Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/C91mQ_afACdgHsqbyPv0RreVYuU.roa
File: C91mQ_afACdgHsqbyPv0RreVYuU.roa (raw, json)
Hash identifier: ah17AKsNcGIIS2bYjJkBE2zj/cWidjr+kOUnpCaGRG4=
Subject key identifier: 0B:DD:66:43:F6:9F:00:27:60:1E:CA:9B:C8:FB:F4:46:B7:95:62:E5
Certificate issuer: /CN=b4f33f6fd29baf03cc4d485af5f6b70da6b0099f
Certificate serial: 01856D5CE21331F3578F7278CACBE59F1DEA
Authority key identifier: B4:F3:3F:6F:D2:9B:AF:03:CC:4D:48:5A:F5:F6:B7:0D:A6:B0:09:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPM_b9KbrwPMTUha9fa3DaawCZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/C91mQ_afACdgHsqbyPv0RreVYuU.roa
Signing time: Sun 01 Jan 2023 12:44:41 +0000
ROA not before: Sun 01 Jan 2023 12:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8511
IP address blocks: 195.38.160.0/19 maxlen: 19
2a11:a380::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:e2:13:31:f3:57:8f:72:78:ca:cb:e5:9f:1d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f33f6fd29baf03cc4d485af5f6b70da6b0099f
Validity
Not Before: Jan 1 12:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bdd6643f69f0027601eca9bc8fbf446b79562e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:92:85:e0:54:0f:23:3d:3a:e0:ec:ea:8d:12:
2f:d7:08:29:ba:89:fc:9b:81:7f:7d:81:1d:02:2f:
3a:10:a3:be:8c:51:8d:78:1a:26:07:3c:39:ce:dc:
a5:1d:07:40:c5:dd:65:da:36:40:64:fe:2d:36:77:
3e:13:a2:3f:46:6f:eb:4b:3a:4f:cf:08:36:3a:7f:
cf:46:09:bd:2a:27:55:1d:dd:f9:0b:6b:a5:9d:00:
81:62:6c:b2:00:7a:1e:4c:97:f4:50:8d:d1:20:b8:
1a:27:39:20:8e:7a:cb:96:a5:86:59:9c:21:54:c3:
20:25:09:90:c4:0d:cf:9c:fa:3f:64:1d:89:b8:24:
66:91:0a:13:df:1c:3c:93:38:c2:1f:dd:d7:6e:a6:
22:e4:0c:3a:57:8e:c3:9c:f4:bf:e1:ad:11:21:9e:
cc:b7:7c:a2:94:97:a1:ae:fd:33:5a:75:05:3c:c9:
da:0a:f2:7d:6d:40:37:30:54:6a:0e:5a:fa:5a:ef:
c2:7d:26:ed:b6:e2:97:a3:ef:dc:f0:60:38:d7:1b:
b5:78:13:fc:0f:24:95:4d:f0:c9:9f:60:18:cc:bf:
ae:e5:93:04:62:3e:fd:7f:5d:f5:b0:4f:0c:74:80:
2d:20:8d:b4:7b:50:49:50:6e:6f:89:28:cd:b5:58:
5f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DD:66:43:F6:9F:00:27:60:1E:CA:9B:C8:FB:F4:46:B7:95:62:E5
X509v3 Authority Key Identifier:
keyid:B4:F3:3F:6F:D2:9B:AF:03:CC:4D:48:5A:F5:F6:B7:0D:A6:B0:09:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPM_b9KbrwPMTUha9fa3DaawCZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/C91mQ_afACdgHsqbyPv0RreVYuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/tPM_b9KbrwPMTUha9fa3DaawCZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.38.160.0/19
IPv6:
2a11:a380::/29
Signature Algorithm: sha256WithRSAEncryption
