Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/pQsTGdYneWoKjCN4d2FGxNrn0Uw.roa
File: pQsTGdYneWoKjCN4d2FGxNrn0Uw.roa (raw, json)
Hash identifier: IgokV6b6Dzoy2thGeo1WEFrbtvL7fxAVEZ3H1mPUToY=
Subject key identifier: A5:0B:13:19:D6:27:79:6A:0A:8C:23:78:77:61:46:C4:DA:E7:D1:4C
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0193245637A479B47F0A779FF2A2141B8A58
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/pQsTGdYneWoKjCN4d2FGxNrn0Uw.roa
Signing time: Wed 13 Nov 2024 07:04:10 +0000
ROA not before: Wed 13 Nov 2024 07:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59432
IP address blocks: 195.114.198.0/24 maxlen: 24
195.114.206.0/24 maxlen: 24
195.114.207.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 10:55:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:56:37:a4:79:b4:7f:0a:77:9f:f2:a2:14:1b:8a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Nov 13 07:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a50b1319d627796a0a8c2378776146c4dae7d14c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:67:1f:7c:a6:00:3e:38:a4:4c:54:85:74:3b:
28:d4:b4:1f:41:ba:eb:87:df:c7:b8:4d:ea:ef:d4:
3e:fb:72:4e:96:f9:ba:6e:84:ea:4a:44:06:31:58:
b7:98:82:b2:51:f8:7c:b9:a0:fc:28:33:e5:4f:16:
6f:ab:0f:a5:81:9b:d5:1a:e9:0e:e2:f1:46:45:7d:
49:1e:ff:c8:ff:d2:08:f6:58:ca:78:99:81:f7:59:
43:d9:e3:cd:0e:5a:ee:9a:ea:ac:7a:be:d6:58:ad:
a0:b0:78:8d:75:2a:44:16:22:31:59:53:c8:67:f2:
72:bb:4e:10:d5:cf:35:22:91:c8:b0:02:0a:35:5f:
c9:58:41:8c:d7:d1:f6:13:47:2b:14:16:f1:02:6d:
5d:26:bd:0d:50:9e:da:9f:b5:58:af:58:2b:3a:d1:
d8:9a:22:d6:39:95:c6:78:7c:ce:af:00:51:a0:76:
c2:e7:57:f5:52:eb:e6:0d:95:cc:2a:8d:0c:d2:ed:
79:79:55:6d:a6:7b:98:ab:09:9d:24:9b:e7:7f:b2:
a5:58:cb:15:60:f0:02:7a:a9:13:f8:43:08:29:b4:
0e:be:dc:8e:1d:05:84:62:52:54:2e:fd:9c:7b:03:
8b:86:e0:cc:bf:d2:bd:68:71:50:d5:d8:1a:28:fa:
e8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:0B:13:19:D6:27:79:6A:0A:8C:23:78:77:61:46:C4:DA:E7:D1:4C
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/pQsTGdYneWoKjCN4d2FGxNrn0Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.198.0/24
195.114.206.0/23
213.220.60.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:4a:91:dd:62:f1:90:1a:28:26:43:89:bd:a9:7c:91:45:5d:
be:9b:56:58:60:a8:1f:a6:de:6f:c8:ad:76:d5:49:10:a2:66:
bf:c7:71:69:ab:db:64:67:30:89:e5:a6:7a:63:9b:91:25:85:
24:c5:e9:3c:56:87:2f:bd:5e:cd:10:3f:13:6e:31:85:de:87:
3d:19:8e:c8:fa:fa:27:a9:e7:29:bd:6e:e3:2d:c2:9c:2e:4c:
c3:6d:c8:4b:c3:03:f3:8c:a9:fe:56:a0:48:aa:4a:83:3f:ba:
7e:41:73:e4:c8:42:60:ac:f2:a5:1d:51:92:25:34:6f:02:cd:
d5:93:22:d7:30:d7:07:93:35:c4:bb:c3:d1:da:17:cd:e0:48:
60:1d:20:b6:49:c4:1e:7c:4e:5d:9c:1b:8c:f8:3d:2c:c8:30:
6d:c2:28:9f:9f:79:61:3f:7b:2e:68:11:0d:18:5d:31:06:72:
ee:45:e0:51:37:89:89:36:18:b6:52:b5:bc:b6:91:0b:fe:44:
39:10:c4:fb:eb:2f:3d:8e:a3:0f:7a:07:c1:e9:20:aa:47:65:
be:9c:05:70:11:61:2f:48:71:fd:9b:31:7a:3d:3b:1a:28:32:
88:02:f3:f9:fe:cb:cc:ff:a8:ff:75:01:1c:9b:2e:b1:2b:12:
6a:59:9d:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMkVjekebR/Cnef8qIUG4pYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQxMTEzMDcwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTBiMTMxOWQ2Mjc3OTZhMGE4YzIzNzg3NzYxNDZjNGRhZTdkMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mcffKYAPjikTFSFdDso1LQfQbrr
h9/HuE3q79Q++3JOlvm6boTqSkQGMVi3mIKyUfh8uaD8KDPlTxZvqw+lgZvVGukO
4vFGRX1JHv/I/9II9ljKeJmB91lD2ePNDlrumuqser7WWK2gsHiNdSpEFiIxWVPI
Z/Jyu04Q1c81IpHIsAIKNV/JWEGM19H2E0crFBbxAm1dJr0NUJ7an7VYr1grOtHY
miLWOZXGeHzOrwBRoHbC51f1UuvmDZXMKo0M0u15eVVtpnuYqwmdJJvnf7KlWMsV
YPACeqkT+EMIKbQOvtyOHQWEYlJULv2cewOLhuDMv9K9aHFQ1dgaKProPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKULExnWJ3lqCowjeHdhRsTa59FMMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvcFFzVEdkWW5lV29LakNONGQyRkd4TnJuMFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw3LGAwQB
w3LOAwQA1dw8MA0GCSqGSIb3DQEBCwUAA4IBAQChSpHdYvGQGigmQ4m9qXyRRV2+
m1ZYYKgfpt5vyK121UkQoma/x3Fpq9tkZzCJ5aZ6Y5uRJYUkxek8VocvvV7NED8T
bjGF3oc9GY7I+vonqecpvW7jLcKcLkzDbchLwwPzjKn+VqBIqkqDP7p+QXPkyEJg
rPKlHVGSJTRvAs3VkyLXMNcHkzXEu8PR2hfN4EhgHSC2ScQefE5dnBuM+D0syDBt
wiifn3lhP3suaBENGF0xBnLuReBRN4mJNhi2UrW8tpEL/kQ5EMT76y89jqMPegfB
6SCqR2W+nAVwEWEvSHH9mzF6PTsaKDKIAvP5/svM/6j/dQEcmy6xKxJqWZ3W
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:13:29 2024 by rpki-client on console-fra.rpki-client.org