Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/higk31SxXKVqb_2KxWSm4MqiFBo.roa
File: higk31SxXKVqb_2KxWSm4MqiFBo.roa (raw, json)
Hash identifier: ZRvS5K4YfdKokxWb9Vn56+YUR0xZTmeMhBx4EFRBZuE=
Subject key identifier: 86:28:24:DF:54:B1:5C:A5:6A:6F:FD:8A:C5:64:A6:E0:CA:A2:14:1A
Certificate issuer: /CN=3e3d1c21a77a0b0f7f0ce6633e13e0c57bedb08b
Certificate serial: 018571BA298FA11A675DA10880524793B13A
Authority key identifier: 3E:3D:1C:21:A7:7A:0B:0F:7F:0C:E6:63:3E:13:E0:C5:7B:ED:B0:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/higk31SxXKVqb_2KxWSm4MqiFBo.roa
Signing time: Mon 02 Jan 2023 09:05:03 +0000
ROA not before: Mon 02 Jan 2023 09:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48712
IP address blocks: 195.130.197.0/24 maxlen: 24
194.28.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:29:8f:a1:1a:67:5d:a1:08:80:52:47:93:b1:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e3d1c21a77a0b0f7f0ce6633e13e0c57bedb08b
Validity
Not Before: Jan 2 09:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=862824df54b15ca56a6ffd8ac564a6e0caa2141a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c4:84:47:f2:30:20:67:80:7b:37:c2:09:c5:
63:d2:bd:27:0a:11:dd:ae:62:1d:a0:0f:ba:27:fd:
ca:bd:60:81:60:c1:93:a2:72:39:c8:2a:20:87:41:
7c:09:a9:29:70:2b:bd:ca:b2:9a:d0:70:ff:4f:88:
36:7b:36:2d:a7:13:37:98:3f:ef:25:7e:45:64:48:
2b:1a:93:84:dc:8a:fd:a7:57:91:5b:2b:b4:00:42:
a5:5d:58:0f:13:17:be:04:14:73:d2:f3:d4:81:c3:
4f:9a:dd:19:cb:b2:0e:c1:c5:f4:5c:ac:d1:16:ce:
8c:49:e4:f0:fe:28:af:5a:2d:3c:02:f4:26:aa:d8:
67:f5:f9:bb:16:dc:e6:eb:f9:02:07:2b:1e:3a:1f:
07:c1:b6:d4:47:ea:6c:b3:b0:38:4c:51:9a:fc:5b:
f8:a0:e6:3f:4b:b4:48:f5:f0:ea:ab:3a:25:9b:42:
14:94:e6:24:88:ac:3c:37:ce:f0:cb:f2:93:e4:14:
ac:bf:8c:a5:e1:75:8b:b7:fa:28:db:58:d2:39:fc:
31:26:8a:69:a6:55:9f:8e:68:de:0c:16:e1:f2:b6:
92:ba:04:fb:0c:79:44:81:c9:10:08:17:6a:88:4e:
b2:52:f1:17:2f:21:ec:d0:83:c9:9f:e5:b9:d6:6d:
c5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:28:24:DF:54:B1:5C:A5:6A:6F:FD:8A:C5:64:A6:E0:CA:A2:14:1A
X509v3 Authority Key Identifier:
keyid:3E:3D:1C:21:A7:7A:0B:0F:7F:0C:E6:63:3E:13:E0:C5:7B:ED:B0:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/higk31SxXKVqb_2KxWSm4MqiFBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.32.0/22
195.130.197.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a1:7e:6e:ac:e1:4d:9e:b6:36:59:69:29:7e:27:b6:a1:6a:
3f:5c:a9:6b:6b:c3:51:3b:d5:55:40:94:d5:72:db:cb:c5:c1:
