Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/4a0237-836b-4596-849e-2d423b81df1c/1/H_etwEsGClpZGTANvp1iqyjbaiw.roa
File: H_etwEsGClpZGTANvp1iqyjbaiw.roa (raw, json)
Hash identifier: 8h57BLicWTslD50tmVcZ+/qBQj1W9BlJXbLmylA8vDs=
Subject key identifier: 1F:F7:AD:C0:4B:06:0A:5A:59:19:30:0D:BE:9D:62:AB:28:DB:6A:2C
Certificate issuer: /CN=0648a991805f93d24bbe1edb3e961f5a1d25b248
Certificate serial: 018C34B4D2B74EA8A8E158D3AB851B58AF20
Authority key identifier: 06:48:A9:91:80:5F:93:D2:4B:BE:1E:DB:3E:96:1F:5A:1D:25:B2:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BkipkYBfk9JLvh7bPpYfWh0lskg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/4a0237-836b-4596-849e-2d423b81df1c/1/H_etwEsGClpZGTANvp1iqyjbaiw.roa
Signing time: Mon 04 Dec 2023 12:01:54 +0000
ROA not before: Mon 04 Dec 2023 12:01:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211409
IP address blocks: 195.20.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:b4:d2:b7:4e:a8:a8:e1:58:d3:ab:85:1b:58:af:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0648a991805f93d24bbe1edb3e961f5a1d25b248
Validity
Not Before: Dec 4 12:01:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ff7adc04b060a5a5919300dbe9d62ab28db6a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e2:0f:65:c4:27:b5:65:eb:b2:15:5a:86:21:
95:6c:1c:fa:51:5e:75:a6:44:e0:05:d8:c9:a7:a7:
3f:f8:c4:c6:4f:cf:4a:ff:fd:ad:2b:03:5f:5c:4e:
d8:11:32:9d:4b:ba:4b:32:57:6a:d3:f7:b5:51:bc:
8c:de:42:ee:64:d1:17:a8:91:01:99:a1:13:00:df:
c1:98:cc:75:6f:5f:7c:26:76:39:83:10:45:6f:b1:
32:6e:95:84:c4:21:17:7d:40:4d:2a:43:16:d3:f1:
2f:53:ae:4f:9e:70:12:bd:52:fc:a5:1e:16:92:01:
2a:53:fa:8a:ab:be:7f:10:d7:7d:62:61:8e:18:50:
c9:68:87:99:0a:4f:9d:da:fd:2a:42:c0:af:db:e6:
50:c1:20:58:ef:b7:c2:fc:2c:d4:82:33:5e:f2:01:
35:4f:6a:02:3a:12:e7:c5:2b:2f:df:28:10:30:ad:
63:8a:f4:44:34:2c:b0:3a:0e:c9:92:79:4d:90:bc:
8a:67:41:b6:a8:b2:38:8c:93:8a:36:10:25:1a:48:
94:5b:14:fe:42:e1:83:a5:2d:70:1f:2b:42:ec:61:
e4:28:1a:6c:ab:1a:01:40:2f:8d:b1:91:eb:0f:05:
eb:ae:ea:8b:d2:51:33:58:d3:9e:4c:af:61:60:57:
3a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F7:AD:C0:4B:06:0A:5A:59:19:30:0D:BE:9D:62:AB:28:DB:6A:2C
X509v3 Authority Key Identifier:
keyid:06:48:A9:91:80:5F:93:D2:4B:BE:1E:DB:3E:96:1F:5A:1D:25:B2:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkipkYBfk9JLvh7bPpYfWh0lskg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/4a0237-836b-4596-849e-2d423b81df1c/1/H_etwEsGClpZGTANvp1iqyjbaiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/4a0237-836b-4596-849e-2d423b81df1c/1/BkipkYBfk9JLvh7bPpYfWh0lskg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.16.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:59:6e:bc:6d:c6:c0:1e:af:8d:39:ea:3a:89:d4:b1:16:c9:
