Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/cg5HxDAvF03-SGqrFwqWoQBCeUM.roa
File: cg5HxDAvF03-SGqrFwqWoQBCeUM.roa (raw, json)
Hash identifier: eQrJ8ziBQqZ4NTMRQgnaBQtjGSSlN+NSyj4POS8Ymu8=
Subject key identifier: 72:0E:47:C4:30:2F:17:4D:FE:48:6A:AB:17:0A:96:A1:00:42:79:43
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 018CC3B6D93CC1D522394B7F734737320100
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/cg5HxDAvF03-SGqrFwqWoQBCeUM.roa
Signing time: Mon 01 Jan 2024 06:29:49 +0000
ROA not before: Mon 01 Jan 2024 06:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49227
IP address blocks: 195.123.1.0/24 maxlen: 24
195.123.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 12:39:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d9:3c:c1:d5:22:39:4b:7f:73:47:37:32:01:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 1 06:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=720e47c4302f174dfe486aab170a96a100427943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d9:8d:96:fd:28:a8:60:8f:51:28:2a:34:8f:
14:f4:f9:13:e1:52:b8:7f:3c:1f:c3:be:94:4b:26:
fa:d4:20:47:73:5c:17:c7:f2:2d:14:ca:87:e1:85:
b7:d9:67:f9:80:c3:fd:ba:3c:5d:d9:39:9e:4b:c2:
70:0b:b8:b6:aa:1e:0f:32:40:3e:7d:1c:f1:5f:5e:
f1:25:f8:b4:09:6e:46:b8:09:91:71:1e:7b:9e:4a:
ed:05:c6:12:4e:70:00:cf:9a:84:4c:ea:a5:9a:56:
b0:bb:c0:2f:87:5e:38:68:57:b0:1f:c7:e2:db:f4:
86:95:6f:a9:7e:9c:78:bd:c2:36:96:bb:40:02:79:
ab:89:f0:0e:4a:58:d4:47:ab:16:3f:26:e1:0f:98:
0a:a5:92:bd:1d:b3:f6:26:ec:fd:55:1c:43:31:7a:
df:43:31:5c:00:33:8e:a6:c5:a8:59:7a:4b:09:6f:
ea:70:44:85:5b:eb:2d:fe:14:33:64:e9:01:af:0d:
ae:f1:fc:3c:9f:c5:99:7b:d6:2c:de:b1:ab:b3:40:
74:c2:cb:de:10:4e:ee:c3:74:ab:90:e5:5a:53:90:
ee:af:9e:6c:19:2a:10:22:a9:cb:cd:d7:d2:3f:5f:
ca:8a:c9:a1:2a:b7:01:29:da:2d:6e:a9:13:f4:b1:
67:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0E:47:C4:30:2F:17:4D:FE:48:6A:AB:17:0A:96:A1:00:42:79:43
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/cg5HxDAvF03-SGqrFwqWoQBCeUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.1.0/24
195.123.6.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:da:c6:d2:69:84:56:43:15:f3:fb:50:41:b0:32:fc:29:03:
f6:f8:f4:ae:d1:fc:15:2e:1c:b2:fb:53:41:7d:34:8a:d8:c0:
ee:89:2f:c9:7d:69:2b:98:f1:d2:0b:25:c3:47:8e:0a:82:11:
f3:9d:ab:6e:68:a4:97:e9:4f:70:1e:6d:c2:e4:f1:8d:66:36:
a4:5f:35:6e:d4:b0:bd:c5:7d:a1:bf:6a:8c:a8:a7:0c:e2:90:
06:6b:97:73:51:a6:99:bc:7b:ad:f2:43:25:67:79:44:b0:57:
c6:0c:5e:4f:67:68:88:c1:4d:69:74:c3:56:6a:50:fa:ca:02:
85:1c:a9:3e:12:83:08:0d:a1:12:46:c0:30:ac:dc:f1:19:fc:
a2:f2:da:5a:73:96:d6:64:16:f5:3f:db:40:36:ba:ed:aa:be:
a2:f8:e2:ab:17:ff:72:0c:8f:c6:54:98:75:cb:f0:99:b6:4e:
ea:c4:1d:f3:0e:56:ee:e1:47:cd:03:5e:b2:82:cc:0a:c8:28:
6a:ca:d8:81:e7:79:5f:68:2b:23:23:a5:19:02:86:c0:9a:19:
7e:c0:86:40:01:63:d7:f9:e8:2e:24:0a:5f:4a:fe:6b:19:0b:
6f:34:33:65:48:c0:0f:07:d6:78:40:62:ae:d3:26:8a:5c:27:
a0:ea:af:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDttk8wdUiOUt/c0c3MgEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjQwMTAxMDYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBlNDdjNDMwMmYxNzRkZmU0ODZhYWIxNzBhOTZhMTAwNDI3OTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9mNlv0oqGCPUSgqNI8U9PkT4VK4
fzwfw76USyb61CBHc1wXx/ItFMqH4YW32Wf5gMP9ujxd2TmeS8JwC7i2qh4PMkA+
fRzxX17xJfi0CW5GuAmRcR57nkrtBcYSTnAAz5qETOqlmlawu8Avh144aFewH8fi
2/SGlW+pfpx4vcI2lrtAAnmrifAOSljUR6sWPybhD5gKpZK9HbP2Juz9VRxDMXrf
QzFcADOOpsWoWXpLCW/qcESFW+st/hQzZOkBrw2u8fw8n8WZe9Ys3rGrs0B0wsve
EE7uw3SrkOVaU5Dur55sGSoQIqnLzdfSP1/KismhKrcBKdotbqkT9LFnCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHIOR8QwLxdN/khqqxcKlqEAQnlDMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvY2c1SHhEQXZGMDMtU0dxckZ3cVdvUUJDZVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw3sBAwQA
w3sGMA0GCSqGSIb3DQEBCwUAA4IBAQCL2sbSaYRWQxXz+1BBsDL8KQP2+PSu0fwV
Lhyy+1NBfTSK2MDuiS/JfWkrmPHSCyXDR44KghHznatuaKSX6U9wHm3C5PGNZjak
XzVu1LC9xX2hv2qMqKcM4pAGa5dzUaaZvHut8kMlZ3lEsFfGDF5PZ2iIwU1pdMNW
alD6ygKFHKk+EoMIDaESRsAwrNzxGfyi8tpac5bWZBb1P9tANrrtqr6i+OKrF/9y
DI/GVJh1y/CZtk7qxB3zDlbu4UfNA16ygswKyChqytiB53lfaCsjI6UZAobAmhl+
wIZAAWPX+eguJApfSv5rGQtvNDNlSMAPB9Z4QGKu0yaKXCeg6q+B
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:36 2025 by rpki-client