2a:41:c7:28:ae:55:d8:d7:71:b1:40:2a:66:e2:7a:13:d2:a0:
a1:67:53:bf:66:2e:35:13:8f:9a:8d:fc:4f:7f:4f:7e:8a:29:
e2:94:7b:9e:e1:54:58:70:2d:c3:4f:3b:c4:ad:82:4e:35:3a:
cf:ab:4b:52:ac:df:ab:42:9e:14:49:cc:39:15:cf:07:a5:66:
b0:fe:59:1c:cb:e3:ff:50:22:e3:4b:ca:7f:47:eb:28:79:91:
72:48:85:a0:f2:65:fa:f1:74:38:48:34:86:09:72:a9:ad:ca:
14:66:6a:f7:60:fc:b7:ff:4e:d5:84:87:07:8f:23:3e:ec:c2:
77:c2:dc:91:a2:65:1b:3e:b6:56:06:ed:84:ce:22:bc:2f:71:
cb:b9:9f:2d:bf:48:23:01:67:37:d4:a4:ea:51:10:00:bd:77:
79:f1:cf:ee:ed:c1:5c:bc:f4:4e:cf:f3:a4:3d:38:b9:90:f6:
97:44:df:2f:dd:a1:06:f9:d9:a3:d4:6f:54:3b:1b:2c:ea:0d:
79:14:f6:8a:7c:9b:c7:c2:29:ab:75:3f:83:d2:3b:af:ea:e0:
0b:e7:75:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxuimPoRpnXaEIgFJHk7E6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlM2QxYzIxYTc3YTBiMGY3ZjBjZTY2MzNlMTNlMGM1N2Jl
ZGIwOGIwHhcNMjMwMTAyMDkwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI4MjRkZjU0YjE1Y2E1NmE2ZmZkOGFjNTY0YTZlMGNhYTIxNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8SER/IwIGeAezfCCcVj0r0nChHd
rmIdoA+6J/3KvWCBYMGTonI5yCogh0F8CakpcCu9yrKa0HD/T4g2ezYtpxM3mD/v
JX5FZEgrGpOE3Ir9p1eRWyu0AEKlXVgPExe+BBRz0vPUgcNPmt0Zy7IOwcX0XKzR
Fs6MSeTw/iivWi08AvQmqthn9fm7Ftzm6/kCByseOh8HwbbUR+pss7A4TFGa/Fv4
oOY/S7RI9fDqqzolm0IUlOYkiKw8N87wy/KT5BSsv4yl4XWLt/oo21jSOfwxJopp
plWfjmjeDBbh8raSugT7DHlEgckQCBdqiE6yUvEXLyHs0IPJn+W51m3FAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIYoJN9UsVylam/9isVkpuDKohQaMB8GA1UdIwQY
MBaAFD49HCGnegsPfwzmYz4T4MV77bCLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGowY0lhZDZDdzlfRE9aalBoUGd4WHZ0c0lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wZTllMDAtNDZlNi00ODYzLTkzMjAt
MDk4ZjI1OThlNWUzLzEvaGlnazMxU3hYS1ZxYl8yS3hXU200TXFpRkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wZTllMDAtNDZlNi00ODYzLTkzMjAtMDk4ZjI1OThlNWUz
LzEvUGowY0lhZDZDdzlfRE9aalBoUGd4WHZ0c0lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwhwgAwQA
w4LFMA0GCSqGSIb3DQEBCwUAA4IBAQA8oX5urOFNnrY2WWkpfie2oWo/XKlra8NR
O9VVQJTVctvLxcEqQccorlXY13GxQCpm4noT0qChZ1O/Zi41E4+ajfxPf09+iini
lHue4VRYcC3DTzvErYJONTrPq0tSrN+rQp4UScw5Fc8HpWaw/lkcy+P/UCLjS8p/
R+soeZFySIWg8mX68XQ4SDSGCXKprcoUZmr3YPy3/07VhIcHjyM+7MJ3wtyRomUb
PrZWBu2EziK8L3HLuZ8tv0gjAWc31KTqURAAvXd58c/u7cFcvPROz/OkPTi5kPaX
RN8v3aEG+dmj1G9UOxss6g15FPaKfJvHwimrdT+D0juv6uAL53Un
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:43 2024 by rpki-client on console-fra.rpki-client.org