Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/Ox3GFlSvfhRLjI9naMwNZpEeWAo.roa
File: Ox3GFlSvfhRLjI9naMwNZpEeWAo.roa (raw, json)
Hash identifier: FWES/IVtWYoTcbi/HreLw8yJ+TQUdUNTMJh6/VeF/s4=
Subject key identifier: 3B:1D:C6:16:54:AF:7E:14:4B:8C:8F:67:68:CC:0D:66:91:1E:58:0A
Certificate issuer: /CN=b4f33f6fd29baf03cc4d485af5f6b70da6b0099f
Certificate serial: 018CC3B708240892E51B8B7E0C0050E1972D
Authority key identifier: B4:F3:3F:6F:D2:9B:AF:03:CC:4D:48:5A:F5:F6:B7:0D:A6:B0:09:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPM_b9KbrwPMTUha9fa3DaawCZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/Ox3GFlSvfhRLjI9naMwNZpEeWAo.roa
Signing time: Mon 01 Jan 2024 06:30:01 +0000
ROA not before: Mon 01 Jan 2024 06:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8511
IP address blocks: 195.38.160.0/19 maxlen: 19
2a11:a380::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 09 Aug 2024 13:19:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:08:24:08:92:e5:1b:8b:7e:0c:00:50:e1:97:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f33f6fd29baf03cc4d485af5f6b70da6b0099f
Validity
Not Before: Jan 1 06:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b1dc61654af7e144b8c8f6768cc0d66911e580a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:74:fd:0b:f1:b9:6f:54:50:66:ea:d4:f3:e0:
54:39:d1:ce:c6:45:7e:49:3c:0c:3c:a3:49:fc:be:
8f:97:f1:1a:99:bd:46:f0:e3:3a:ac:8c:d6:a1:3d:
e9:9a:78:80:44:1d:76:43:18:04:aa:35:e9:84:ba:
26:65:2f:3b:77:d0:c7:fa:0b:c9:42:99:f2:73:a1:
39:32:ce:d9:d2:ef:66:3c:50:5a:62:17:14:b6:5f:
da:f7:44:19:17:b1:a1:3e:56:f4:1b:55:01:89:be:
d8:d9:a1:0c:d5:e7:bc:f2:87:a7:ef:c8:9a:5a:7e:
85:9c:06:5a:7a:d0:72:04:77:39:93:62:d0:6a:96:
0e:6b:93:c4:17:3d:2e:aa:74:ca:e7:e3:df:13:b2:
b3:31:99:b6:27:55:9a:0f:2b:58:34:6e:11:fa:b0:
f2:bf:ae:ec:a0:fc:cc:89:e7:35:b4:19:fd:d6:0a:
b9:35:8f:0d:76:f4:50:30:e6:d7:14:72:0b:51:c5:
ae:eb:b7:52:65:02:c8:65:b5:d0:0d:f1:0f:76:81:
a1:db:c3:09:fa:b6:ab:9b:38:17:da:83:41:a5:e5:
b9:57:44:65:10:53:f9:b1:dc:81:e9:98:45:b0:f1:
7d:d2:75:db:b5:be:60:87:4e:ab:6b:51:96:03:f7:
68:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:1D:C6:16:54:AF:7E:14:4B:8C:8F:67:68:CC:0D:66:91:1E:58:0A
X509v3 Authority Key Identifier:
keyid:B4:F3:3F:6F:D2:9B:AF:03:CC:4D:48:5A:F5:F6:B7:0D:A6:B0:09:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPM_b9KbrwPMTUha9fa3DaawCZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/Ox3GFlSvfhRLjI9naMwNZpEeWAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/tPM_b9KbrwPMTUha9fa3DaawCZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.38.160.0/19
