Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/5rLNhXySJXDboUjoHffz1sAkEc0.roa
File: 5rLNhXySJXDboUjoHffz1sAkEc0.roa (raw, json)
Hash identifier: ozXSDqOsbAamaSsfJUmHCRY7V15R8hsTBqW0ILKziZM=
Subject key identifier: E6:B2:CD:85:7C:92:25:70:DB:A1:48:E8:1D:F7:F3:D6:C0:24:11:CD
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 018CC3B6D81B7A87815F3CF75A49C0887352
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/5rLNhXySJXDboUjoHffz1sAkEc0.roa
Signing time: Mon 01 Jan 2024 06:29:49 +0000
ROA not before: Mon 01 Jan 2024 06:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21500
IP address blocks: 195.123.177.0/24 maxlen: 24
195.123.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 11:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d8:1b:7a:87:81:5f:3c:f7:5a:49:c0:88:73:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 1 06:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6b2cd857c922570dba148e81df7f3d6c02411cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ca:22:82:36:d5:7b:6e:6b:fa:fa:76:47:5b:
74:6e:7b:df:e5:16:8f:fa:46:d3:61:d8:c1:14:61:
49:ba:81:81:f0:7e:d8:99:91:d0:cc:cd:4a:45:bf:
e5:50:28:36:3b:cd:36:1b:e8:f1:dc:16:94:0f:e6:
0f:fc:d1:bf:6b:55:34:4b:1d:1a:bb:d4:f5:85:04:
17:f3:84:8f:c3:26:33:9a:d1:a9:7a:70:a4:4b:3f:
6e:55:50:69:31:db:ae:25:e0:95:08:da:2f:ac:23:
25:33:4f:e4:55:f2:4d:ea:86:63:59:91:76:2c:96:
fc:4c:52:7b:15:08:8b:10:cb:2b:8a:5b:af:e1:de:
e8:8b:25:45:5b:c3:be:27:ab:36:9e:40:7c:3d:a4:
0c:ca:c8:4a:85:8f:c2:a2:10:c7:93:10:9d:6b:6f:
70:6f:e5:72:95:b5:0a:c0:72:a8:04:46:b2:13:03:
26:88:90:1d:72:ea:44:e7:b2:fe:6a:ee:57:84:ad:
63:da:4a:85:88:34:2d:3a:66:fd:22:c2:26:95:63:
d8:54:17:1f:9b:54:8a:03:f1:fd:26:c4:57:c4:e8:
cc:25:b6:17:a5:6c:c2:d2:f5:a0:b6:62:9e:d9:76:
64:27:79:09:93:f1:b0:d0:a8:0c:0e:63:00:47:ee:
88:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B2:CD:85:7C:92:25:70:DB:A1:48:E8:1D:F7:F3:D6:C0:24:11:CD
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/5rLNhXySJXDboUjoHffz1sAkEc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.177.0/24
195.123.184.0/24
Signature Algorithm: sha256WithRSAEncryption
53:d4:87:ba:25:6a:41:19:ea:4f:1f:b8:80:5f:28:d4:17:31:
d3:1e:c8:b1:5d:db:7e:3e:b6:3f:64:0c:06:6b:0c:b5:9b:06:
49:51:c9:e3:cd:4f:e5:6a:9a:aa:4d:08:19:48:9b:6d:29:b3:
fd:c5:6d:b2:cd:55:82:8f:79:94:28:c5:4f:a1:9b:f5:cf:0b:
5c:f7:ae:c8:86:bf:5a:58:04:58:78:30:b2:84:91:5f:54:20:
80:94:67:eb:3d:32:56:d3:4f:bc:cd:f2:be:fd:53:87:03:c1:
6f:3f:32:8b:df:71:9c:09:b3:ff:bd:28:f0:1d:fb:bd:ed:24:
e3:c9:33:24:88:b5:f8:c9:d2:bb:e3:ba:90:87:e9:c9:d2:02:
e9:93:c3:87:16:b9:25:d2:d0:2f:d5:8f:28:d3:24:b7:4c:b1:
fe:2f:90:5b:22:e0:5e:28:dc:f3:4e:d6:be:83:33:68:fd:37:
ff:87:43:33:e8:88:aa:ea:d9:98:ab:2f:19:6e:8e:d9:d6:1e:
0b:f8:49:1d:30:69:e5:7d:bf:b8:c2:99:04:df:52:d7:a8:1b:
e1:97:8f:7c:df:fe:48:b5:60:59:b2:13:10:ff:60:93:64:aa:
ec:13:70:f5:4d:e7:e7:8b:d0:dd:e7:37:10:cb:5d:63:a1:39:
03:63:06:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDttgbeoeBXzz3WknAiHNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjQwMTAxMDYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmIyY2Q4NTdjOTIyNTcwZGJhMTQ4ZTgxZGY3ZjNkNmMwMjQxMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8oigjbVe25r+vp2R1t0bnvf5RaP
+kbTYdjBFGFJuoGB8H7YmZHQzM1KRb/lUCg2O802G+jx3BaUD+YP/NG/a1U0Sx0a
u9T1hQQX84SPwyYzmtGpenCkSz9uVVBpMduuJeCVCNovrCMlM0/kVfJN6oZjWZF2
LJb8TFJ7FQiLEMsriluv4d7oiyVFW8O+J6s2nkB8PaQMyshKhY/CohDHkxCda29w
b+VylbUKwHKoBEayEwMmiJAdcupE57L+au5XhK1j2kqFiDQtOmb9IsImlWPYVBcf
m1SKA/H9JsRXxOjMJbYXpWzC0vWgtmKe2XZkJ3kJk/Gw0KgMDmMAR+6IqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOayzYV8kiVw26FI6B3389bAJBHNMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvNXJMTmhYeVNKWERib1Vqb0hmZnoxc0FrRWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw3uxAwQA
w3u4MA0GCSqGSIb3DQEBCwUAA4IBAQBT1Ie6JWpBGepPH7iAXyjUFzHTHsixXdt+
PrY/ZAwGawy1mwZJUcnjzU/lapqqTQgZSJttKbP9xW2yzVWCj3mUKMVPoZv1zwtc
967Ihr9aWARYeDCyhJFfVCCAlGfrPTJW00+8zfK+/VOHA8FvPzKL33GcCbP/vSjw
Hfu97STjyTMkiLX4ydK747qQh+nJ0gLpk8OHFrkl0tAv1Y8o0yS3TLH+L5BbIuBe
KNzzTta+gzNo/Tf/h0Mz6Iiq6tmYqy8Zbo7Z1h4L+EkdMGnlfb+4wpkE31LXqBvh
l4983/5ItWBZshMQ/2CTZKrsE3D1Tefni9Dd5zcQy11joTkDYwZI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:49 2024 by rpki-client on console-ams.rpki-client.org