Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/t-1_HilDbWe9tlOkhU8GwXAguLw.roa
File: t-1_HilDbWe9tlOkhU8GwXAguLw.roa (raw, json)
Hash identifier: EqWicpOlq5Y1mRfKekWkDCuclgFn1IN9+RAr35DSWRM=
Subject key identifier: B7:ED:7F:1E:29:43:6D:67:BD:B6:53:A4:85:4F:06:C1:70:20:B8:BC
Certificate issuer: /CN=15cce061d2408d9a8f6b2b94162d1f74fac3dcac
Certificate serial: 018AD5C7585BA42A1E5872BB657F2DB3AE7C
Authority key identifier: 15:CC:E0:61:D2:40:8D:9A:8F:6B:2B:94:16:2D:1F:74:FA:C3:DC:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FczgYdJAjZqPayuUFi0fdPrD3Kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/t-1_HilDbWe9tlOkhU8GwXAguLw.roa
Signing time: Wed 27 Sep 2023 08:35:25 +0000
ROA not before: Wed 27 Sep 2023 08:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34975
IP address blocks: 95.129.57.0/24 maxlen: 24
95.129.56.0/21 maxlen: 21
95.129.56.0/24 maxlen: 24
95.129.58.0/24 maxlen: 24
185.18.20.0/22 maxlen: 22
95.129.60.0/22 maxlen: 22
95.129.59.0/24 maxlen: 24
95.143.17.0/24 maxlen: 24
95.143.16.0/24 maxlen: 24
95.143.16.0/20 maxlen: 20
95.143.20.0/24 maxlen: 24
95.143.19.0/24 maxlen: 24
95.143.24.0/21 maxlen: 21
95.143.18.0/24 maxlen: 24
95.143.23.0/24 maxlen: 24
95.143.22.0/24 maxlen: 24
95.143.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:c7:58:5b:a4:2a:1e:58:72:bb:65:7f:2d:b3:ae:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15cce061d2408d9a8f6b2b94162d1f74fac3dcac
Validity
Not Before: Sep 27 08:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7ed7f1e29436d67bdb653a4854f06c17020b8bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ce:a6:21:dd:42:dd:f8:75:9c:d5:4c:31:e7:
5a:97:4d:e6:33:93:9a:35:58:ea:1b:1c:65:03:18:
d9:b3:6a:8a:9f:00:93:7a:a3:12:09:e7:2e:07:a5:
64:d1:0e:97:94:64:22:fd:8d:c1:a2:9f:d3:fd:15:
86:5e:78:d8:1c:50:0a:77:bc:31:81:29:bb:68:47:
3d:85:07:be:38:7b:0d:c2:cd:48:b7:b3:80:43:d0:
26:c4:9d:39:34:0f:c9:6e:7b:db:c0:c5:be:7b:57:
3f:42:cc:46:33:19:fa:6d:08:b0:46:9c:35:a9:00:
2c:af:7c:56:9e:f8:57:86:57:ae:25:37:29:cd:dc:
58:ee:d6:7b:8e:22:39:fc:3f:f5:af:44:df:97:81:
43:c0:e1:34:98:75:79:48:d2:cc:09:da:1d:07:ae:
27:1f:4b:a4:c7:06:2b:35:53:b9:c1:04:26:1e:21:
e3:69:6a:e3:d4:cf:24:ce:4e:9e:9b:28:57:9e:7f:
43:b1:00:b2:3d:bb:d5:e1:8d:d7:52:9c:6b:98:22:
19:3c:28:f5:d2:f5:21:da:fd:17:a2:cb:a3:a7:7d:
d1:36:67:c5:a4:f0:79:79:2d:61:82:61:92:93:4c:
33:3d:e5:31:8b:65:92:ca:c1:6e:6f:e4:03:db:06:
ca:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:ED:7F:1E:29:43:6D:67:BD:B6:53:A4:85:4F:06:C1:70:20:B8:BC
X509v3 Authority Key Identifier:
keyid:15:CC:E0:61:D2:40:8D:9A:8F:6B:2B:94:16:2D:1F:74:FA:C3:DC:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FczgYdJAjZqPayuUFi0fdPrD3Kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/t-1_HilDbWe9tlOkhU8GwXAguLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/FczgYdJAjZqPayuUFi0fdPrD3Kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.56.0/21
