Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/iHwCyxn6f8PnKYE-xgSNv4Z8t6o.roa
File: iHwCyxn6f8PnKYE-xgSNv4Z8t6o.roa (raw, json)
Hash identifier: sWuaUC/fuY2NFRSRYMd+QmJcN5KaYgPT8rqFSoCTg1w=
Subject key identifier: 88:7C:02:CB:19:FA:7F:C3:E7:29:81:3E:C6:04:8D:BF:86:7C:B7:AA
Certificate issuer: /CN=68e3ba87e3a93468cc3b3c3f60fa63d5e853c314
Certificate serial: 018CC86F61B8C6EB3D24A1DA92727B5BBC37
Authority key identifier: 68:E3:BA:87:E3:A9:34:68:CC:3B:3C:3F:60:FA:63:D5:E8:53:C3:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOO6h-OpNGjMOzw_YPpj1ehTwxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/iHwCyxn6f8PnKYE-xgSNv4Z8t6o.roa
Signing time: Tue 02 Jan 2024 04:29:51 +0000
ROA not before: Tue 02 Jan 2024 04:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28854
IP address blocks: 195.49.240.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:61:b8:c6:eb:3d:24:a1:da:92:72:7b:5b:bc:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e3ba87e3a93468cc3b3c3f60fa63d5e853c314
Validity
Not Before: Jan 2 04:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=887c02cb19fa7fc3e729813ec6048dbf867cb7aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1e:a3:ce:64:7e:8f:b3:2b:a3:58:f3:d1:23:
f7:fe:58:0b:cd:56:06:57:73:3c:12:c0:ad:64:9d:
53:1b:48:7a:5c:0d:df:10:8a:c7:77:70:52:66:b0:
0e:03:cc:73:48:27:a7:e8:15:66:cc:87:17:eb:f7:
96:50:f4:62:51:7f:6f:4d:da:ae:fe:c9:36:f6:b3:
c0:4a:c1:60:cb:c7:bc:b7:c8:48:00:15:17:43:cc:
14:95:36:72:50:5f:b3:fe:cd:6c:bf:fe:51:7a:34:
07:29:51:32:a6:78:75:df:d2:29:17:c0:8e:f3:3a:
17:b1:ea:87:67:86:ca:6a:a0:42:58:95:56:62:c3:
6a:c3:67:4b:f3:ad:ca:c3:52:ab:f3:cd:a0:cb:e4:
76:7a:0a:61:d4:a4:77:64:12:0a:1b:2d:02:45:08:
f9:9c:d6:a3:80:38:ab:66:db:d8:6e:ab:bf:25:9e:
1d:ed:5d:f9:82:79:8c:4d:95:a3:3e:aa:cc:e0:18:
3f:26:90:05:46:a0:d5:d1:97:ed:18:64:0e:b4:55:
6b:15:98:0d:05:bd:31:cb:3b:a2:62:98:d1:e2:bc:
10:c4:f7:d9:c6:23:36:a8:ce:15:11:75:e5:37:8d:
78:89:f1:61:0a:00:07:f4:33:04:d4:3b:95:58:71:
3a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7C:02:CB:19:FA:7F:C3:E7:29:81:3E:C6:04:8D:BF:86:7C:B7:AA
X509v3 Authority Key Identifier:
keyid:68:E3:BA:87:E3:A9:34:68:CC:3B:3C:3F:60:FA:63:D5:E8:53:C3:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOO6h-OpNGjMOzw_YPpj1ehTwxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/iHwCyxn6f8PnKYE-xgSNv4Z8t6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/aOO6h-OpNGjMOzw_YPpj1ehTwxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.49.240.0/21
