Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/66f07d-adca-40b0-a0a0-e761819f475e/1/aQVPtkC5QLqu0QuHN4Ukf0gNT_0.roa
File: aQVPtkC5QLqu0QuHN4Ukf0gNT_0.roa (raw, json)
Hash identifier: bt7M4WisP7O/Bfy/B0k9+PJBVT/jpTIQhiLiSps1Zuc=
Subject key identifier: 69:05:4F:B6:40:B9:40:BA:AE:D1:0B:87:37:85:24:7F:48:0D:4F:FD
Certificate issuer: /CN=3296d853639bc0192994293ebde09805d2d622a4
Certificate serial: 01856CF849BE2D4476CC78F1F1389B87B46F
Authority key identifier: 32:96:D8:53:63:9B:C0:19:29:94:29:3E:BD:E0:98:05:D2:D6:22:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MpbYU2ObwBkplCk-veCYBdLWIqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/66f07d-adca-40b0-a0a0-e761819f475e/1/aQVPtkC5QLqu0QuHN4Ukf0gNT_0.roa
Signing time: Sun 01 Jan 2023 10:54:49 +0000
ROA not before: Sun 01 Jan 2023 10:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62009
IP address blocks: 95.214.88.0/22 maxlen: 22
185.51.136.0/22 maxlen: 22
2a0f:8a80::/29 maxlen: 29
2a04:c240::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:49:be:2d:44:76:cc:78:f1:f1:38:9b:87:b4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3296d853639bc0192994293ebde09805d2d622a4
Validity
Not Before: Jan 1 10:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69054fb640b940baaed10b873785247f480d4ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6b:a2:33:51:86:0a:eb:52:13:dc:06:ef:9d:
e9:d9:1c:ba:bf:81:b5:70:25:19:0f:36:c8:12:65:
10:4f:3b:32:3a:cb:2e:66:de:3a:2f:12:1e:26:55:
db:11:37:ed:63:bc:2c:29:4a:78:6f:ee:8d:45:0d:
12:0a:6f:c3:27:90:a0:62:47:40:a1:56:fd:ee:6a:
fb:eb:bb:58:ba:de:bf:be:93:95:04:90:6b:79:8e:
d1:55:cc:77:9b:97:cd:19:90:fc:c2:39:c1:f0:0f:
7d:07:7d:e0:b8:b6:66:37:53:e7:13:09:b5:02:d8:
43:97:0b:99:67:ba:b9:bb:f4:4f:b4:ab:28:58:e4:
6a:6e:e5:04:12:50:74:d5:b7:7f:e0:09:04:b1:36:
44:21:96:ba:6c:80:77:f9:0c:b2:4b:0d:04:29:30:
52:90:bb:4e:39:c0:3b:7a:e9:33:e9:8f:f0:f4:c0:
af:88:71:18:63:08:ef:c3:37:fe:c5:39:98:ab:60:
13:59:dd:33:85:52:2f:9c:c9:aa:ef:1f:0a:e1:6b:
bc:15:b0:74:c0:f0:31:92:89:55:6a:05:c9:21:48:
8f:97:c1:22:06:1b:9c:ca:60:13:e1:ec:b3:e5:c5:
79:f7:6f:5b:80:ad:43:7f:f6:93:e3:05:e0:4f:5f:
62:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:05:4F:B6:40:B9:40:BA:AE:D1:0B:87:37:85:24:7F:48:0D:4F:FD
X509v3 Authority Key Identifier:
keyid:32:96:D8:53:63:9B:C0:19:29:94:29:3E:BD:E0:98:05:D2:D6:22:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MpbYU2ObwBkplCk-veCYBdLWIqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/66f07d-adca-40b0-a0a0-e761819f475e/1/aQVPtkC5QLqu0QuHN4Ukf0gNT_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/66f07d-adca-40b0-a0a0-e761819f475e/1/MpbYU2ObwBkplCk-veCYBdLWIqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.88.0/22
