Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/95Lr_CVUwTGuWMEkJsajxoUlN5Y.roa
File: 95Lr_CVUwTGuWMEkJsajxoUlN5Y.roa (raw, json)
Hash identifier: huehBw2efr5rDVTEOxjukjnHNE8JFGT4+b9UEBvY8ow=
Subject key identifier: F7:92:EB:FC:25:54:C1:31:AE:58:C1:24:26:C6:A3:C6:85:25:37:96
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ADFEFF89B5CA7841F5F5B7DA35537B5B4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/95Lr_CVUwTGuWMEkJsajxoUlN5Y.roa
Signing time: Fri 29 Sep 2023 07:56:00 +0000
ROA not before: Fri 29 Sep 2023 07:56:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202685
IP address blocks: 2.58.95.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:ef:f8:9b:5c:a7:84:1f:5f:5b:7d:a3:55:37:b5:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 29 07:56:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f792ebfc2554c131ae58c12426c6a3c685253796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d7:82:89:c9:9d:c1:84:c4:59:78:ee:e9:9d:
d8:32:25:bd:f8:98:d4:de:61:66:f6:c9:d6:0e:2e:
28:28:bf:34:b7:e5:f8:8e:99:d3:17:39:58:14:67:
0c:79:69:0d:ba:f3:b0:0b:22:f9:61:75:8b:47:fa:
8f:4d:77:00:ad:e1:85:f1:b8:52:dc:a7:99:e5:5f:
64:89:c9:7e:5a:1a:06:9c:f8:92:1a:85:06:f2:2e:
20:85:4a:f7:32:7d:9d:10:44:dd:d6:5f:e0:bd:98:
0d:f3:52:46:12:1e:39:08:7e:d6:90:20:77:87:9b:
3a:cf:50:bd:35:ca:94:2c:42:82:00:10:0c:49:a3:
43:3a:77:2e:54:6b:13:75:d2:a3:e7:79:af:df:3e:
30:fd:fa:b6:76:22:ef:79:2f:c0:26:32:19:3d:80:
88:6b:7c:a1:10:8b:91:a9:eb:6c:6c:fb:86:78:05:
eb:44:84:0e:84:12:be:95:b0:c5:55:5c:55:3d:b7:
49:ea:91:eb:98:ac:c3:d5:bc:77:75:e1:e2:5a:01:
0c:97:46:71:d7:52:8b:eb:a6:6f:ff:2b:dc:fc:6f:
b4:1b:9b:45:2e:f4:ec:94:08:16:f5:b4:d5:06:ff:
8a:b6:05:94:f8:49:7f:52:91:c1:1f:1c:d0:9b:35:
ef:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:92:EB:FC:25:54:C1:31:AE:58:C1:24:26:C6:A3:C6:85:25:37:96
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/95Lr_CVUwTGuWMEkJsajxoUlN5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.211.0/24
45.128.232.0/24
84.54.51.0/24
87.121.58.0/24
87.121.69.0/24
94.103.124.0/24
141.98.4.0/24
147.78.102.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
61:92:1b:bc:cb:72:8a:76:7a:93:c4:d4:fe:eb:de:33:8f:59:
87:e6:56:f5:e7:49:eb:a1:40:bb:b1:16:56:8e:d1:a6:3a:62:
ef:16:f1:e2:45:b2:2a:58:3f:20:ff:22:e2:4c:d2:ce:78:66:
f0:43:ac:84:b1:37:4e:01:5f:88:9a:10:64:6a:2b:62:3a:8b:
2f:c5:70:2e:47:90:97:9f:66:53:77:b5:6f:66:99:02:85:18:
7c:78:5a:4f:f6:1c:3b:43:44:fb:fa:2f:30:a8:59:55:0b:04:
34:a6:77:f8:b8:73:44:25:6e:27:d1:c9:99:98:f9:40:21:6e:
b9:3a:6e:d1:52:52:ce:9c:48:cb:76:e1:4e:20:3d:03:a9:e7:
3f:e1:07:a9:58:5c:e9:e3:93:1b:29:8c:af:69:09:d5:56:30:
d4:2b:18:57:81:9f:eb:90:dc:b5:77:44:44:3b:0c:b5:8a:ec:
20:1e:24:d5:4c:84:08:dc:96:c8:95:f5:97:d5:7c:8d:5d:5d:
ef:4f:e0:bd:de:64:63:13:07:13:8f:64:41:29:ea:45:0f:43:
9f:04:5d:fa:b1:15:8c:05:68:ba:f8:18:b9:35:e3:ee:15:e2:
c0:cc:2e:88:17:81:a8:d1:7d:32:8b:ce:d6:d4:e3:2c:bf:b5:
e3:9e:a6:e8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYrf7/ibXKeEH19bfaNVN7W0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTI5MDc1NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzkyZWJmYzI1NTRjMTMxYWU1OGMxMjQyNmM2YTNjNjg1MjUzNzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmteCicmdwYTEWXju6Z3YMiW9+JjU
3mFm9snWDi4oKL80t+X4jpnTFzlYFGcMeWkNuvOwCyL5YXWLR/qPTXcAreGF8bhS
3KeZ5V9kicl+WhoGnPiSGoUG8i4ghUr3Mn2dEETd1l/gvZgN81JGEh45CH7WkCB3
h5s6z1C9NcqULEKCABAMSaNDOncuVGsTddKj53mv3z4w/fq2diLveS/AJjIZPYCI
a3yhEIuRqetsbPuGeAXrRIQOhBK+lbDFVVxVPbdJ6pHrmKzD1bx3deHiWgEMl0Zx
11KL66Zv/yvc/G+0G5tFLvTslAgW9bTVBv+KtgWU+El/UpHBHxzQmzXvbQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPeS6/wlVMExrljBJCbGo8aFJTeWMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOTVMcl9DVlV3VEd1V01Fa0pzYWp4b1VsTjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAAjpfAwQA
Hw3TAwQALYDoAwQAVDYzAwQAV3k6AwQAV3lFAwQAXmd8AwQAjWIEAwQAk05mAwQA
wSMSMA0GCSqGSIb3DQEBCwUAA4IBAQBhkhu8y3KKdnqTxNT+694zj1mH5lb150nr
oUC7sRZWjtGmOmLvFvHiRbIqWD8g/yLiTNLOeGbwQ6yEsTdOAV+ImhBkaitiOosv
xXAuR5CXn2ZTd7VvZpkChRh8eFpP9hw7Q0T7+i8wqFlVCwQ0pnf4uHNEJW4n0cmZ
mPlAIW65Om7RUlLOnEjLduFOID0Dqec/4QepWFzp45MbKYyvaQnVVjDUKxhXgZ/r
kNy1d0REOwy1iuwgHiTVTIQI3JbIlfWX1XyNXV3vT+C93mRjEwcTj2RBKepFD0Of
BF36sRWMBWi6+Bi5NePuFeLAzC6IF4Go0X0yi87W1OMsv7Xjnqbo
-----END CERTIFICATE-----
Generated at Mon Oct 2 10:44:53 2023 by rpki-client on console-ams.rpki-client.org