Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/u9WthwRnbx1Md9aLYnHuAdZVlyc.roa
File: u9WthwRnbx1Md9aLYnHuAdZVlyc.roa (raw, json)
Hash identifier: EoCv3CqQVLTQWKE0rgNYBGOsDfetL/Kfo5wiwPyrf7Q=
Subject key identifier: BB:D5:AD:87:04:67:6F:1D:4C:77:D6:8B:62:71:EE:01:D6:55:97:27
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC801FDED982803391FDDC3ED0B16F709
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/u9WthwRnbx1Md9aLYnHuAdZVlyc.roa
Signing time: Tue 02 Jan 2024 02:30:22 +0000
ROA not before: Tue 02 Jan 2024 02:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8443
IP address blocks: 95.159.128.0/18 maxlen: 18
95.159.174.0/23 maxlen: 23
95.159.182.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 21 Mar 2024 06:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:fd:ed:98:28:03:39:1f:dd:c3:ed:0b:16:f7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbd5ad8704676f1d4c77d68b6271ee01d6559727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:74:af:ed:51:c5:43:18:af:87:f1:f6:68:60:
aa:a6:57:4b:a0:4d:f7:59:cb:ca:89:f1:ba:ca:49:
7f:0e:cd:d4:c9:e7:f6:de:bc:f7:86:a0:bb:73:0a:
45:64:95:97:49:62:a5:d1:08:c5:2a:84:e3:9e:6b:
c3:ff:33:75:46:80:9e:38:77:13:14:1c:91:0b:d8:
f9:51:2b:6f:75:0e:83:15:66:ed:c1:6b:7e:c3:a8:
e3:be:aa:63:8e:96:3f:f1:ba:e0:70:b3:d3:c8:fb:
52:86:05:6f:39:fd:15:51:5f:09:a9:d9:d2:5c:93:
d9:fd:7d:9a:41:f2:39:f3:04:e8:4a:04:e3:17:9c:
22:da:74:86:9a:e3:c8:c6:e2:82:f3:3c:97:8f:c2:
ea:1d:ac:e6:6b:f7:81:09:7d:b8:e0:ba:e8:72:62:
ef:b6:9e:0f:86:4a:7b:70:dd:71:7a:a6:06:d6:44:
45:41:dc:22:03:bf:0a:98:b7:81:0c:69:bb:83:21:
52:c5:09:49:d3:46:10:0d:7c:b1:1b:15:ee:af:38:
2c:68:76:17:02:1a:0c:62:d5:8f:2b:3b:af:b5:9d:
5a:9d:f9:66:95:51:12:7f:8f:fb:67:53:c9:f5:1e:
5a:1b:59:2d:18:c6:f5:23:02:bf:13:6e:a2:c4:1c:
e5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D5:AD:87:04:67:6F:1D:4C:77:D6:8B:62:71:EE:01:D6:55:97:27
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/u9WthwRnbx1Md9aLYnHuAdZVlyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.159.128.0/18
Signature Algorithm: sha256WithRSAEncryption
03:6f:d9:92:7d:03:dd:76:04:f0:f9:db:37:c8:01:42:40:7b:
ea:e5:b2:c8:f7:ed:92:6f:30:0c:5b:b3:62:0d:7a:cd:ad:1a:
92:32:8c:7b:61:97:4e:2d:b8:dd:25:fb:c3:ed:8c:86:f7:dc:
03:ad:db:5c:9b:9a:01:ef:59:44:97:c0:32:c6:7c:d6:89:19:
ae:38:5a:48:90:e0:b9:9c:a9:bd:06:33:0c:71:f0:e9:ab:1e:
7e:46:2d:dc:31:62:59:b2:84:72:03:de:0b:fe:f3:ca:05:86:
14:61:56:26:04:b8:a5:7f:c2:6f:f1:cf:56:b4:4a:84:a0:b7:
84:fb:3b:f0:e6:69:7f:7b:ad:8b:26:9e:ea:e9:d9:9d:70:29:
0a:e9:66:0a:44:5d:e1:ce:c4:50:48:a3:7e:a4:18:2e:19:53:
99:5b:5a:48:b0:7a:65:06:29:5b:dc:6c:c1:67:e1:9f:5a:90:
10:cc:42:e2:4c:d4:e9:ad:dc:4f:07:19:a3:65:68:7a:a3:88:
fa:07:5f:3d:99:4c:88:48:b6:18:cf:ea:c9:55:37:db:70:f8:
ca:76:6d:39:7c:f0:3d:86:5b:c0:49:54:0e:2c:e3:3a:ef:d5:
8d:e8:c7:f2:19:9c:2b:71:5c:a3:1f:59:d7:0c:89:da:63:2c:
d5:d1:bc:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAf3tmCgDOR/dw+0LFvcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ1YWQ4NzA0Njc2ZjFkNGM3N2Q2OGI2MjcxZWUwMWQ2NTU5NzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3Sv7VHFQxivh/H2aGCqpldLoE33
WcvKifG6ykl/Ds3Uyef23rz3hqC7cwpFZJWXSWKl0QjFKoTjnmvD/zN1RoCeOHcT
FByRC9j5UStvdQ6DFWbtwWt+w6jjvqpjjpY/8brgcLPTyPtShgVvOf0VUV8JqdnS
XJPZ/X2aQfI58wToSgTjF5wi2nSGmuPIxuKC8zyXj8LqHazma/eBCX244LrocmLv
tp4Phkp7cN1xeqYG1kRFQdwiA78KmLeBDGm7gyFSxQlJ00YQDXyxGxXurzgsaHYX
AhoMYtWPKzuvtZ1anflmlVESf4/7Z1PJ9R5aG1ktGMb1IwK/E26ixBzl4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvVrYcEZ28dTHfWi2Jx7gHWVZcnMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvdTlXdGh3Um5ieDFNZDlhTFluSHVBZFpWbHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGX5+AMA0G
CSqGSIb3DQEBCwUAA4IBAQADb9mSfQPddgTw+ds3yAFCQHvq5bLI9+2SbzAMW7Ni
DXrNrRqSMox7YZdOLbjdJfvD7YyG99wDrdtcm5oB71lEl8AyxnzWiRmuOFpIkOC5
nKm9BjMMcfDpqx5+Ri3cMWJZsoRyA94L/vPKBYYUYVYmBLilf8Jv8c9WtEqEoLeE
+zvw5ml/e62LJp7q6dmdcCkK6WYKRF3hzsRQSKN+pBguGVOZW1pIsHplBilb3GzB
Z+GfWpAQzELiTNTprdxPBxmjZWh6o4j6B189mUyISLYYz+rJVTfbcPjKdm05fPA9
hlvASVQOLOM679WN6MfyGZwrcVyjH1nXDInaYyzV0bwT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:56 2024 by rpki-client on console-fra.rpki-client.org