Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/O861uKqzpR948Ax7zr2ZwZ_M_3Y.roa
File: O861uKqzpR948Ax7zr2ZwZ_M_3Y.roa (raw, json)
Hash identifier: jcVAuDqPkeJUFv6CTrpBPFSl/x3Ybnxrts0TWovEVkI=
Subject key identifier: 3B:CE:B5:B8:AA:B3:A5:1F:78:F0:0C:7B:CE:BD:99:C1:9F:CC:FF:76
Certificate issuer: /CN=82e22da9bf0a74171eebb4cd98fc25f3041add2f
Certificate serial: 01856C13570E2B1041089E9503317578CBB7
Authority key identifier: 82:E2:2D:A9:BF:0A:74:17:1E:EB:B4:CD:98:FC:25:F3:04:1A:DD:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guItqb8KdBce67TNmPwl8wQa3S8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/O861uKqzpR948Ax7zr2ZwZ_M_3Y.roa
Signing time: Sun 01 Jan 2023 06:44:44 +0000
ROA not before: Sun 01 Jan 2023 06:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29445
IP address blocks: 195.149.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:57:0e:2b:10:41:08:9e:95:03:31:75:78:cb:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e22da9bf0a74171eebb4cd98fc25f3041add2f
Validity
Not Before: Jan 1 06:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bceb5b8aab3a51f78f00c7bcebd99c19fccff76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:91:c1:83:d4:c9:52:23:a8:85:fa:54:ce:2a:
c7:df:6f:53:0c:47:e9:5d:fd:e7:d6:69:d1:07:8f:
2d:ed:02:2a:b4:59:46:50:b9:5e:51:d0:91:17:2c:
d9:55:06:52:08:f8:a5:49:33:ba:4c:be:c8:fa:a6:
0a:ce:ca:93:3f:6b:78:85:e2:02:ad:40:46:60:2a:
e3:fa:ba:d7:37:1f:11:6c:f5:6f:1f:14:48:3d:8f:
7b:7a:ed:b5:5d:5d:e3:90:13:4f:8d:b3:47:fa:99:
4d:0a:1c:4c:95:b7:5b:49:0a:96:77:8b:8a:86:cf:
7b:e9:d5:7a:13:1b:7f:3b:85:61:29:a5:22:d5:b2:
9b:f9:43:dd:51:27:0b:18:3a:f1:1f:6c:70:f0:51:
01:b8:d1:d4:2d:43:93:27:05:d8:67:df:de:2e:7f:
61:c9:01:8a:b0:11:3a:e6:45:a6:51:f4:a7:12:db:
3c:a1:c7:d3:ce:d1:0f:f2:ef:16:92:29:bd:92:9e:
d1:13:46:b3:76:d5:76:c3:9d:b8:04:27:de:42:d0:
4b:f6:57:8b:ab:19:69:8f:3b:f3:9c:17:bb:18:d6:
02:a9:aa:6e:7d:c7:08:d5:11:54:b7:a3:a5:22:df:
6e:55:b4:5e:ec:0b:36:e7:46:eb:83:9e:2b:d1:7c:
7e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CE:B5:B8:AA:B3:A5:1F:78:F0:0C:7B:CE:BD:99:C1:9F:CC:FF:76
X509v3 Authority Key Identifier:
keyid:82:E2:2D:A9:BF:0A:74:17:1E:EB:B4:CD:98:FC:25:F3:04:1A:DD:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guItqb8KdBce67TNmPwl8wQa3S8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/O861uKqzpR948Ax7zr2ZwZ_M_3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/guItqb8KdBce67TNmPwl8wQa3S8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.95.0/24
Signature Algorithm: sha256WithRSAEncryption