185.51.136.0/22
IPv6:
2a04:c240::/29
2a0f:8a80::/29
Signature Algorithm: sha256WithRSAEncryption
29:48:6d:f9:15:26:54:6f:4b:72:d5:69:bc:9e:3f:b7:1a:6a:
d6:c6:7d:c0:a5:e9:08:06:7a:9e:df:8d:db:be:fe:ba:b3:6a:
6c:a0:a9:cb:00:5f:c6:c3:cc:dc:13:03:ea:b7:3d:bb:e4:83:
ff:75:39:6f:10:18:12:76:5e:02:0b:70:c3:23:94:e2:28:d0:
2e:09:92:e1:e2:35:f7:ab:eb:1d:59:59:b1:a2:5f:cd:69:43:
ad:cd:44:10:23:bf:9b:1d:fc:d8:fb:e2:d5:05:da:be:d4:e7:
be:a3:dd:6d:32:c0:93:26:ce:85:a9:68:49:11:46:0d:f5:4c:
84:ae:28:f5:01:89:7b:c1:cd:2c:1d:83:47:dd:31:0e:b3:67:
f7:7b:4c:e0:8a:fc:b6:7d:58:e2:46:fb:a6:e8:9a:6a:bd:3b:
7e:8c:27:2a:77:b6:45:6e:72:a4:e8:91:55:df:4d:9e:23:17:
9f:15:14:92:94:64:0d:39:0a:bf:10:14:7e:15:e0:e0:3b:e1:
2d:2d:8a:78:08:d0:f8:e8:56:a0:58:cc:21:8d:d0:cd:b7:89:
9d:0e:73:fe:37:69:c2:99:45:75:f4:4c:8d:e8:64:7d:9d:8b:
e4:58:10:56:3a:00:31:a0:6a:06:75:7b:f7:79:c9:80:83:a5:
19:32:0d:c0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVs+Em+LUR2zHjx8Tibh7RvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyOTZkODUzNjM5YmMwMTkyOTk0MjkzZWJkZTA5ODA1ZDJk
NjIyYTQwHhcNMjMwMTAxMTA1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA1NGZiNjQwYjk0MGJhYWVkMTBiODczNzg1MjQ3ZjQ4MGQ0ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWuiM1GGCutSE9wG753p2Ry6v4G1
cCUZDzbIEmUQTzsyOssuZt46LxIeJlXbETftY7wsKUp4b+6NRQ0SCm/DJ5CgYkdA
oVb97mr767tYut6/vpOVBJBreY7RVcx3m5fNGZD8wjnB8A99B33guLZmN1PnEwm1
AthDlwuZZ7q5u/RPtKsoWORqbuUEElB01bd/4AkEsTZEIZa6bIB3+QyySw0EKTBS
kLtOOcA7eukz6Y/w9MCviHEYYwjvwzf+xTmYq2ATWd0zhVIvnMmq7x8K4Wu8FbB0
wPAxkolVagXJIUiPl8EiBhucymAT4eyz5cV5929bgK1Df/aT4wXgT19iBwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGkFT7ZAuUC6rtELhzeFJH9IDU/9MB8GA1UdIwQY
MBaAFDKW2FNjm8AZKZQpPr3gmAXS1iKkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXBiWVUyT2J3QmtwbENrLXZlQ1lCZExXSXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82NmYwN2QtYWRjYS00MGIwLWEwYTAt
ZTc2MTgxOWY0NzVlLzEvYVFWUHRrQzVRTHF1MFF1SE40VWtmMGdOVF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82NmYwN2QtYWRjYS00MGIwLWEwYTAtZTc2MTgxOWY0NzVl
LzEvTXBiWVUyT2J3QmtwbENrLXZlQ1lCZExXSXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCX9ZYAwQC
uTOIMBQEAgACMA4DBQMqBMJAAwUDKg+KgDANBgkqhkiG9w0BAQsFAAOCAQEAKUht
+RUmVG9LctVpvJ4/txpq1sZ9wKXpCAZ6nt+N277+urNqbKCpywBfxsPM3BMD6rc9
u+SD/3U5bxAYEnZeAgtwwyOU4ijQLgmS4eI196vrHVlZsaJfzWlDrc1EECO/mx38
2Pvi1QXavtTnvqPdbTLAkybOhaloSRFGDfVMhK4o9QGJe8HNLB2DR90xDrNn93tM
4Ir8tn1Y4kb7puiaar07fownKne2RW5ypOiRVd9NniMXnxUUkpRkDTkKvxAUfhXg
4DvhLS2KeAjQ+OhWoFjMIY3QzbeJnQ5z/jdpwplFdfRMjehkfZ2L5FgQVjoAMaBq
BnV793nJgIOlGTINwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:34 2024 by rpki-client on console-fra.rpki-client.org