95.143.16.0/20
185.18.20.0/22
Signature Algorithm: sha256WithRSAEncryption
14:c9:9b:dc:54:13:30:f6:fc:b6:13:5c:8e:d4:4b:ab:7e:d7:
da:fc:da:9e:be:a7:8c:a4:7e:91:8c:cc:c8:7b:b7:ea:19:81:
7a:38:fe:0d:e4:99:e3:61:05:3a:e9:3b:8c:78:35:9f:4a:47:
40:fb:b0:fe:cc:dc:3c:1f:62:b9:59:3e:f8:58:73:f6:a7:98:
52:70:84:7c:61:aa:89:8b:26:f5:29:d9:7c:47:38:a7:3b:04:
5b:a4:b8:e0:d4:db:3e:32:8d:5e:1a:0c:16:65:15:2b:64:e8:
64:d1:4a:82:c6:7e:93:a0:cc:d7:60:ae:b6:66:5b:b0:05:cd:
41:c1:e6:8b:cf:0c:8e:03:f6:ab:18:b9:11:45:27:44:13:8c:
17:f9:33:f2:3b:1f:17:fd:75:4e:18:1e:4f:92:bc:e6:ae:03:
13:57:72:8b:3a:1a:a4:10:e4:64:f1:e1:16:82:17:9b:56:91:
9e:cf:2d:d0:3a:a2:27:f1:9c:59:bb:b8:8a:2c:57:17:77:59:
28:bc:fa:44:91:f6:38:32:d2:f7:17:6b:1c:82:07:f5:bc:c9:
33:b0:e9:11:40:45:2f:4e:91:8e:ca:c4:e0:64:5c:59:ff:5d:
ee:4a:2d:15:36:8d:ef:39:57:65:fb:67:28:9c:6b:89:fe:5d:
2a:7b:c6:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrVx1hbpCoeWHK7ZX8ts658MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Y2NlMDYxZDI0MDhkOWE4ZjZiMmI5NDE2MmQxZjc0ZmFj
M2RjYWMwHhcNMjMwOTI3MDgzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2VkN2YxZTI5NDM2ZDY3YmRiNjUzYTQ4NTRmMDZjMTcwMjBiOGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAls6mId1C3fh1nNVMMedal03mM5Oa
NVjqGxxlAxjZs2qKnwCTeqMSCecuB6Vk0Q6XlGQi/Y3Bop/T/RWGXnjYHFAKd7wx
gSm7aEc9hQe+OHsNws1It7OAQ9AmxJ05NA/JbnvbwMW+e1c/QsxGMxn6bQiwRpw1
qQAsr3xWnvhXhleuJTcpzdxY7tZ7jiI5/D/1r0Tfl4FDwOE0mHV5SNLMCdodB64n
H0ukxwYrNVO5wQQmHiHjaWrj1M8kzk6emyhXnn9DsQCyPbvV4Y3XUpxrmCIZPCj1
0vUh2v0Xosujp33RNmfFpPB5eS1hgmGSk0wzPeUxi2WSysFub+QD2wbK0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLftfx4pQ21nvbZTpIVPBsFwILi8MB8GA1UdIwQY
MBaAFBXM4GHSQI2aj2srlBYtH3T6w9ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmN6Z1lkSkFqWnFQYXl1VUZpMGZkUHJEM0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85YWY4N2MtZTI3Mi00Zjg0LTkxNDMt
NjY4MmY3ODI3ZGYwLzEvdC0xX0hpbERiV2U5dGxPa2hVOEd3WEFndUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85YWY4N2MtZTI3Mi00Zjg0LTkxNDMtNjY4MmY3ODI3ZGYw
LzEvRmN6Z1lkSkFqWnFQYXl1VUZpMGZkUHJEM0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDX4E4AwQE
X48QAwQCuRIUMA0GCSqGSIb3DQEBCwUAA4IBAQAUyZvcVBMw9vy2E1yO1Eurftfa
/NqevqeMpH6RjMzIe7fqGYF6OP4N5JnjYQU66TuMeDWfSkdA+7D+zNw8H2K5WT74
WHP2p5hScIR8YaqJiyb1Kdl8RzinOwRbpLjg1Ns+Mo1eGgwWZRUrZOhk0UqCxn6T
oMzXYK62ZluwBc1BweaLzwyOA/arGLkRRSdEE4wX+TPyOx8X/XVOGB5PkrzmrgMT
V3KLOhqkEORk8eEWghebVpGezy3QOqIn8ZxZu7iKLFcXd1kovPpEkfY4MtL3F2sc
ggf1vMkzsOkRQEUvTpGOysTgZFxZ/13uSi0VNo3vOVdl+2conGuJ/l0qe8a5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:55 2024 by rpki-client on console-ams.rpki-client.org