Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/L9D8Us-pZBap4NVFUnDgoGDtVPg.roa
File: L9D8Us-pZBap4NVFUnDgoGDtVPg.roa (raw, json)
Hash identifier: g+KpIG05gMjKXvX8zwM3or/CJfAgZpzPrvU/F0t71Gk=
Subject key identifier: 2F:D0:FC:52:CF:A9:64:16:A9:E0:D5:45:52:70:E0:A0:60:ED:54:F8
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0186170416F726C43562D4FE34FBBC21E618
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/L9D8Us-pZBap4NVFUnDgoGDtVPg.roa
Signing time: Fri 03 Feb 2023 11:23:09 +0000
ROA not before: Fri 03 Feb 2023 11:23:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212578
IP address blocks: 195.114.192.0/24 maxlen: 24
195.114.196.0/24 maxlen: 24
195.114.193.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.194.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.203.0/24 maxlen: 24
195.114.204.0/24 maxlen: 24
195.114.205.0/24 maxlen: 24
195.114.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Nov 2023 09:03:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:04:16:f7:26:c4:35:62:d4:fe:34:fb:bc:21:e6:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Feb 3 11:23:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fd0fc52cfa96416a9e0d5455270e0a060ed54f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fa:fd:26:76:55:18:d2:43:a2:60:ba:d2:e3:
43:ae:05:0a:df:dc:bb:d5:eb:bb:8c:c5:f8:66:ae:
53:1d:e7:d6:1f:cc:27:18:cd:ba:e3:93:10:70:a8:
ca:21:cc:48:84:18:c3:1e:5f:36:21:2a:98:b7:98:
17:2f:38:a3:94:cf:42:75:aa:87:4c:bb:11:16:43:
95:fb:a4:fd:f3:bf:3c:d0:0d:18:65:9e:45:55:f8:
79:5c:c9:21:ff:8d:94:0c:b2:79:be:d7:2e:27:1a:
5f:76:e9:4b:bc:4c:41:58:57:3a:64:ca:9f:5a:dd:
53:fe:44:9c:25:34:96:45:a0:71:1c:b5:12:09:74:
7b:76:a0:0d:af:fd:3f:ca:28:19:93:d9:e6:75:69:
b6:e2:bc:bb:2d:17:63:42:13:7f:9c:e3:dd:0f:e0:
e9:32:c0:85:ff:73:39:65:0e:51:11:28:e3:74:0c:
2e:35:a0:f6:2f:bf:e4:e1:3e:86:ab:1d:28:6e:58:
76:dc:94:5e:98:8a:9f:7d:c5:34:b1:a1:83:34:f5:
0a:d0:8f:fe:bd:14:4d:a2:6e:8a:2b:6f:8a:f4:ab:
d3:d2:01:25:92:a6:0c:ca:57:61:ce:e9:8d:1f:4c:
01:6c:cc:db:b9:2e:99:bf:06:58:2f:0d:ba:c1:5e:
f9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D0:FC:52:CF:A9:64:16:A9:E0:D5:45:52:70:E0:A0:60:ED:54:F8
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/L9D8Us-pZBap4NVFUnDgoGDtVPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.192.0-195.114.198.255
195.114.202.0-195.114.205.255
Signature Algorithm: sha256WithRSAEncryption
62:e5:23:af:a4:10:4c:23:96:85:be:d7:c9:9c:fc:7a:6e:bf:
7b:d0:b2:62:25:fa:75:e2:21:83:9b:a4:62:aa:52:9f:9e:c4:
31:58:29:73:23:0b:7d:98:db:89:d8:3a:05:c3:9a:a2:d3:3d:
93:31:9e:3f:64:27:7c:12:ce:fb:37:58:cf:d6:64:de:88:0c:
9d:03:09:18:1c:99:1b:9d:dd:bc:84:c8:a2:79:cf:91:36:e3:
5a:14:37:7f:dd:14:dc:91:c3:04:d0:26:0c:b9:11:9a:84:c6:
c3:5c:36:b8:de:ed:a2:59:41:a8:95:05:71:8f:d5:7e:47:7d:
30:fc:0e:3d:e9:c4:d5:8d:a9:fb:ee:df:ca:44:22:c6:e8:70:
56:9f:dd:93:34:1c:4b:32:f0:36:9e:1d:26:ed:e3:94:18:0a:
2a:fd:d0:ca:2b:87:ae:28:fa:56:da:3c:ea:47:8d:de:f2:28:
b0:02:f4:a0:a7:e2:92:21:6d:41:1d:7d:85:70:26:3e:fa:d3:
a4:5a:1d:41:15:28:1f:4f:16:1f:5a:8b:30:53:41:be:e9:c9:
7b:bf:5a:20:b6:5c:41:7a:e3:2e:5c:d0:a4:be:97:e2:a5:4b:
11:c9:cb:31:87:79:3e:b8:e9:73:66:94:00:37:47:73:97:32:
ae:47:27:94
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYYXBBb3JsQ1YtT+NPu8IeYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjMwMjAzMTEyMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQwZmM1MmNmYTk2NDE2YTllMGQ1NDU1MjcwZTBhMDYwZWQ1NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvr9JnZVGNJDomC60uNDrgUK39y7
1eu7jMX4Zq5THefWH8wnGM2645MQcKjKIcxIhBjDHl82ISqYt5gXLzijlM9CdaqH
TLsRFkOV+6T987880A0YZZ5FVfh5XMkh/42UDLJ5vtcuJxpfdulLvExBWFc6ZMqf
Wt1T/kScJTSWRaBxHLUSCXR7dqANr/0/yigZk9nmdWm24ry7LRdjQhN/nOPdD+Dp
MsCF/3M5ZQ5RESjjdAwuNaD2L7/k4T6Gqx0oblh23JRemIqffcU0saGDNPUK0I/+
vRRNom6KK2+K9KvT0gElkqYMyldhzumNH0wBbMzbuS6ZvwZYLw26wV75gwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFC/Q/FLPqWQWqeDVRVJw4KBg7VT4MB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvTDlEOFVzLXBaQmFwNE5WRlVuRGdvR0R0VlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAbDcsAD
BADDcsYwDAMEAcNyygMEAcNyzDANBgkqhkiG9w0BAQsFAAOCAQEAYuUjr6QQTCOW
hb7XyZz8em6/e9CyYiX6deIhg5ukYqpSn57EMVgpcyMLfZjbidg6BcOaotM9kzGe
P2QnfBLO+zdYz9Zk3ogMnQMJGByZG53dvITIonnPkTbjWhQ3f90U3JHDBNAmDLkR
moTGw1w2uN7tollBqJUFcY/Vfkd9MPwOPenE1Y2p++7fykQixuhwVp/dkzQcSzLw
Np4dJu3jlBgKKv3QyiuHrij6Vto86keN3vIosAL0oKfikiFtQR19hXAmPvrTpFod
QRUoH08WH1qLMFNBvunJe79aILZcQXrjLlzQpL6X4qVLEcnLMYd5Prjpc2aUADdH
c5cyrkcnlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:18 2024 by rpki-client on console-fra.rpki-client.org