2a:18:0d:da:2c:90:2e:24:11:b8:4d:87:1d:73:b0:41:04:ca:
77:6c:07:d8:2e:02:f5:c8:65:cb:04:d6:c7:34:b6:6a:83:f9:
c9:af:64:1a:80:7b:dc:95:f9:d4:3e:c3:05:a4:04:a1:3a:31:
45:fc:ad:64:81:cf:50:d0:e0:69:2e:d3:02:50:6d:ba:ff:fc:
d3:a1:81:3c:e4:b1:67:ba:fd:16:ae:a6:99:77:3d:16:99:ff:
6a:c5:47:36:02:df:8d:8e:72:c1:49:87:73:d9:6c:37:4a:f4:
89:74:42:59:d9:b7:e1:31:70:d6:da:0f:6a:35:75:74:1c:98:
d1:2e:4d:32:13:ce:ca:5d:74:0b:a1:db:44:63:a7:09:16:a8:
e0:22:9b:10:fd:55:34:26:df:e8:47:ff:e0:9f:4b:54:a4:ac:
a9:f7:5f:d3:a3:d1:e3:e0:76:84:2b:16:b6:89:79:d3:7c:ee:
08:85:1d:ac:92:66:96:5d:f5:28:9e:70:ce:d9:c4:32:be:f4:
87:0a:aa:cd:19:18:f2:60:83:a2:20:cb:14:8a:46:88:a1:1e:
fd:3e:1b:93:c4:99:5d:4c:2d:f6:d0:d3:21:b1:dd:ce:0e:4d:
75:50:ea:74:97:81:1e:f9:a3:fe:a5:11:06:9c:22:5f:91:48:
04:5c:02:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtXOITMfNXj3J4ysvlnx3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZjMzZjZmZDI5YmFmMDNjYzRkNDg1YWY1ZjZiNzBkYTZi
MDA5OWYwHhcNMjMwMTAxMTI0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmRkNjY0M2Y2OWYwMDI3NjAxZWNhOWJjOGZiZjQ0NmI3OTU2MmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZKF4FQPIz064OzqjRIv1wgpuon8
m4F/fYEdAi86EKO+jFGNeBomBzw5ztylHQdAxd1l2jZAZP4tNnc+E6I/Rm/rSzpP
zwg2On/PRgm9KidVHd35C2ulnQCBYmyyAHoeTJf0UI3RILgaJzkgjnrLlqWGWZwh
VMMgJQmQxA3PnPo/ZB2JuCRmkQoT3xw8kzjCH93XbqYi5Aw6V47DnPS/4a0RIZ7M
t3yilJehrv0zWnUFPMnaCvJ9bUA3MFRqDlr6Wu/CfSbttuKXo+/c8GA41xu1eBP8
DySVTfDJn2AYzL+u5ZMEYj79f131sE8MdIAtII20e1BJUG5viSjNtVhfIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAvdZkP2nwAnYB7Km8j79Ea3lWLlMB8GA1UdIwQY
MBaAFLTzP2/Sm68DzE1IWvX2tw2msAmfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBNX2I5S2Jyd1BNVFVoYTlmYTNEYWF3Q1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85MGE1Y2YtZTQ4NC00YmIyLWEyODUt
NmE0OWI1YTMxMjk0LzEvQzkxbVFfYWZBQ2RnSHNxYnlQdjBScmVWWXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85MGE1Y2YtZTQ4NC00YmIyLWEyODUtNmE0OWI1YTMxMjk0
LzEvdFBNX2I5S2Jyd1BNVFVoYTlmYTNEYWF3Q1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwyagMA0E
AgACMAcDBQMqEaOAMA0GCSqGSIb3DQEBCwUAA4IBAQAqGA3aLJAuJBG4TYcdc7BB
BMp3bAfYLgL1yGXLBNbHNLZqg/nJr2QagHvclfnUPsMFpAShOjFF/K1kgc9Q0OBp
LtMCUG26//zToYE85LFnuv0WrqaZdz0Wmf9qxUc2At+NjnLBSYdz2Ww3SvSJdEJZ
2bfhMXDW2g9qNXV0HJjRLk0yE87KXXQLodtEY6cJFqjgIpsQ/VU0Jt/oR//gn0tU
pKyp91/To9Hj4HaEKxa2iXnTfO4IhR2skmaWXfUonnDO2cQyvvSHCqrNGRjyYIOi
IMsUikaIoR79PhuTxJldTC320NMhsd3ODk11UOp0l4Ee+aP+pREGnCJfkUgEXAI4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:47 2024 by rpki-client on console-fra.rpki-client.org