Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/xD0ZNq_QdLR6apQzZBIVZMAlPmA.roa
File: xD0ZNq_QdLR6apQzZBIVZMAlPmA.roa (raw, json)
Hash identifier: 4ic+yRXbBlPo8eI2YMYMZA4fLjBWyjHt1cAJZwVPMmo=
Subject key identifier: C4:3D:19:36:AF:D0:74:B4:7A:6A:94:33:64:12:15:64:C0:25:3E:60
Certificate issuer: /CN=4bc2b892f2dbef6f54b45360feb0f8414a5a8504
Certificate serial: 018570E76919A958A5ECF8AD3026243C9C3C
Authority key identifier: 4B:C2:B8:92:F2:DB:EF:6F:54:B4:53:60:FE:B0:F8:41:4A:5A:85:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S8K4kvLb729UtFNg_rD4QUpahQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/xD0ZNq_QdLR6apQzZBIVZMAlPmA.roa
Signing time: Mon 02 Jan 2023 05:14:51 +0000
ROA not before: Mon 02 Jan 2023 05:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41182
IP address blocks: 195.248.68.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:69:19:a9:58:a5:ec:f8:ad:30:26:24:3c:9c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bc2b892f2dbef6f54b45360feb0f8414a5a8504
Validity
Not Before: Jan 2 05:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c43d1936afd074b47a6a943364121564c0253e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a7:0d:f2:fe:73:0f:8a:d9:6c:af:4f:9e:22:
fa:b9:a2:1b:50:df:52:7d:ad:71:f0:5a:90:a4:b2:
17:ca:37:51:3c:38:72:24:3b:33:12:db:d2:4a:10:
97:39:88:98:39:46:dc:61:14:5a:f0:d2:f2:5a:e4:
c5:c4:e2:c7:56:5d:1b:c7:52:f2:06:e9:34:ca:09:
33:61:1a:7c:0c:cd:6b:09:b7:3d:86:65:81:73:c5:
d2:84:87:85:fa:30:8d:59:9f:22:e5:7a:18:44:b4:
3c:7a:51:f0:cf:4c:45:c6:c4:1d:4c:b1:ff:a5:cf:
e0:cb:78:4d:15:51:83:83:14:93:70:2e:99:f5:43:
93:c5:3b:96:24:7e:5b:0f:f4:da:71:a2:30:14:36:
b9:a0:f4:14:d6:ad:c6:c1:69:12:3a:ad:6c:86:00:
63:c3:cc:1b:1d:18:45:98:6b:22:46:1b:6e:97:eb:
61:07:bb:4f:d5:a3:40:3c:32:89:66:e1:e7:56:cd:
42:02:86:dd:cf:14:d4:1b:95:1c:f6:c9:57:93:04:
34:7f:04:0d:56:63:dc:74:07:83:93:46:ec:b2:9c:
e0:24:f8:f6:12:26:58:7b:e5:8f:3f:a1:ec:5c:b0:
83:27:ac:93:ea:0b:9b:1e:9f:2c:7a:b2:70:33:88:
e7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3D:19:36:AF:D0:74:B4:7A:6A:94:33:64:12:15:64:C0:25:3E:60
X509v3 Authority Key Identifier:
keyid:4B:C2:B8:92:F2:DB:EF:6F:54:B4:53:60:FE:B0:F8:41:4A:5A:85:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S8K4kvLb729UtFNg_rD4QUpahQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/xD0ZNq_QdLR6apQzZBIVZMAlPmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/c1a852-55f5-4505-8d90-2157a575db0b/1/S8K4kvLb729UtFNg_rD4QUpahQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.248.68.0/24