Signature Algorithm: sha256WithRSAEncryption
64:f5:60:c8:bf:ac:c5:9e:f9:77:ce:b5:46:1e:6c:3a:8c:43:
f4:3a:5d:2d:88:40:2b:e2:37:e8:4e:13:cf:15:f1:76:be:19:
50:13:f1:d7:aa:29:43:94:f0:81:22:3a:fb:3d:10:c6:09:b7:
76:b4:b5:ec:a8:4e:a8:80:f3:d0:91:d8:b3:d5:86:e2:b1:9e:
c5:5d:cf:07:c7:6e:34:b6:d0:f7:2c:94:ff:c1:7c:b6:ce:4e:
d4:03:4f:5e:56:70:53:1b:2d:40:43:90:17:5c:ac:3b:f9:a3:
ed:a6:04:7b:65:43:96:93:dc:ef:a0:1b:53:73:4c:a3:84:5f:
ec:7a:27:a0:9d:d3:d6:ff:85:54:bb:5b:37:2d:40:c9:1e:42:
dc:20:e6:42:d5:9c:3f:75:7a:4b:85:77:43:24:9b:0f:e8:98:
f7:60:fc:2b:be:dd:80:c2:8c:e7:e0:f8:46:94:f0:3d:3b:bb:
33:6e:9d:1d:2b:69:d9:2a:e2:c1:a7:19:83:9c:63:5b:c0:54:
c7:eb:ae:8c:20:5f:06:7f:88:44:16:1a:bf:61:3a:e7:39:b5:
42:80:c4:75:ed:e3:5e:6d:8e:f2:6e:b3:5c:f6:be:0f:94:93:
a3:e4:dc:b2:21:16:d4:e8:2b:91:52:37:0b:a8:e6:b0:44:da:
e9:0f:af:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb2G4xus9JKHaknJ7W7w3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTNiYTg3ZTNhOTM0NjhjYzNiM2MzZjYwZmE2M2Q1ZTg1
M2MzMTQwHhcNMjQwMTAyMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODdjMDJjYjE5ZmE3ZmMzZTcyOTgxM2VjNjA0OGRiZjg2N2NiN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih6jzmR+j7Mro1jz0SP3/lgLzVYG
V3M8EsCtZJ1TG0h6XA3fEIrHd3BSZrAOA8xzSCen6BVmzIcX6/eWUPRiUX9vTdqu
/sk29rPASsFgy8e8t8hIABUXQ8wUlTZyUF+z/s1sv/5RejQHKVEypnh139IpF8CO
8zoXseqHZ4bKaqBCWJVWYsNqw2dL863Kw1Kr882gy+R2egph1KR3ZBIKGy0CRQj5
nNajgDirZtvYbqu/JZ4d7V35gnmMTZWjPqrM4Bg/JpAFRqDV0ZftGGQOtFVrFZgN
Bb0xyzuiYpjR4rwQxPfZxiM2qM4VEXXlN414ifFhCgAH9DME1DuVWHE67wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIh8AssZ+n/D5ymBPsYEjb+GfLeqMB8GA1UdIwQY
MBaAFGjjuofjqTRozDs8P2D6Y9XoU8MUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9PNmgtT3BOR2pNT3p3X1lQcGoxZWhUd3hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xZWZmMTctNjVlYy00NWVhLWE3NWQt
OTZlYjA3Zjc4MjViLzEvaUh3Q3l4bjZmOFBuS1lFLXhnU052NFo4dDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xZWZmMTctNjVlYy00NWVhLWE3NWQtOTZlYjA3Zjc4MjVi
LzEvYU9PNmgtT3BOR2pNT3p3X1lQcGoxZWhUd3hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwzHwMA0G
CSqGSIb3DQEBCwUAA4IBAQBk9WDIv6zFnvl3zrVGHmw6jEP0Ol0tiEAr4jfoThPP
FfF2vhlQE/HXqilDlPCBIjr7PRDGCbd2tLXsqE6ogPPQkdiz1YbisZ7FXc8Hx240
ttD3LJT/wXy2zk7UA09eVnBTGy1AQ5AXXKw7+aPtpgR7ZUOWk9zvoBtTc0yjhF/s
eiegndPW/4VUu1s3LUDJHkLcIOZC1Zw/dXpLhXdDJJsP6Jj3YPwrvt2Awozn4PhG
lPA9O7szbp0dK2nZKuLBpxmDnGNbwFTH666MIF8Gf4hEFhq/YTrnObVCgMR17eNe
bY7ybrNc9r4PlJOj5NyyIRbU6CuRUjcLqOawRNrpD69n
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:46 2025 by rpki-client