Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/PLz0b7H8QhLchnAyIsgD9vZtSfk.roa
File: PLz0b7H8QhLchnAyIsgD9vZtSfk.roa (raw, json)
Hash identifier: c3eyHFOdVQCFcmi2xW1WTx4+AIaGOJYSOsN9lOilS2E=
Subject key identifier: 3C:BC:F4:6F:B1:FC:42:12:DC:86:70:32:22:C8:03:F6:F6:6D:49:F9
Certificate issuer: /CN=0c7161e622f63c0db8568d8cb4c4d7c0d9808346
Certificate serial: 018CC9BBFBB3B8A7EFEF38BD70611EE5772D
Authority key identifier: 0C:71:61:E6:22:F6:3C:0D:B8:56:8D:8C:B4:C4:D7:C0:D9:80:83:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/PLz0b7H8QhLchnAyIsgD9vZtSfk.roa
Signing time: Tue 02 Jan 2024 10:33:09 +0000
ROA not before: Tue 02 Jan 2024 10:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208341
IP address blocks: 195.7.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:fb:b3:b8:a7:ef:ef:38:bd:70:61:1e:e5:77:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c7161e622f63c0db8568d8cb4c4d7c0d9808346
Validity
Not Before: Jan 2 10:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cbcf46fb1fc4212dc86703222c803f6f66d49f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:38:7a:f1:43:52:5c:06:01:45:ab:ed:8f:70:
dc:8c:4b:60:bb:f6:02:b0:32:f7:d5:f8:1d:ab:78:
21:f5:8a:1c:32:1b:81:fe:ca:8b:13:fb:5b:d0:cf:
29:e9:d5:4b:6e:27:75:bf:35:1f:1a:d0:3b:d9:d3:
8c:d6:74:3c:36:6a:23:e3:25:5d:e6:6b:12:40:dd:
23:7a:9a:aa:92:68:c8:40:c5:fa:b9:61:20:b7:f2:
9b:b4:63:3a:b6:fc:78:8e:c4:23:a5:11:b7:05:b6:
e0:a2:bb:62:6e:0c:65:01:ff:02:31:79:af:6a:eb:
c1:a4:eb:1c:ae:7b:19:26:f9:00:f8:2c:c1:93:a3:
09:27:d6:74:76:98:03:23:f3:a3:f6:b9:d1:d6:68:
e7:85:47:03:87:cd:8d:5d:5c:e3:3e:86:34:9f:a7:
08:4e:8f:ec:92:5a:cc:cf:cd:d5:d4:c8:80:2f:cd:
f8:aa:25:52:4c:a6:ee:09:43:6b:70:6d:9b:5a:e7:
73:58:56:c0:df:e5:1c:86:84:ef:9c:fe:f8:1b:0d:
26:96:78:09:a4:b4:ef:9a:81:c7:85:d1:75:8e:d7:
02:20:d0:5e:c2:ca:53:f5:89:ea:5d:73:d1:12:b8:
73:4d:02:c7:11:37:b0:27:7a:c1:bc:5c:24:8b:af:
76:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:BC:F4:6F:B1:FC:42:12:DC:86:70:32:22:C8:03:F6:F6:6D:49:F9
X509v3 Authority Key Identifier:
keyid:0C:71:61:E6:22:F6:3C:0D:B8:56:8D:8C:B4:C4:D7:C0:D9:80:83:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/PLz0b7H8QhLchnAyIsgD9vZtSfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.7.10.0/24
Signature Algorithm: sha256WithRSAEncryption
44:ef:29:bb:0d:3d:1e:05:20:cf:d0:a1:f0:65:31:8a:81:6e:
f9:52:77:ca:83:35:7e:b1:7a:1f:31:13:08:81:fa:f1:82:e5:
