Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/t8oZvyiz_ZRez8Cpel4sSdxDYsM.roa
File: t8oZvyiz_ZRez8Cpel4sSdxDYsM.roa (raw, json)
Hash identifier: kTtevsdha3l9ejb0E+z+oRDJ7uqpTDqdetvW2MX1SmA=
Subject key identifier: B7:CA:19:BF:28:B3:FD:94:5E:CF:C0:A9:7A:5E:2C:49:DC:43:62:C3
Certificate issuer: /CN=047ef5d6bd3e3594269cba442b3a8d3a14c5df70
Certificate serial: 01856C1C9B8BC031FB6A8770EEC7BDFC611D
Authority key identifier: 04:7E:F5:D6:BD:3E:35:94:26:9C:BA:44:2B:3A:8D:3A:14:C5:DF:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BH711r0-NZQmnLpEKzqNOhTF33A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/t8oZvyiz_ZRez8Cpel4sSdxDYsM.roa
Signing time: Sun 01 Jan 2023 06:54:52 +0000
ROA not before: Sun 01 Jan 2023 06:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198537
IP address blocks: 195.14.26.0/24 maxlen: 24
195.14.26.0/23 maxlen: 23
195.14.27.0/24 maxlen: 24
195.14.112.0/24 maxlen: 24
195.14.112.0/23 maxlen: 23
195.14.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:9b:8b:c0:31:fb:6a:87:70:ee:c7:bd:fc:61:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=047ef5d6bd3e3594269cba442b3a8d3a14c5df70
Validity
Not Before: Jan 1 06:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7ca19bf28b3fd945ecfc0a97a5e2c49dc4362c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c0:f2:54:72:1b:d5:db:46:09:30:dd:36:03:
3b:91:73:2a:ea:92:3b:4d:67:ef:51:57:1b:93:51:
e7:54:d8:7b:29:96:11:31:82:b3:e5:8c:08:52:62:
83:ab:1b:77:b9:f9:21:b2:62:09:cd:5e:49:75:bd:
c1:2b:9b:1f:fa:48:03:b4:37:82:e8:ef:6d:a4:fc:
e6:a5:5f:94:8d:22:f8:53:02:b4:3d:0a:89:da:ba:
a4:d0:aa:7b:87:07:3e:5f:a1:1e:e3:a8:bc:84:97:
15:5c:86:b9:ce:a9:40:c8:e2:2b:d5:c4:b2:95:2f:
05:8d:46:9e:7d:4d:34:c1:53:a4:e3:6d:64:1d:58:
77:51:16:c8:b5:d3:61:05:0d:42:3d:90:9a:4f:ae:
19:fc:68:76:06:0e:1c:75:77:9f:9b:21:a8:39:95:
ba:c7:39:16:0f:e6:2e:61:cc:22:0d:80:c7:57:ea:
71:3c:b6:1d:b5:0c:6a:5b:fd:1f:5a:30:80:aa:d7:
fe:72:d5:5f:a7:bf:19:59:7d:51:41:27:bc:d1:82:
67:13:ab:4e:8d:af:45:a4:8b:c4:c2:59:d0:b7:ba:
3f:fc:2b:71:66:ec:a0:57:6e:74:e8:95:ae:13:df:
67:13:3a:78:37:27:fe:15:3c:0a:ea:8c:be:b1:9c:
ce:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CA:19:BF:28:B3:FD:94:5E:CF:C0:A9:7A:5E:2C:49:DC:43:62:C3
X509v3 Authority Key Identifier:
keyid:04:7E:F5:D6:BD:3E:35:94:26:9C:BA:44:2B:3A:8D:3A:14:C5:DF:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BH711r0-NZQmnLpEKzqNOhTF33A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/t8oZvyiz_ZRez8Cpel4sSdxDYsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/BH711r0-NZQmnLpEKzqNOhTF33A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.14.26.0/23