Signature Algorithm: sha256WithRSAEncryption
89:7d:56:51:20:a0:8a:72:d1:9a:d0:15:46:0e:1d:4e:62:00:
ae:85:f6:f5:83:c9:70:1e:c2:74:73:90:9e:59:67:5c:44:54:
11:bc:dc:ac:ee:89:b7:bd:f6:fb:f7:46:7c:4f:8c:67:df:6c:
4b:52:db:fb:4c:f2:b6:7d:6d:e1:e4:dd:bb:5d:af:46:24:9a:
61:07:cf:d2:17:cf:c4:57:c3:e4:5c:f4:f8:26:2b:a7:ae:b4:
7e:06:af:bc:90:39:8a:e1:16:b6:74:32:ac:b4:bd:2d:87:cd:
6c:a2:29:ce:73:73:78:e0:68:25:08:a4:59:26:f9:6c:29:40:
5b:6d:6f:d6:8d:4d:c8:63:6d:2b:88:72:81:ec:37:33:86:f4:
49:ec:ca:9f:cb:0e:b7:f7:48:94:ea:c9:cb:17:d1:91:99:de:
ab:13:95:c2:a6:59:f0:45:89:fa:f4:0d:36:e5:80:63:55:94:
13:a0:fd:d2:65:c9:b5:1b:47:02:39:b4:a7:91:5b:6d:bb:cf:
89:34:80:75:ce:e1:9b:d0:fa:73:91:fd:ba:49:3e:4d:38:98:
9d:b6:aa:38:89:20:2f:a5:77:60:5d:20:36:83:dd:a2:b8:37:
84:74:81:8a:38:ae:35:7a:d6:dc:f9:76:3e:ae:4b:01:69:11:
ca:02:1b:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw52kZqVil7PitMCYkPJw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYzJiODkyZjJkYmVmNmY1NGI0NTM2MGZlYjBmODQxNGE1
YTg1MDQwHhcNMjMwMTAyMDUxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDNkMTkzNmFmZDA3NGI0N2E2YTk0MzM2NDEyMTU2NGMwMjUzZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnacN8v5zD4rZbK9PniL6uaIbUN9S
fa1x8FqQpLIXyjdRPDhyJDszEtvSShCXOYiYOUbcYRRa8NLyWuTFxOLHVl0bx1Ly
Buk0ygkzYRp8DM1rCbc9hmWBc8XShIeF+jCNWZ8i5XoYRLQ8elHwz0xFxsQdTLH/
pc/gy3hNFVGDgxSTcC6Z9UOTxTuWJH5bD/TacaIwFDa5oPQU1q3GwWkSOq1shgBj
w8wbHRhFmGsiRhtul+thB7tP1aNAPDKJZuHnVs1CAobdzxTUG5Uc9slXkwQ0fwQN
VmPcdAeDk0bsspzgJPj2EiZYe+WPP6HsXLCDJ6yT6gubHp8serJwM4jnTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQ9GTav0HS0emqUM2QSFWTAJT5gMB8GA1UdIwQY
MBaAFEvCuJLy2+9vVLRTYP6w+EFKWoUEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzhLNGt2TGI3MjlVdEZOZ19yRDRRVXBhaFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9jMWE4NTItNTVmNS00NTA1LThkOTAt
MjE1N2E1NzVkYjBiLzEveEQwWk5xX1FkTFI2YXBRelpCSVZaTUFsUG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9jMWE4NTItNTVmNS00NTA1LThkOTAtMjE1N2E1NzVkYjBi
LzEvUzhLNGt2TGI3MjlVdEZOZ19yRDRRVXBhaFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/hEMA0G
CSqGSIb3DQEBCwUAA4IBAQCJfVZRIKCKctGa0BVGDh1OYgCuhfb1g8lwHsJ0c5Ce
WWdcRFQRvNys7om3vfb790Z8T4xn32xLUtv7TPK2fW3h5N27Xa9GJJphB8/SF8/E
V8PkXPT4JiunrrR+Bq+8kDmK4Ra2dDKstL0th81soinOc3N44GglCKRZJvlsKUBb
bW/WjU3IY20riHKB7DczhvRJ7Mqfyw6390iU6snLF9GRmd6rE5XCplnwRYn69A02
5YBjVZQToP3SZcm1G0cCObSnkVttu8+JNIB1zuGb0Ppzkf26ST5NOJidtqo4iSAv
pXdgXSA2g92iuDeEdIGKOK41etbc+XY+rksBaRHKAhth
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:44 2024 by rpki-client on console-fra.rpki-client.org