Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/0nOU8PRjB19PXdTRGQZMLJuSm90.roa
File: 0nOU8PRjB19PXdTRGQZMLJuSm90.roa (raw, json)
Hash identifier: 5siuCqaW6OZ+6er4byFoqNjAechytSSu+pmFJWko+WI=
Subject key identifier: D2:73:94:F0:F4:63:07:5F:4F:5D:D4:D1:19:06:4C:2C:9B:92:9B:DD
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 01856ECB9A59E312A349D4FD68DE8650E713
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/0nOU8PRjB19PXdTRGQZMLJuSm90.roa
Signing time: Sun 01 Jan 2023 19:25:15 +0000
ROA not before: Sun 01 Jan 2023 19:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21500
IP address blocks: 195.123.177.0/24 maxlen: 24
195.123.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:9a:59:e3:12:a3:49:d4:fd:68:de:86:50:e7:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 1 19:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d27394f0f463075f4f5dd4d119064c2c9b929bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6d:31:89:cf:8d:0b:29:dc:c7:29:91:38:fd:
5a:51:11:2f:b1:24:0e:46:0b:67:e4:fc:c0:51:99:
f9:c2:3d:46:a8:f9:cb:46:da:ec:18:63:19:a2:35:
22:70:4a:77:a2:c5:b3:e1:29:bf:a5:88:e8:a8:3f:
c6:76:78:29:de:ac:31:42:20:d2:b0:64:17:90:52:
3e:37:2e:4a:c6:ab:0f:63:a2:84:fe:9c:8c:07:b7:
22:2a:42:f8:2b:ce:21:57:ed:a2:4f:44:98:32:0b:
f4:dc:08:92:58:1b:b3:fa:3f:12:61:2a:82:0c:f2:
68:2a:2f:cb:e2:69:5d:71:58:b6:46:04:11:a2:59:
14:08:ab:c6:9e:84:1b:9e:0f:ec:c5:aa:2d:a2:45:
55:8f:d0:09:23:b9:b2:36:d5:37:ef:e2:93:6e:cf:
a6:90:63:f5:95:6f:6e:5f:9a:37:c0:b9:e8:8a:7b:
b1:f4:4f:da:8a:c4:ee:c8:50:9e:5c:af:cc:37:9e:
ee:64:13:d4:7a:0c:0e:8a:d4:81:ee:59:34:79:4e:
09:9c:48:cc:e5:ac:64:06:df:bb:ee:d9:6c:52:d1:
46:54:b3:59:27:fc:54:ca:83:0e:7a:fd:b7:ad:94:
87:8f:47:1d:44:cc:6a:e4:40:6c:b7:5a:cb:80:85:
b3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:73:94:F0:F4:63:07:5F:4F:5D:D4:D1:19:06:4C:2C:9B:92:9B:DD
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/0nOU8PRjB19PXdTRGQZMLJuSm90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.177.0/24
195.123.184.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:a2:b9:f2:81:11:22:ef:f9:b0:7b:f7:13:c5:a5:d7:e9:36:
f8:06:1a:9d:4d:bc:28:95:be:6f:fb:bd:3b:c5:51:37:bc:58:
2e:93:4b:de:43:ae:e8:10:89:ef:e7:bc:a8:ed:27:3b:f0:e1:
f0:bf:da:99:6b:18:49:58:9f:15:7b:19:96:08:6e:1e:8d:2e:
8d:20:2c:f1:d4:ba:48:11:50:94:f3:05:8a:04:78:0f:9a:98:
10:cc:63:f6:d9:42:da:58:b3:4b:f6:17:6d:e7:ff:51:e5:06:
38:bf:cc:a3:06:f5:b6:40:9e:a0:51:01:90:87:7b:39:10:d7:
6b:e0:53:2e:bf:24:30:6e:59:47:6d:93:8b:2b:61:59:ef:53:
51:5f:6e:1d:95:1a:28:69:60:da:07:3b:e1:a3:a6:e5:f5:a6:
41:34:4e:8d:71:c5:d0:68:6d:fd:50:ce:28:0c:e7:74:20:19:
55:25:0f:26:9a:eb:36:78:f9:3b:a7:77:9a:70:72:fc:8c:96:
77:58:8b:a6:04:9e:4e:2d:cb:19:23:cc:5a:7b:72:19:3e:54:
85:01:e8:88:6c:0e:52:b1:0e:a0:03:aa:39:0c:53:c2:c1:ad:
45:81:e4:7c:5b:1b:98:55:1f:e1:c3:3b:0f:24:ec:44:2f:73:
53:af:7d:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuy5pZ4xKjSdT9aN6GUOcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjMwMTAxMTkyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjczOTRmMGY0NjMwNzVmNGY1ZGQ0ZDExOTA2NGMyYzliOTI5YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz20xic+NCyncxymROP1aUREvsSQO
Rgtn5PzAUZn5wj1GqPnLRtrsGGMZojUicEp3osWz4Sm/pYjoqD/Gdngp3qwxQiDS
sGQXkFI+Ny5KxqsPY6KE/pyMB7ciKkL4K84hV+2iT0SYMgv03AiSWBuz+j8SYSqC
DPJoKi/L4mldcVi2RgQRolkUCKvGnoQbng/sxaotokVVj9AJI7myNtU37+KTbs+m
kGP1lW9uX5o3wLnoinux9E/aisTuyFCeXK/MN57uZBPUegwOitSB7lk0eU4JnEjM
5axkBt+77tlsUtFGVLNZJ/xUyoMOev23rZSHj0cdRMxq5EBst1rLgIWzNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNJzlPD0YwdfT13U0RkGTCybkpvdMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvMG5PVThQUmpCMTlQWGRUUkdRWk1MSnVTbTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw3uxAwQA
w3u4MA0GCSqGSIb3DQEBCwUAA4IBAQBOornygREi7/mwe/cTxaXX6Tb4BhqdTbwo
lb5v+707xVE3vFguk0veQ67oEInv57yo7Sc78OHwv9qZaxhJWJ8VexmWCG4ejS6N
ICzx1LpIEVCU8wWKBHgPmpgQzGP22ULaWLNL9hdt5/9R5QY4v8yjBvW2QJ6gUQGQ
h3s5ENdr4FMuvyQwbllHbZOLK2FZ71NRX24dlRooaWDaBzvho6bl9aZBNE6NccXQ
aG39UM4oDOd0IBlVJQ8mmus2ePk7p3eacHL8jJZ3WIumBJ5OLcsZI8xae3IZPlSF
AeiIbA5SsQ6gA6o5DFPCwa1FgeR8WxuYVR/hwzsPJOxEL3NTr30b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:21 2024 by rpki-client on console-fra.rpki-client.org