195.14.112.0/23
Signature Algorithm: sha256WithRSAEncryption
29:13:03:8d:e5:95:ba:bd:bc:4b:30:73:4a:57:34:99:ad:4c:
b9:29:32:71:dd:55:91:ee:8f:76:cd:b3:15:ef:5c:a3:6a:e1:
e6:e5:69:bb:9e:af:8f:61:7f:dd:c4:4b:0c:2c:f6:ea:20:16:
79:55:7e:a3:54:15:2a:12:f0:64:a8:a3:8b:af:56:c3:1a:3d:
17:a6:c0:ee:9a:90:2d:a4:97:50:5b:82:41:2a:5b:20:91:55:
a3:72:e1:dd:af:0a:3e:ae:2b:c1:9c:1e:02:11:54:04:13:8c:
16:f9:c7:8b:86:60:6e:31:b2:f0:68:bc:68:9c:b7:85:99:18:
56:30:01:98:02:53:ab:9a:36:cd:d9:b3:da:00:8e:cd:48:ed:
e6:6c:df:e5:8a:74:bf:96:48:55:91:82:a4:0f:37:99:c8:3c:
9d:0e:ff:93:7a:51:0b:41:fe:e0:66:f1:d0:8c:e4:78:f9:59:
2b:a1:36:c1:f5:00:1b:39:fc:40:36:94:6c:49:80:e7:38:e0:
5a:c6:9c:2e:4e:19:16:d0:93:af:14:0a:c8:13:d3:99:26:52:
6c:db:8f:51:6c:47:af:51:2a:24:db:77:2a:d5:a6:f6:c1:94:
32:12:68:c2:45:8b:be:4c:3b:fc:49:55:f5:f3:e9:96:98:51:
08:cc:b8:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsHJuLwDH7aodw7se9/GEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0N2VmNWQ2YmQzZTM1OTQyNjljYmE0NDJiM2E4ZDNhMTRj
NWRmNzAwHhcNMjMwMTAxMDY1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2NhMTliZjI4YjNmZDk0NWVjZmMwYTk3YTVlMmM0OWRjNDM2MmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMDyVHIb1dtGCTDdNgM7kXMq6pI7
TWfvUVcbk1HnVNh7KZYRMYKz5YwIUmKDqxt3ufkhsmIJzV5Jdb3BK5sf+kgDtDeC
6O9tpPzmpV+UjSL4UwK0PQqJ2rqk0Kp7hwc+X6Ee46i8hJcVXIa5zqlAyOIr1cSy
lS8FjUaefU00wVOk421kHVh3URbItdNhBQ1CPZCaT64Z/Gh2Bg4cdXefmyGoOZW6
xzkWD+YuYcwiDYDHV+pxPLYdtQxqW/0fWjCAqtf+ctVfp78ZWX1RQSe80YJnE6tO
ja9FpIvEwlnQt7o//CtxZuygV2506JWuE99nEzp4Nyf+FTwK6oy+sZzO6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLfKGb8os/2UXs/AqXpeLEncQ2LDMB8GA1UdIwQY
MBaAFAR+9da9PjWUJpy6RCs6jToUxd9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkg3MTFyMC1OWlFtbkxwRUt6cU5PaFRGMzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi80OTIwZmYtMzEzYS00YmRmLTk2ZmIt
YjNiM2ZiOTUzMzdiLzEvdDhvWnZ5aXpfWlJlejhDcGVsNHNTZHhEWXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi80OTIwZmYtMzEzYS00YmRmLTk2ZmItYjNiM2ZiOTUzMzdi
LzEvQkg3MTFyMC1OWlFtbkxwRUt6cU5PaFRGMzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBww4aAwQB
ww5wMA0GCSqGSIb3DQEBCwUAA4IBAQApEwON5ZW6vbxLMHNKVzSZrUy5KTJx3VWR
7o92zbMV71yjauHm5Wm7nq+PYX/dxEsMLPbqIBZ5VX6jVBUqEvBkqKOLr1bDGj0X
psDumpAtpJdQW4JBKlsgkVWjcuHdrwo+rivBnB4CEVQEE4wW+ceLhmBuMbLwaLxo
nLeFmRhWMAGYAlOrmjbN2bPaAI7NSO3mbN/linS/lkhVkYKkDzeZyDydDv+TelEL
Qf7gZvHQjOR4+VkroTbB9QAbOfxANpRsSYDnOOBaxpwuThkW0JOvFArIE9OZJlJs
249RbEevUSok23cq1ab2wZQyEmjCRYu+TDv8SVX18+mWmFEIzLil
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:49 2024 by rpki-client on console-fra.rpki-client.org