Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/TRvJEz0w_ew0pVArC439MR6Xyyw.roa
File: TRvJEz0w_ew0pVArC439MR6Xyyw.roa (raw, json)
Hash identifier: atsPAp3se41qlNzHHmv2h5B41ty7XT8ynpTb8OWvDyE=
Subject key identifier: 4D:1B:C9:13:3D:30:FD:EC:34:A5:50:2B:0B:8D:FD:31:1E:97:CB:2C
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 0191F62C10E2BFCFED20466B41C86DA7E826
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/TRvJEz0w_ew0pVArC439MR6Xyyw.roa
Signing time: Sun 15 Sep 2024 14:52:48 +0000
ROA not before: Sun 15 Sep 2024 14:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 195.66.218.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 15 Sep 2024 14:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f6:2c:10:e2:bf:cf:ed:20:46:6b:41:c8:6d:a7:e8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Sep 15 14:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d1bc9133d30fdec34a5502b0b8dfd311e97cb2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c8:b1:ce:ae:97:b0:43:ab:7d:79:40:6e:98:
26:f1:fa:63:25:f8:cd:3b:2c:84:6d:a3:13:c6:e4:
2a:25:2a:a8:d9:5d:2d:19:3b:53:32:44:8e:bb:36:
7e:e9:83:ed:ef:be:40:ff:e1:37:e3:ae:ae:50:79:
1b:d7:b8:d3:b9:c8:b2:35:62:09:8f:5b:00:d9:96:
c5:91:7b:42:48:4b:21:70:40:97:17:60:13:83:c8:
0b:68:9b:8a:21:c8:ef:1e:28:15:b6:e9:ee:f4:7d:
83:fb:8d:5c:13:be:c5:57:d3:90:c5:2f:fc:10:fd:
9b:c4:47:83:96:53:14:9f:7e:78:ba:7a:65:89:e1:
ca:95:49:16:ea:0b:7e:38:2d:cc:c0:40:a0:5c:d8:
0f:1c:6b:87:21:74:48:41:d5:3f:da:c6:a2:5c:f3:
13:01:2b:7e:ef:b3:df:44:05:dd:2f:ce:d4:64:cb:
00:37:00:e8:f8:42:6b:d6:f6:eb:5d:c3:a2:a8:84:
74:a7:29:1a:4e:e6:b6:97:30:a5:7f:05:bf:45:67:
59:cc:bb:3e:c2:bd:51:84:10:78:69:24:09:40:e6:
24:67:aa:1a:c9:43:b8:c5:cd:64:83:97:67:1e:e9:
e6:5c:99:b2:64:ef:be:d4:df:b4:a1:cd:27:bb:bf:
87:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1B:C9:13:3D:30:FD:EC:34:A5:50:2B:0B:8D:FD:31:1E:97:CB:2C
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/TRvJEz0w_ew0pVArC439MR6Xyyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.218.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:76:80:3c:b3:8f:b2:b1:cd:ee:c2:38:b9:ca:8e:ce:3d:19:
09:5b:2b:f9:80:16:d3:86:3e:09:0f:7c:3b:de:1a:ac:72:71:
c5:cf:9c:52:f2:23:86:0b:10:30:9e:51:ed:ae:fa:61:74:ab:
3c:2b:64:af:d1:bb:1a:4c:d5:cc:79:62:a4:58:5a:cd:55:9e:
fd:89:0f:34:18:d2:72:4b:ea:00:13:e1:3a:7f:20:26:cd:0f:
28:78:a2:cb:e8:a5:f6:6e:0b:a9:71:e4:46:d1:7e:72:c7:13:
33:c2:4d:fe:d8:12:3e:d0:18:24:8c:33:d7:ab:95:fa:01:09:
5f:9c:48:86:b7:37:11:42:f7:48:75:8f:b2:01:7e:d6:c7:17:
f8:d8:c6:17:cd:bb:dc:de:f4:b5:f8:aa:e6:b2:ee:b3:01:4f:
ba:46:35:fa:dc:4f:1d:fc:48:7b:a0:1a:f2:6e:53:e1:75:ab:
fe:1f:eb:f3:bc:71:0d:70:c1:83:5d:9d:34:89:d6:2f:9f:2d:
0d:dd:64:0d:49:30:e3:f7:d0:70:41:1b:68:17:06:29:03:47:
c4:c6:cd:30:09:66:0f:0b:a7:ca:69:85:32:89:bd:cb:a1:a8:
f7:c5:1d:88:c6:64:f8:f4:31:3b:9b:15:6e:ab:38:fa:30:80:
fa:ac:79:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZH2LBDiv8/tIEZrQchtp+gmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjQwOTE1MTQ1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDFiYzkxMzNkMzBmZGVjMzRhNTUwMmIwYjhkZmQzMTFlOTdjYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Mixzq6XsEOrfXlAbpgm8fpjJfjN
OyyEbaMTxuQqJSqo2V0tGTtTMkSOuzZ+6YPt775A/+E3466uUHkb17jTuciyNWIJ
j1sA2ZbFkXtCSEshcECXF2ATg8gLaJuKIcjvHigVtunu9H2D+41cE77FV9OQxS/8
EP2bxEeDllMUn354unplieHKlUkW6gt+OC3MwECgXNgPHGuHIXRIQdU/2saiXPMT
ASt+77PfRAXdL87UZMsANwDo+EJr1vbrXcOiqIR0pykaTua2lzClfwW/RWdZzLs+
wr1RhBB4aSQJQOYkZ6oayUO4xc1kg5dnHunmXJmyZO++1N+0oc0nu7+HywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0byRM9MP3sNKVQKwuN/TEel8ssMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvVFJ2SkV6MHdfZXcwcFZBckM0MzlNUjZYeXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0LaMA0G
CSqGSIb3DQEBCwUAA4IBAQCqdoA8s4+ysc3uwji5yo7OPRkJWyv5gBbThj4JD3w7
3hqscnHFz5xS8iOGCxAwnlHtrvphdKs8K2Sv0bsaTNXMeWKkWFrNVZ79iQ80GNJy
S+oAE+E6fyAmzQ8oeKLL6KX2bgupceRG0X5yxxMzwk3+2BI+0BgkjDPXq5X6AQlf
nEiGtzcRQvdIdY+yAX7Wxxf42MYXzbvc3vS1+Krmsu6zAU+6RjX63E8d/Eh7oBry
blPhdav+H+vzvHENcMGDXZ00idYvny0N3WQNSTDj99BwQRtoFwYpA0fExs0wCWYP
C6fKaYUyib3Loaj3xR2IxmT49DE7mxVuqzj6MID6rHny
-----END CERTIFICATE-----
Generated at Wed May 14 08:10:01 2025 by rpki-client