2c:45:71:bc:d8:64:4a:14:17:07:5a:95:85:df:34:3d:53:e6:
53:c2:e9:98:2b:6a:43:0e:99:29:c6:f7:02:07:fc:08:0a:57:
3c:60:86:7b:fb:6d:bc:2c:42:b8:89:b1:89:1f:15:ea:ac:6e:
59:3d:f9:e0:c2:15:5f:c1:a2:f6:bf:6b:84:60:f4:30:67:dc:
10:25:b7:72:07:95:aa:69:01:b6:63:70:f5:cd:93:4f:c9:06:
e4:e9:01:72:a5:54:28:96:44:8f:de:11:a6:0d:6d:ed:5b:36:
8f:7a:be:e8:b0:24:07:b9:d2:b5:a4:a9:8d:c6:3b:7d:83:05:
fa:3e:40:43:b2:ca:19:57:62:2f:db:a8:1f:48:41:cf:bf:73:
28:96:b9:2b:46:ce:f4:9e:70:e3:70:5e:48:85:75:8d:15:9b:
5f:a8:1a:c1:d2:d3:57:fe:fb:c5:97:89:91:d0:17:ff:80:3c:
81:8d:90:19:3c:ef:53:19:96:93:9e:cf:d5:5e:7f:55:dd:80:
52:8f:92:06:e8:b0:e9:3c:df:be:44:ab:03:4a:f7:73:a8:a2:
4a:88:68:b5:8a:e7:af:68:41:19:37:fb:80:9e:bf:ac:fd:67:
34:66:f1:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw0tNK3Tqio4VjTq4UbWK8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NDhhOTkxODA1ZjkzZDI0YmJlMWVkYjNlOTYxZjVhMWQy
NWIyNDgwHhcNMjMxMjA0MTIwMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmY3YWRjMDRiMDYwYTVhNTkxOTMwMGRiZTlkNjJhYjI4ZGI2YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheIPZcQntWXrshVahiGVbBz6UV51
pkTgBdjJp6c/+MTGT89K//2tKwNfXE7YETKdS7pLMldq0/e1UbyM3kLuZNEXqJEB
maETAN/BmMx1b198JnY5gxBFb7EybpWExCEXfUBNKkMW0/EvU65PnnASvVL8pR4W
kgEqU/qKq75/ENd9YmGOGFDJaIeZCk+d2v0qQsCv2+ZQwSBY77fC/CzUgjNe8gE1
T2oCOhLnxSsv3ygQMK1jivRENCywOg7JknlNkLyKZ0G2qLI4jJOKNhAlGkiUWxT+
QuGDpS1wHytC7GHkKBpsqxoBQC+NsZHrDwXrruqL0lEzWNOeTK9hYFc6uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/3rcBLBgpaWRkwDb6dYqso22osMB8GA1UdIwQY
MBaAFAZIqZGAX5PSS74e2z6WH1odJbJIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmtpcGtZQmZrOUpMdmg3YlBwWWZXaDBsc2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80YTAyMzctODM2Yi00NTk2LTg0OWUt
MmQ0MjNiODFkZjFjLzEvSF9ldHdFc0dDbHBaR1RBTnZwMWlxeWpiYWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80YTAyMzctODM2Yi00NTk2LTg0OWUtMmQ0MjNiODFkZjFj
LzEvQmtpcGtZQmZrOUpMdmg3YlBwWWZXaDBsc2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxQQMA0G
CSqGSIb3DQEBCwUAA4IBAQCuWW68bcbAHq+NOeo6idSxFsksRXG82GRKFBcHWpWF
3zQ9U+ZTwumYK2pDDpkpxvcCB/wIClc8YIZ7+228LEK4ibGJHxXqrG5ZPfngwhVf
waL2v2uEYPQwZ9wQJbdyB5WqaQG2Y3D1zZNPyQbk6QFypVQolkSP3hGmDW3tWzaP
er7osCQHudK1pKmNxjt9gwX6PkBDssoZV2Iv26gfSEHPv3MolrkrRs70nnDjcF5I
hXWNFZtfqBrB0tNX/vvFl4mR0Bf/gDyBjZAZPO9TGZaTns/VXn9V3YBSj5IG6LDp
PN++RKsDSvdzqKJKiGi1iuevaEEZN/uAnr+s/Wc0ZvHA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:53 2024 by rpki-client on console-ams.rpki-client.org