:a0:10:89:7f:e0:c0:27:0a:46:5e:39:f6:b3:28:
8e:02:f1:eb:98:ee:e2:e1:3a:ec:ae:00:7e:1d:dd:
ad:17:93:0d:76:b4:58:b8:6c:45:9e:30:e4:d6:7a:
4d:27:81:fd:5c:b7:8f:81:70:70:6e:1f:cd:3e:d5:
5c:4c:9c:32:01:ae:02:aa:f4:7a:36:ee:df:0f:ec:
96:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:33:95:D6:50:F6:81:36:8A:45:42:AC:10:B6:92:1B:CC:64:3A:05
X509v3 Authority Key Identifier:
keyid:4C:CC:60:49:5B:2A:34:D8:92:11:CC:1C:79:52:4E:AB:61:BA:16:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TMxgSVsqNNiSEcwceVJOq2G6FlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/151c6c-617c-4643-9f6e-69809d8b9c20/1/rjOV1lD2gTaKRUKsELaSG8xkOgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/151c6c-617c-4643-9f6e-69809d8b9c20/1/TMxgSVsqNNiSEcwceVJOq2G6FlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.223.48.0/22
195.20.32.0/24
IPv6:
2a04:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
af:a1:23:85:e8:c4:51:b0:71:e3:c6:6d:10:b7:72:bb:4e:cc:
f4:62:29:6d:8e:2a:34:13:4a:4b:5e:4f:23:65:b3:90:ab:b5:
07:fe:45:81:27:21:66:03:12:66:0b:26:58:05:ad:54:bf:31:
84:4b:1a:17:03:8c:25:da:ed:0f:98:24:44:e2:57:3a:b7:20:
a7:ef:2f:e2:60:6f:1b:98:b5:55:ef:1b:f5:8e:a5:8b:e9:dc:
40:62:51:d3:83:3f:a4:cd:7f:6d:fc:45:e5:9f:3f:d3:b1:04:
47:a0:07:14:9a:34:65:c5:8a:de:9c:c0:5a:64:17:9a:35:97:
14:56:2f:a9:de:84:75:bd:34:9a:93:88:0d:f1:24:58:8d:9d:
0e:0a:91:e7:f3:5c:a2:fe:8e:43:bd:3a:22:76:00:7e:36:dd:
2b:3e:cb:5c:0c:6f:e3:cc:91:89:71:46:29:71:99:18:32:97:
e7:68:f9:67:b7:6e:31:24:c2:4e:74:46:37:34:76:17:7f:af:
2c:1f:78:dc:91:c2:b4:a2:6e:c4:03:c8:4b:b9:8b:68:ae:32:
99:ba:d5:de:9e:69:a8:85:54:e5:0f:e6:85:68:2a:59:19:a4:
59:62:d8:8b:a7:01:da:c8:2d:4d:68:74:43:17:12:6c:3c:f8:
d4:c0:89:e0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwFQjXtIwkQXJIROPqLrVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjY2M2MDQ5NWIyYTM0ZDg5MjExY2MxYzc5NTI0ZWFiNjFi
YTE2NTYwHhcNMjMwMTAyMDEyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTMzOTVkNjUwZjY4MTM2OGE0NTQyYWMxMGI2OTIxYmNjNjQzYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8a7jZr1X8clX12DtAicjVUONl3E
bsHKLzdR0V/z7zN+OQldZ0CH/oLYR4bowwtS5mlijRqssNb6TdU/5Y02m6Yx6aC8
Ree+NpEIh2BTfM1i6hcP//XZvEW+JoC4bqPx5GK3b2B5W4V2ZYCGzvnjARPMjoEW
RICHPsgpsCDFoF+Nvl/Ytd7zOwjDdcGwZT9YdawYf93bfenjSGGt/W39u++JBjzE
qKFNBAUf+kc4KCkeJKBMoBCJf+DAJwpGXjn2syiOAvHrmO7i4TrsrgB+Hd2tF5MN
drRYuGxFnjDk1npNJ4H9XLePgXBwbh/NPtVcTJwyAa4CqvR6Nu7fD+yWBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK4zldZQ9oE2ikVCrBC2khvMZDoFMB8GA1UdIwQY
MBaAFEzMYElbKjTYkhHMHHlSTqthuhZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE14Z1NWc3FOTmlTRWN3Y2VWSk9xMkc2RmxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xNTFjNmMtNjE3Yy00NjQzLTlmNmUt
Njk4MDlkOGI5YzIwLzEvcmpPVjFsRDJnVGFLUlVLc0VMYVNHOHhrT2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xNTFjNmMtNjE3Yy00NjQzLTlmNmUtNjk4MDlkOGI5YzIw
LzEvVE14Z1NWc3FOTmlTRWN3Y2VWSk9xMkc2RmxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCU98wAwQA
wxQgMA0EAgACMAcDBQMqBBbAMA0GCSqGSIb3DQEBCwUAA4IBAQCvoSOF6MRRsHHj
xm0Qt3K7Tsz0Yiltjio0E0pLXk8jZbOQq7UH/kWBJyFmAxJmCyZYBa1UvzGESxoX
A4wl2u0PmCRE4lc6tyCn7y/iYG8bmLVV7xv1jqWL6dxAYlHTgz+kzX9t/EXlnz/T
sQRHoAcUmjRlxYrenMBaZBeaNZcUVi+p3oR1vTSak4gN8SRYjZ0OCpHn81yi/o5D
vToidgB+Nt0rPstcDG/jzJGJcUYpcZkYMpfnaPlnt24xJMJOdEY3NHYXf68sH3jc
kcK0om7EA8hLuYtorjKZutXenmmohVTlD+aFaCpZGaRZYtiLpwHayC1NaHRDFxJs
PPjUwIng
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:46 2024 by rpki-client on console-ams.rpki-client.org