Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Q5GqK7OEdnvVdUTqlD75eSHo_T8.roa
File: Q5GqK7OEdnvVdUTqlD75eSHo_T8.roa (raw, json)
Hash identifier: 5uoCNUCcZJfVhgBqwI3BAxKCZCtJCeWSAOoxUbi91HI=
Subject key identifier: 43:91:AA:2B:B3:84:76:7B:D5:75:44:EA:94:3E:F9:79:21:E8:FD:3F
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0189741124C0970D738FB375FF1EA783BEE5
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Q5GqK7OEdnvVdUTqlD75eSHo_T8.roa
Signing time: Thu 20 Jul 2023 16:10:27 +0000
ROA not before: Thu 20 Jul 2023 16:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210531
IP address blocks: 195.8.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:74:11:24:c0:97:0d:73:8f:b3:75:ff:1e:a7:83:be:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jul 20 16:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4391aa2bb384767bd57544ea943ef97921e8fd3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c0:cf:e4:e5:3b:66:ff:d3:fe:7a:91:f5:8c:
b0:7a:f1:46:77:a2:0f:bb:29:f6:55:ae:6c:8d:fc:
84:77:bd:86:55:25:aa:8d:86:d4:80:97:b3:ee:c2:
60:09:d4:a9:c0:1b:83:df:a0:86:26:20:45:ae:23:
e1:0a:88:b9:d0:d0:ce:4d:23:72:8d:10:bb:b7:1b:
a2:81:16:55:18:8d:14:3e:fe:72:a2:40:16:1b:af:
77:c5:46:60:10:6a:27:d6:6a:42:a7:3c:59:be:87:
fa:ef:8b:6c:55:bc:22:30:b9:5c:a6:9f:5e:1a:37:
4a:27:b4:3e:e5:de:da:9e:3d:b9:84:b2:77:08:09:
49:91:6b:71:a4:79:fb:bd:5b:72:17:61:0a:28:b0:
8a:88:f1:3a:8e:76:b7:93:e9:d4:08:cf:6a:01:5d:
c2:79:34:95:01:dd:81:81:a3:9c:96:3e:14:68:e1:
5d:f4:4f:5f:9b:3a:da:c4:18:f7:88:3a:d2:fb:44:
88:d8:c9:fe:42:73:c8:bb:85:c1:df:ca:49:70:c8:
0c:90:8c:2c:38:64:11:fc:07:8d:05:be:c6:a7:16:
bc:3e:96:06:09:48:6c:87:7a:42:ae:2e:b3:48:e1:
9d:d7:22:a9:20:85:28:ec:1b:b7:10:85:44:db:cf:
0f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:91:AA:2B:B3:84:76:7B:D5:75:44:EA:94:3E:F9:79:21:E8:FD:3F
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Q5GqK7OEdnvVdUTqlD75eSHo_T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.200.0/24
Signature Algorithm: sha256WithRSAEncryption
af:20:f9:5b:45:12:ce:47:d8:50:a6:b6:99:b0:eb:f2:6d:64:
b3:33:75:e3:a3:05:6f:99:94:e1:f4:92:2d:f4:72:ed:bd:01:
e5:51:b4:84:6c:68:d2:d8:f7:0c:3e:f9:58:1a:47:cf:23:ba:
2f:cb:6a:9f:a4:f7:29:6b:c5:81:0d:3f:0f:90:cd:f5:01:43:
b2:cd:58:ac:69:82:4f:27:bd:73:b4:a7:94:c4:17:15:90:8f:
32:6b:dd:53:98:4c:a4:07:a2:58:d3:95:a0:ee:a4:a8:b4:13:
3f:35:3c:98:93:ba:06:41:02:8b:b0:26:a6:90:d5:5e:47:2b:
d8:b9:18:44:59:91:40:a7:a8:8f:c6:f8:a4:a7:b9:6a:6f:41:
34:f7:06:5a:85:75:76:e2:06:e1:ab:36:17:ff:5e:b6:99:4d:
57:96:76:ad:64:05:37:da:4a:65:ea:d6:6f:e6:3b:73:82:72:
47:60:db:32:8c:de:61:31:70:e5:8a:59:4e:4f:9a:fc:f9:d1:
e6:de:f5:16:21:6e:7f:cb:ad:0b:23:70:19:40:29:01:c6:0e:
00:f1:4d:ec:f0:01:e4:62:7a:96:09:7f:40:4e:eb:68:b4:4f:
65:33:ed:35:5e:b5:39:36:5f:4c:0a:0e:86:26:c6:e1:ae:c5:
d8:88:c9:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl0ESTAlw1zj7N1/x6ng77lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMwNzIwMTYxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzkxYWEyYmIzODQ3NjdiZDU3NTQ0ZWE5NDNlZjk3OTIxZThmZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8DP5OU7Zv/T/nqR9YywevFGd6IP
uyn2Va5sjfyEd72GVSWqjYbUgJez7sJgCdSpwBuD36CGJiBFriPhCoi50NDOTSNy
jRC7txuigRZVGI0UPv5yokAWG693xUZgEGon1mpCpzxZvof674tsVbwiMLlcpp9e
GjdKJ7Q+5d7anj25hLJ3CAlJkWtxpHn7vVtyF2EKKLCKiPE6jna3k+nUCM9qAV3C
eTSVAd2BgaOclj4UaOFd9E9fmzraxBj3iDrS+0SI2Mn+QnPIu4XB38pJcMgMkIws
OGQR/AeNBb7Gpxa8PpYGCUhsh3pCri6zSOGd1yKpIIUo7Bu3EIVE288PqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEORqiuzhHZ71XVE6pQ++Xkh6P0/MB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvUTVHcUs3T0VkbnZWZFVUcWxENzVlU0hvX1Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwjIMA0G
CSqGSIb3DQEBCwUAA4IBAQCvIPlbRRLOR9hQpraZsOvybWSzM3XjowVvmZTh9JIt
9HLtvQHlUbSEbGjS2PcMPvlYGkfPI7ovy2qfpPcpa8WBDT8PkM31AUOyzVisaYJP
J71ztKeUxBcVkI8ya91TmEykB6JY05Wg7qSotBM/NTyYk7oGQQKLsCamkNVeRyvY
uRhEWZFAp6iPxvikp7lqb0E09wZahXV24gbhqzYX/162mU1XlnatZAU32kpl6tZv
5jtzgnJHYNsyjN5hMXDlillOT5r8+dHm3vUWIW5/y60LI3AZQCkBxg4A8U3s8AHk
YnqWCX9ATutotE9lM+01XrU5Nl9MCg6GJsbhrsXYiMlA
Generated at Wed Oct 25 05:36:20 2023 by rpki-client on console-ams.rpki-client.org