Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/zHvVXa5pZ7uT5D0--Tz4sEcjESA.roa
File: zHvVXa5pZ7uT5D0--Tz4sEcjESA.roa (raw, json)
Hash identifier: tN7iCpm+fJV4K0lF+A4TTgAqkyYBEVUmqX0/qHkXJSo=
Subject key identifier: CC:7B:D5:5D:AE:69:67:BB:93:E4:3D:3E:F9:3C:F8:B0:47:23:11:20
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 018DEF81A92A28020D14A1A7FD8B41E3BCDF
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/zHvVXa5pZ7uT5D0--Tz4sEcjESA.roa
Signing time: Wed 28 Feb 2024 11:37:48 +0000
ROA not before: Wed 28 Feb 2024 11:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49227
IP address blocks: 195.123.6.0/24 maxlen: 24
195.123.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 08:44:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:81:a9:2a:28:02:0d:14:a1:a7:fd:8b:41:e3:bc:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Feb 28 11:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc7bd55dae6967bb93e43d3ef93cf8b047231120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c5:e5:a9:1e:2a:6b:a4:0e:10:7b:a1:24:d7:
8c:38:0a:56:6b:7a:46:78:2f:a6:11:df:2c:62:d9:
b0:da:c9:c8:4f:94:d1:3e:1c:95:cf:8c:cd:f3:06:
43:81:de:3b:42:e9:6c:e4:a7:e4:ae:72:f5:9b:5e:
2b:56:a3:b2:12:ff:8a:0c:44:a0:91:c4:ee:05:eb:
80:4f:ac:d4:aa:a0:20:5c:60:49:33:1c:cb:54:00:
44:65:eb:55:8c:b1:a8:24:f0:9d:8d:f1:f0:fd:f3:
64:f3:9a:b1:1d:f4:3f:75:21:d5:df:b8:fb:68:10:
d5:6b:de:19:1e:26:af:b9:cc:5c:f3:a3:c3:d5:1d:
74:01:1a:74:7c:93:3d:9e:3d:ad:bd:d3:8a:9a:e3:
6d:e2:05:c2:6d:b3:9b:99:77:4c:fa:0a:99:8b:8f:
e5:90:81:ae:d2:a5:66:b6:9e:1d:2d:2d:23:42:31:
00:d9:20:4e:e2:55:bf:79:a0:8a:21:de:97:96:e1:
61:bf:ee:47:2b:f9:c1:89:b3:46:81:3d:cc:e3:0f:
06:a9:1d:2d:8e:8f:60:21:d2:05:e0:a0:c0:69:43:
7b:58:cf:7d:9e:5f:d5:88:87:8a:72:ed:3b:92:f0:
f1:3e:eb:a5:f2:8a:41:17:b9:5d:62:3e:db:37:09:
01:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7B:D5:5D:AE:69:67:BB:93:E4:3D:3E:F9:3C:F8:B0:47:23:11:20
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/zHvVXa5pZ7uT5D0--Tz4sEcjESA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.6.0/24
195.123.192.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:bb:38:1e:57:3c:32:75:02:49:04:d4:d5:2b:26:fd:fe:14:
38:00:17:74:88:6d:bf:1d:5d:31:fa:ed:05:92:0e:a0:b3:a4:
c1:44:2c:58:cf:57:91:e5:00:d7:dd:ce:46:eb:2c:fd:e0:33:
5a:6a:79:e9:0f:d9:28:01:43:dc:17:12:f4:4c:8b:8c:1e:ab:
0b:8f:e9:b8:bd:b0:2a:52:fd:42:c1:ff:fb:90:91:d8:66:d9:
17:7c:92:b2:61:fd:11:0b:23:76:b6:c5:5e:61:12:db:64:e2:
3f:cf:ea:7e:f3:c6:ff:0d:cd:4b:a2:d5:8d:57:36:09:ec:05:
52:01:bc:91:e9:8f:6b:b9:10:cf:37:04:2e:3e:0b:92:50:46:
33:d5:3a:e8:e0:68:72:a8:47:87:56:8d:c7:cb:70:ee:e4:a7:
43:3f:fc:ee:91:e2:e4:42:24:c7:63:fb:30:e8:f8:76:ed:49:
cf:12:58:c7:12:ce:0e:f1:71:24:f8:50:68:f3:e1:95:bb:03:
ba:41:78:6a:66:62:4a:14:72:eb:69:46:e0:58:76:17:b2:da:
80:87:7b:94:ca:dd:cb:56:a2:bb:4f:d0:83:69:e5:76:fa:61:
87:d4:f0:69:c2:c0:cc:82:47:c6:21:ae:37:af:cf:21:08:bb:
3b:9e:27:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3vgakqKAINFKGn/YtB47zfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjQwMjI4MTEzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzdiZDU1ZGFlNjk2N2JiOTNlNDNkM2VmOTNjZjhiMDQ3MjMxMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsXlqR4qa6QOEHuhJNeMOApWa3pG
eC+mEd8sYtmw2snIT5TRPhyVz4zN8wZDgd47Quls5KfkrnL1m14rVqOyEv+KDESg
kcTuBeuAT6zUqqAgXGBJMxzLVABEZetVjLGoJPCdjfHw/fNk85qxHfQ/dSHV37j7
aBDVa94ZHiavucxc86PD1R10ARp0fJM9nj2tvdOKmuNt4gXCbbObmXdM+gqZi4/l
kIGu0qVmtp4dLS0jQjEA2SBO4lW/eaCKId6XluFhv+5HK/nBibNGgT3M4w8GqR0t
jo9gIdIF4KDAaUN7WM99nl/ViIeKcu07kvDxPuul8opBF7ldYj7bNwkB1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMx71V2uaWe7k+Q9Pvk8+LBHIxEgMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvekh2VlhhNXBaN3VUNUQwLS1UejRzRWNqRVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw3sGAwQA
w3vAMA0GCSqGSIb3DQEBCwUAA4IBAQA9uzgeVzwydQJJBNTVKyb9/hQ4ABd0iG2/
HV0x+u0Fkg6gs6TBRCxYz1eR5QDX3c5G6yz94DNaannpD9koAUPcFxL0TIuMHqsL
j+m4vbAqUv1Cwf/7kJHYZtkXfJKyYf0RCyN2tsVeYRLbZOI/z+p+88b/Dc1LotWN
VzYJ7AVSAbyR6Y9ruRDPNwQuPguSUEYz1Tro4GhyqEeHVo3Hy3Du5KdDP/zukeLk
QiTHY/sw6Ph27UnPEljHEs4O8XEk+FBo8+GVuwO6QXhqZmJKFHLraUbgWHYXstqA
h3uUyt3LVqK7T9CDaeV2+mGH1PBpwsDMgkfGIa43r88hCLs7nieN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:44 2025 by rpki-client