IPv6:
2a11:a380::/29
Signature Algorithm: sha256WithRSAEncryption
4a:6d:ff:d7:2e:23:ac:73:30:26:4a:12:aa:d5:de:d0:33:2c:
ca:80:2c:bd:71:ca:a4:cf:3a:2b:2e:8a:25:46:f5:66:21:65:
16:3e:22:2a:14:e3:73:84:71:57:32:c4:94:e2:eb:5d:24:88:
20:cc:3a:7a:e8:dc:41:2c:1a:4e:94:21:72:93:22:5d:bb:b9:
8d:65:e9:09:a7:01:d1:c3:73:53:b4:87:29:13:19:b6:0d:80:
46:4b:77:f4:a2:cb:51:13:07:69:b9:3e:9f:77:f6:c3:d3:d2:
c9:15:75:ef:2f:0b:14:10:3f:f4:2b:6e:5f:5e:25:59:f6:6a:
06:9b:a3:72:94:e7:6b:7b:86:50:c4:a9:cf:4f:2e:a7:14:fa:
16:ef:a1:84:b4:6b:66:fd:8f:0e:ab:7d:41:9d:19:e2:18:3c:
e6:b6:9f:b4:52:20:27:19:fd:7a:8d:4e:08:a5:c4:12:ec:e3:
bb:34:cd:70:e4:a3:6b:da:5c:4c:60:0c:8d:4e:41:94:4c:b1:
60:71:2b:ae:e1:0e:be:f2:43:24:0e:00:ba:7e:8d:e3:42:4d:
95:b4:a3:f4:4b:a0:40:b3:a4:40:86:a8:03:a4:ec:68:31:d7:
34:5b:fa:47:3a:d5:07:0a:6b:a3:9d:96:53:a8:66:64:a6:11:
a9:f8:7d:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtwgkCJLlG4t+DABQ4ZctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZjMzZjZmZDI5YmFmMDNjYzRkNDg1YWY1ZjZiNzBkYTZi
MDA5OWYwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjFkYzYxNjU0YWY3ZTE0NGI4YzhmNjc2OGNjMGQ2NjkxMWU1ODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3T9C/G5b1RQZurU8+BUOdHOxkV+
STwMPKNJ/L6Pl/Eamb1G8OM6rIzWoT3pmniARB12QxgEqjXphLomZS87d9DH+gvJ
Qpnyc6E5Ms7Z0u9mPFBaYhcUtl/a90QZF7GhPlb0G1UBib7Y2aEM1ee88oen78ia
Wn6FnAZaetByBHc5k2LQapYOa5PEFz0uqnTK5+PfE7KzMZm2J1WaDytYNG4R+rDy
v67soPzMiec1tBn91gq5NY8NdvRQMObXFHILUcWu67dSZQLIZbXQDfEPdoGh28MJ
+rarmzgX2oNBpeW5V0RlEFP5sdyB6ZhFsPF90nXbtb5gh06ra1GWA/doMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDsdxhZUr34US4yPZ2jMDWaRHlgKMB8GA1UdIwQY
MBaAFLTzP2/Sm68DzE1IWvX2tw2msAmfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBNX2I5S2Jyd1BNVFVoYTlmYTNEYWF3Q1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85MGE1Y2YtZTQ4NC00YmIyLWEyODUt
NmE0OWI1YTMxMjk0LzEvT3gzR0ZsU3ZmaFJMakk5bmFNd05acEVlV0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85MGE1Y2YtZTQ4NC00YmIyLWEyODUtNmE0OWI1YTMxMjk0
LzEvdFBNX2I5S2Jyd1BNVFVoYTlmYTNEYWF3Q1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwyagMA0E
AgACMAcDBQMqEaOAMA0GCSqGSIb3DQEBCwUAA4IBAQBKbf/XLiOsczAmShKq1d7Q
MyzKgCy9ccqkzzorLoolRvVmIWUWPiIqFONzhHFXMsSU4utdJIggzDp66NxBLBpO
lCFykyJdu7mNZekJpwHRw3NTtIcpExm2DYBGS3f0ostREwdpuT6fd/bD09LJFXXv
LwsUED/0K25fXiVZ9moGm6NylOdre4ZQxKnPTy6nFPoW76GEtGtm/Y8Oq31BnRni
GDzmtp+0UiAnGf16jU4IpcQS7OO7NM1w5KNr2lxMYAyNTkGUTLFgcSuu4Q6+8kMk
DgC6fo3jQk2VtKP0S6BAs6RAhqgDpOxoMdc0W/pHOtUHCmujnZZTqGZkphGp+H2k
-----END CERTIFICATE-----
Generated at Fri Aug 9 15:43:33 2024 by rpki-client on console-ams.rpki-client.org