Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/sFHxzV44hinbreCntc8mLSI8n9o.roa
File: sFHxzV44hinbreCntc8mLSI8n9o.roa (raw, json)
Hash identifier: ok1jZs0aU7OPA9cajQDkWUs2h7VMMuTJtFMy3pswNCY=
Subject key identifier: B0:51:F1:CD:5E:38:86:29:DB:AD:E0:A7:B5:CF:26:2D:22:3C:9F:DA
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 018D553BB629566619848A5A8F548CF5F97E
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/sFHxzV44hinbreCntc8mLSI8n9o.roa
Signing time: Mon 29 Jan 2024 12:39:53 +0000
ROA not before: Mon 29 Jan 2024 12:39:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49227
IP address blocks: 195.123.1.0/24 maxlen: 24
195.123.6.0/24 maxlen: 24
195.123.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 11:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:55:3b:b6:29:56:66:19:84:8a:5a:8f:54:8c:f5:f9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 29 12:39:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b051f1cd5e388629dbade0a7b5cf262d223c9fda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:84:3a:5b:cb:25:cc:24:84:a4:7b:7f:3c:04:
cb:b7:94:b7:16:18:0b:e1:0e:24:cd:43:16:c5:af:
11:9e:94:09:8c:f6:e1:28:08:bb:1a:e1:b6:62:4b:
9e:ed:c4:8c:dd:a3:c2:20:45:2c:9a:8b:34:dc:23:
e3:ac:8f:e9:ad:b9:43:a0:1f:3f:4e:d0:ba:82:25:
0b:a6:d2:ce:c5:c8:b1:61:21:db:79:06:a1:65:fd:
ff:ca:41:1a:45:ed:6f:bb:66:d5:52:2b:f8:32:0f:
9c:15:50:a6:c4:10:2b:30:6c:92:2c:f0:5a:9d:99:
b4:ee:e5:e9:31:76:e1:3b:82:ba:c5:37:a0:d9:9d:
ad:26:57:d8:2e:4c:32:bf:51:61:ba:61:77:ce:8a:
e2:85:75:2d:82:fe:44:28:41:32:59:8f:2e:01:7b:
e8:b7:f5:56:db:a1:0a:72:90:63:44:d7:dd:ea:e8:
19:6a:46:81:02:7a:40:bd:4a:db:4e:25:38:c5:91:
73:c5:c1:65:8c:50:33:a0:b0:d9:91:b7:d9:c6:ac:
dc:af:40:73:9e:e3:fa:20:37:40:25:6a:5a:1d:ad:
7b:d5:e6:fc:4a:9c:af:21:0b:ee:3e:04:cb:4d:59:
1c:9c:95:99:02:a1:aa:e7:bb:50:b6:cf:ce:9c:74:
f2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:51:F1:CD:5E:38:86:29:DB:AD:E0:A7:B5:CF:26:2D:22:3C:9F:DA
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/sFHxzV44hinbreCntc8mLSI8n9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.1.0/24
195.123.6.0/24
195.123.192.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:c4:99:94:4b:e5:ac:9b:17:84:95:91:99:dc:61:cb:f3:7d:
6d:15:48:62:34:7e:d4:00:02:d9:22:d7:9d:7e:5e:f4:32:4a:
0d:be:b5:8e:10:26:de:a7:22:bd:8f:ee:a7:b4:45:91:27:b6:
3f:e5:e5:b5:e9:c9:0f:58:6f:64:f0:88:9d:49:59:6e:92:a0:
bc:23:99:05:3b:fa:09:e7:d5:ca:d4:ef:12:5c:ee:ee:df:2c:
02:c1:ac:76:3c:b0:e0:50:77:95:37:1e:cf:8a:5b:b1:bd:e1:
e2:47:a4:f0:fd:98:be:8a:b4:96:41:15:b3:e6:88:63:db:27:
1c:98:f9:e5:bf:bd:8a:15:76:9a:76:67:92:86:a3:29:a3:07:
1c:49:62:5a:78:a8:29:ce:2e:3c:07:2c:22:6a:60:ce:79:0e:
88:a3:dd:f1:d0:0e:bb:11:73:48:cf:92:1a:33:d2:86:5f:d5:
a3:fb:bf:66:4f:77:76:dc:0b:ff:46:40:63:d7:db:a0:15:fb:
43:71:94:f5:62:9a:3f:03:af:22:54:c1:25:96:06:65:3f:b3:
08:2e:c2:3a:1c:1c:c1:4f:56:0c:6c:44:2e:0c:c0:a7:51:f6:
19:5a:dd:23:df:1b:57:9a:41:7c:51:97:90:af:c6:64:46:bf:
48:9b:2d:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1VO7YpVmYZhIpaj1SM9fl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjQwMTI5MTIzOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDUxZjFjZDVlMzg4NjI5ZGJhZGUwYTdiNWNmMjYyZDIyM2M5ZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIQ6W8slzCSEpHt/PATLt5S3FhgL
4Q4kzUMWxa8RnpQJjPbhKAi7GuG2Ykue7cSM3aPCIEUsmos03CPjrI/prblDoB8/
TtC6giULptLOxcixYSHbeQahZf3/ykEaRe1vu2bVUiv4Mg+cFVCmxBArMGySLPBa
nZm07uXpMXbhO4K6xTeg2Z2tJlfYLkwyv1FhumF3zorihXUtgv5EKEEyWY8uAXvo
t/VW26EKcpBjRNfd6ugZakaBAnpAvUrbTiU4xZFzxcFljFAzoLDZkbfZxqzcr0Bz
nuP6IDdAJWpaHa171eb8SpyvIQvuPgTLTVkcnJWZAqGq57tQts/OnHTy/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLBR8c1eOIYp263gp7XPJi0iPJ/aMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvc0ZIeHpWNDRoaW5icmVDbnRjOG1MU0k4bjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw3sBAwQA
w3sGAwQAw3vAMA0GCSqGSIb3DQEBCwUAA4IBAQBrxJmUS+WsmxeElZGZ3GHL831t
FUhiNH7UAALZItedfl70MkoNvrWOECbepyK9j+6ntEWRJ7Y/5eW16ckPWG9k8Iid
SVlukqC8I5kFO/oJ59XK1O8SXO7u3ywCwax2PLDgUHeVNx7PiluxveHiR6Tw/Zi+
irSWQRWz5ohj2yccmPnlv72KFXaadmeShqMpowccSWJaeKgpzi48BywiamDOeQ6I
o93x0A67EXNIz5IaM9KGX9Wj+79mT3d23Av/RkBj19ugFftDcZT1Ypo/A68iVMEl
lgZlP7MILsI6HBzBT1YMbEQuDMCnUfYZWt0j3xtXmkF8UZeQr8ZkRr9Imy0x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:49 2024 by rpki-client on console-ams.rpki-client.org