Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/5MSgbdj6tut_JRPz5-bC1cx9dzw.roa
File: 5MSgbdj6tut_JRPz5-bC1cx9dzw.roa (raw, json)
Hash identifier: xfP/JeW4TxodMml8GrKAsWAeSDSDXPK5fMeHx3F0EqQ=
Subject key identifier: E4:C4:A0:6D:D8:FA:B6:EB:7F:25:13:F3:E7:E6:C2:D5:CC:7D:77:3C
Certificate issuer: /CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Certificate serial: 01856C9CCAF48E6BFF81B2C5A5EE490A6007
Authority key identifier: D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/5MSgbdj6tut_JRPz5-bC1cx9dzw.roa
Signing time: Sun 01 Jan 2023 09:14:52 +0000
ROA not before: Sun 01 Jan 2023 09:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8244
IP address blocks: 195.230.192.0/22 maxlen: 22
195.230.200.0/21 maxlen: 21
2a01:ac40:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:ca:f4:8e:6b:ff:81:b2:c5:a5:ee:49:0a:60:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Validity
Not Before: Jan 1 09:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4c4a06dd8fab6eb7f2513f3e7e6c2d5cc7d773c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fe:f3:4f:a0:ba:77:c2:83:cb:bc:34:ef:26:
94:31:9a:b1:3a:f5:39:c3:82:30:43:6a:c8:30:e9:
1d:4b:76:12:92:d0:35:23:3b:83:ab:c8:83:5c:2f:
5d:46:04:8f:1e:93:f1:8e:d4:75:30:95:ab:22:27:
16:3a:35:e1:3c:54:f2:01:00:e3:53:28:84:fc:f7:
30:00:2a:08:21:60:75:63:7c:48:73:b6:55:d1:82:
0c:e3:9d:7e:1d:42:31:dc:54:1e:e4:b6:47:92:f1:
b3:47:ca:2d:c4:b4:3c:72:6b:b9:d2:d7:32:a7:3f:
32:ad:3b:78:e1:db:5b:c5:2b:1e:8b:c9:07:90:c7:
d8:cc:cc:49:c6:f6:79:1d:41:c9:c3:80:6e:79:23:
dc:35:4c:ae:ca:9d:c5:35:8d:ad:15:29:58:09:10:
a6:e0:ce:83:94:09:76:be:96:f7:3e:35:20:11:e7:
be:70:77:5c:0e:4b:61:5e:fa:61:de:39:41:60:71:
67:2b:e3:fa:dc:89:78:4a:f4:cc:dc:bf:67:fb:af:
17:fe:22:98:8e:6c:5c:af:8a:c0:7c:52:20:a8:74:
96:b5:a6:74:55:31:99:7c:9e:6f:48:7e:41:07:40:
e7:b6:d7:5a:df:93:d1:f9:df:54:b8:05:4b:18:13:
2f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C4:A0:6D:D8:FA:B6:EB:7F:25:13:F3:E7:E6:C2:D5:CC:7D:77:3C
X509v3 Authority Key Identifier:
keyid:D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/5MSgbdj6tut_JRPz5-bC1cx9dzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.192.0/22
195.230.200.0/21
IPv6:
2a01:ac40:2000::/36
Signature Algorithm: sha256WithRSAEncryption
76:37:ed:c9:84:14:e4:f0:63:f4:2f:fb:67:6e:42:7d:9b:52:
6b:19:f2:23:19:ce:f3:05:3e:78:06:f8:6f:60:35:0a:9f:e8:
59:35:d0:66:86:f8:5c:ce:46:b1:44:b1:b9:9b:da:66:57:34:
0c:7c:d7:2b:ff:7b:0e:27:70:d9:24:b0:20:79:97:81:e9:5c:
c9:4f:e3:aa:93:da:73:43:ea:77:21:f5:d0:85:87:2f:a2:8d:
ee:27:b9:3f:e0:e3:08:fb:b2:d9:c9:e3:c0:87:e5:52:9d:ed:
31:1e:f2:2a:d1:4a:c7:08:75:a0:9f:63:6d:e7:8c:50:00:cf:
20:58:0f:78:01:4d:ee:f1:9c:79:9b:95:f6:17:61:f3:53:52:
42:b3:8b:34:9c:51:a7:ba:ff:34:89:83:97:0d:a6:5f:8a:c0:
60:83:cd:10:a3:7f:70:7d:e1:9d:da:c6:ec:aa:84:93:4c:53:
81:4c:35:7f:5f:cc:f6:42:81:5e:9b:46:1b:0c:b6:a3:37:05:
4e:26:bc:95:75:93:5b:87:9e:34:e6:5e:7e:1a:12:2e:00:33:
cc:8a:b3:a8:09:0c:36:f5:71:ac:5e:4e:0e:1a:fc:28:49:57:
08:b9:7a:7d:48:97:41:77:76:a0:41:c2:a7:76:5d:b4:16:c9:
4b:4c:8e:64
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVsnMr0jmv/gbLFpe5JCmAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGFkZWNkODRiYjE3NDhiZDM1Yjk5ZWNlYTQ2NzcyZTAx
ZWM5MzUwHhcNMjMwMTAxMDkxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGM0YTA2ZGQ4ZmFiNmViN2YyNTEzZjNlN2U2YzJkNWNjN2Q3NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv7zT6C6d8KDy7w07yaUMZqxOvU5
w4IwQ2rIMOkdS3YSktA1IzuDq8iDXC9dRgSPHpPxjtR1MJWrIicWOjXhPFTyAQDj
UyiE/PcwACoIIWB1Y3xIc7ZV0YIM451+HUIx3FQe5LZHkvGzR8otxLQ8cmu50tcy
pz8yrTt44dtbxSsei8kHkMfYzMxJxvZ5HUHJw4BueSPcNUyuyp3FNY2tFSlYCRCm
4M6DlAl2vpb3PjUgEee+cHdcDkthXvph3jlBYHFnK+P63Il4SvTM3L9n+68X/iKY
jmxcr4rAfFIgqHSWtaZ0VTGZfJ5vSH5BB0Dnttda35PR+d9UuAVLGBMvKQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOTEoG3Y+rbrfyUT8+fmwtXMfXc8MB8GA1UdIwQY
MBaAFNJK3s2EuxdIvTW5ns6kZ3LgHsk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEt
NDhhNjA3YmJlMjVlLzEvNU1TZ2JkajZ0dXRfSlJQejUtYkMxY3g5ZHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEtNDhhNjA3YmJlMjVl
LzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCw+bAAwQD
w+bIMA4EAgACMAgDBgQqAaxAIDANBgkqhkiG9w0BAQsFAAOCAQEAdjftyYQU5PBj
9C/7Z25CfZtSaxnyIxnO8wU+eAb4b2A1Cp/oWTXQZob4XM5GsUSxuZvaZlc0DHzX
K/97Didw2SSwIHmXgelcyU/jqpPac0PqdyH10IWHL6KN7ie5P+DjCPuy2cnjwIfl
Up3tMR7yKtFKxwh1oJ9jbeeMUADPIFgPeAFN7vGceZuV9hdh81NSQrOLNJxRp7r/
NImDlw2mX4rAYIPNEKN/cH3hndrG7KqEk0xTgUw1f1/M9kKBXptGGwy2ozcFTia8
lXWTW4eeNOZefhoSLgAzzIqzqAkMNvVxrF5ODhr8KElXCLl6fUiXQXd2oEHCp3Zd
tBbJS0yOZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:06 2024 by rpki-client on console-ams.rpki-client.org