ec:3f:5a:7d:09:ab:0c:01:c9:c4:6d:78:4f:8b:61:aa:d4:89:
ad:8a:be:d2:2b:44:4b:79:1a:26:c0:84:2f:c1:7e:7c:de:0a:
2c:f7:a1:18:48:ad:7d:00:1f:1f:1e:9f:a3:4a:00:e8:6c:7a:
96:54:14:87:7f:5b:dd:f5:b4:75:64:e1:be:98:a1:53:8f:b1:
76:87:95:30:f1:9c:55:6d:54:35:41:21:c4:75:18:37:b1:03:
51:7d:7b:17:30:b9:aa:b5:90:86:14:3c:7a:2a:af:7e:58:28:
a3:36:62:bb:4a:06:c2:1d:5d:75:00:83:1b:45:7c:fd:0e:44:
5d:5a:bb:d1:a4:45:4a:cf:f9:c6:35:f5:e4:14:dc:df:3f:a8:
84:07:a5:9a:63:4a:3c:04:f8:92:30:0f:59:1e:8e:b4:7b:5b:
97:14:73:69:be:e5:b7:5f:39:35:c8:67:6e:72:0b:27:6e:29:
c4:cd:77:78:75:55:11:cc:9a:6e:cf:4d:1d:a5:62:7e:2f:d3:
4e:79:ef:10:e8:c8:31:1e:42:d2:00:00:61:f8:9e:5d:83:59:
33:04:15:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu/uzuKfv7zi9cGEe5XctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNzE2MWU2MjJmNjNjMGRiODU2OGQ4Y2I0YzRkN2MwZDk4
MDgzNDYwHhcNMjQwMTAyMTAzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2JjZjQ2ZmIxZmM0MjEyZGM4NjcwMzIyMmM4MDNmNmY2NmQ0OWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDh68UNSXAYBRavtj3DcjEtgu/YC
sDL31fgdq3gh9YocMhuB/sqLE/tb0M8p6dVLbid1vzUfGtA72dOM1nQ8Nmoj4yVd
5msSQN0jepqqkmjIQMX6uWEgt/KbtGM6tvx4jsQjpRG3BbbgortibgxlAf8CMXmv
auvBpOscrnsZJvkA+CzBk6MJJ9Z0dpgDI/Oj9rnR1mjnhUcDh82NXVzjPoY0n6cI
To/sklrMz83V1MiAL834qiVSTKbuCUNrcG2bWudzWFbA3+UchoTvnP74Gw0mlngJ
pLTvmoHHhdF1jtcCINBewspT9YnqXXPRErhzTQLHETewJ3rBvFwki692VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDy89G+x/EIS3IZwMiLIA/b2bUn5MB8GA1UdIwQY
MBaAFAxxYeYi9jwNuFaNjLTE18DZgINGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREhGaDVpTDJQQTI0Vm8yTXRNVFh3Tm1BZzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMWYwOGMtMDY1ZS00YWMxLThlODAt
YjE1ZTNmMDllMDFiLzEvUEx6MGI3SDhRaExjaG5BeUlzZ0Q5dlp0U2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMWYwOGMtMDY1ZS00YWMxLThlODAtYjE1ZTNmMDllMDFi
LzEvREhGaDVpTDJQQTI0Vm8yTXRNVFh3Tm1BZzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwcKMA0G
CSqGSIb3DQEBCwUAA4IBAQBE7ym7DT0eBSDP0KHwZTGKgW75UnfKgzV+sXofMRMI
gfrxguXsP1p9CasMAcnEbXhPi2Gq1Imtir7SK0RLeRomwIQvwX583gos96EYSK19
AB8fHp+jSgDobHqWVBSHf1vd9bR1ZOG+mKFTj7F2h5Uw8ZxVbVQ1QSHEdRg3sQNR
fXsXMLmqtZCGFDx6Kq9+WCijNmK7SgbCHV11AIMbRXz9DkRdWrvRpEVKz/nGNfXk
FNzfP6iEB6WaY0o8BPiSMA9ZHo60e1uXFHNpvuW3Xzk1yGducgsnbinEzXd4dVUR
zJpuz00dpWJ+L9NOee8Q6MgxHkLSAABh+J5dg1kzBBVn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:55 2025 by rpki-client