51:3b:87:2d:aa:87:0c:9e:ce:4e:20:2b:7a:b7:d4:19:79:03:
26:af:a6:62:c9:d4:29:40:37:c3:48:c1:91:f7:90:40:8f:68:
4a:0d:59:39:a7:3d:80:06:27:15:02:ab:6e:cd:8d:9c:8b:e4:
26:42:ca:f1:db:14:7e:8e:a3:be:2d:45:46:ed:45:0c:97:4c:
8d:01:50:25:59:ab:df:e9:f6:ed:aa:2c:7f:f8:fe:1f:f7:9a:
5c:c8:ef:08:d0:c1:09:f3:20:b3:d5:f2:f3:be:16:d3:ae:a4:
1c:b5:e0:f2:4c:be:01:56:7a:26:35:32:de:6a:98:f0:5a:cf:
fb:c2:cd:02:49:82:e7:35:28:35:9c:32:00:40:aa:67:7d:81:
85:a2:27:50:3d:27:be:d7:b8:fa:97:3b:63:8e:34:87:01:41:
4d:f8:e8:17:d1:f6:98:2c:46:cf:3f:72:24:fe:cd:bf:48:3a:
00:66:3a:56:f4:7c:8e:8b:c7:2a:08:da:5d:15:20:75:82:4b:
70:c5:76:59:b8:37:f3:26:59:9b:72:db:fc:bd:e8:71:2e:b5:
88:e3:42:45:6e:eb:40:7a:c8:20:e8:0b:c1:62:cc:2c:b2:c2:
bb:43:46:5d:bf:be:0b:7f:d5:4a:9a:f5:c1:2d:a2:59:70:e6:
72:22:41:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE1cOKxBBCJ6VAzF1eMu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTIyZGE5YmYwYTc0MTcxZWViYjRjZDk4ZmMyNWYzMDQx
YWRkMmYwHhcNMjMwMTAxMDY0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmNlYjViOGFhYjNhNTFmNzhmMDBjN2JjZWJkOTljMTlmY2NmZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJHBg9TJUiOohfpUzirH329TDEfp
Xf3n1mnRB48t7QIqtFlGULleUdCRFyzZVQZSCPilSTO6TL7I+qYKzsqTP2t4heIC
rUBGYCrj+rrXNx8RbPVvHxRIPY97eu21XV3jkBNPjbNH+plNChxMlbdbSQqWd4uK
hs976dV6Ext/O4VhKaUi1bKb+UPdUScLGDrxH2xw8FEBuNHULUOTJwXYZ9/eLn9h
yQGKsBE65kWmUfSnEts8ocfTztEP8u8Wkim9kp7RE0azdtV2w524BCfeQtBL9leL
qxlpjzvznBe7GNYCqapufccI1RFUt6OlIt9uVbRe7As250brg54r0Xx+1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvOtbiqs6UfePAMe869mcGfzP92MB8GA1UdIwQY
MBaAFILiLam/CnQXHuu0zZj8JfMEGt0vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VJdHFiOEtkQmNlNjdUTm1Qd2w4d1FhM1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9hODliM2MtOTcyYy00YmVlLTgwZjIt
NWMyOTE5ZGE4ZGYzLzEvTzg2MXVLcXpwUjk0OEF4N3pyMlp3Wl9NXzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9hODliM2MtOTcyYy00YmVlLTgwZjItNWMyOTE5ZGE4ZGYz
LzEvZ3VJdHFiOEtkQmNlNjdUTm1Qd2w4d1FhM1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5VfMA0G
CSqGSIb3DQEBCwUAA4IBAQBRO4ctqocMns5OICt6t9QZeQMmr6ZiydQpQDfDSMGR
95BAj2hKDVk5pz2ABicVAqtuzY2ci+QmQsrx2xR+jqO+LUVG7UUMl0yNAVAlWavf
6fbtqix/+P4f95pcyO8I0MEJ8yCz1fLzvhbTrqQcteDyTL4BVnomNTLeapjwWs/7
ws0CSYLnNSg1nDIAQKpnfYGFoidQPSe+17j6lztjjjSHAUFN+OgX0faYLEbPP3Ik
/s2/SDoAZjpW9HyOi8cqCNpdFSB1gktwxXZZuDfzJlmbctv8vehxLrWI40JFbutA
esgg6AvBYswsssK7Q0Zdv74Lf9VKmvXBLaJZcOZyIkFd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:41 2024 by rpki-client on console-fra.rpki-client.org