Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jQA6PsZPtuwL_aWC21ZfljnQrPQ.roa
File: jQA6PsZPtuwL_aWC21ZfljnQrPQ.roa (raw, json)
Hash identifier: aI3TUYAOsWVSq/aRcJEaz+I9DqJ8JjEcheUljcgoCZo=
Subject key identifier: 8D:00:3A:3E:C6:4F:B6:EC:0B:FD:A5:82:DB:56:5F:96:39:D0:AC:F4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C2442B8A43A2FA4CF9C6D9F263EACAB53
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jQA6PsZPtuwL_aWC21ZfljnQrPQ.roa
Signing time: Fri 01 Dec 2023 07:23:21 +0000
ROA not before: Fri 01 Dec 2023 07:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211760
IP address blocks: 95.214.26.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:42:b8:a4:3a:2f:a4:cf:9c:6d:9f:26:3e:ac:ab:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 1 07:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d003a3ec64fb6ec0bfda582db565f9639d0acf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:e9:57:a6:f7:f6:f3:54:0c:74:2d:0e:e6:d0:
16:a0:12:4b:29:f3:83:2a:f9:7d:36:c0:93:c3:b2:
c0:11:6c:55:0d:d6:e8:d6:f7:11:b3:f9:cd:8d:dc:
de:8a:37:e8:76:a0:d8:5b:46:50:ec:7f:d8:4f:bb:
80:20:11:5e:64:66:b9:76:ed:b8:a4:36:c0:63:3e:
1c:c1:62:e3:a6:0e:19:b6:6c:34:73:45:8f:39:7d:
67:a2:24:6b:6f:7b:c4:9b:bf:d2:65:21:7e:41:32:
2f:41:6a:70:08:f4:c6:fa:13:36:c9:17:53:2b:5f:
73:2e:6e:4e:37:8c:8c:a3:d4:64:33:b1:eb:a9:a0:
69:14:ed:ba:3c:4c:59:2c:8f:d1:3b:a2:0e:86:97:
36:88:1d:c4:b5:8e:a9:a1:12:b2:a7:89:78:15:5a:
d4:20:77:77:06:24:34:e6:fc:9b:e3:73:0b:70:9e:
cd:87:39:f7:35:a3:69:87:de:43:b8:3a:51:ba:b5:
bb:6c:b7:65:92:14:f1:ba:ff:bd:4a:3a:37:a7:98:
ab:03:cd:e5:57:59:a4:24:16:3d:1f:fd:47:fe:e8:
e2:f7:5a:cb:9a:49:0c:1f:5b:a0:d1:03:b1:19:30:
31:a2:0f:a9:fe:b2:64:95:33:ec:b5:5d:a2:72:e3:
7c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:00:3A:3E:C6:4F:B6:EC:0B:FD:A5:82:DB:56:5F:96:39:D0:AC:F4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jQA6PsZPtuwL_aWC21ZfljnQrPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.25.0-95.214.26.255
Signature Algorithm: sha256WithRSAEncryption
32:b2:2e:a2:f1:4b:92:cc:4e:e9:7f:c1:63:3d:bc:a3:b9:16:
f6:d5:13:0f:3d:a3:24:29:40:cc:d8:6f:19:42:e0:3f:71:3a:
4d:2b:2f:5b:3b:1a:18:f6:0a:b7:6a:8a:20:7b:00:30:22:bc:
20:8e:b5:e2:a7:0a:86:0e:31:ef:a8:24:3d:24:10:f7:be:6e:
6e:4a:b0:0e:79:9d:a0:61:eb:22:eb:e6:83:ed:49:d5:82:c3:
da:6e:3b:ac:a5:ce:67:8a:17:3c:69:9b:56:07:72:2e:f1:42:
97:e4:8e:9c:0c:11:b3:d0:54:cc:a7:30:c5:e1:58:5c:78:60:
c6:87:6b:0b:c3:d8:7a:53:90:21:0e:c9:a3:40:ce:8c:f7:00:
50:46:46:b4:38:65:ae:88:cc:fb:a8:19:83:6a:3d:0a:fc:3f:
36:59:2c:e2:9b:51:9c:bd:17:b6:93:97:b1:6f:55:c4:09:94:
88:26:46:24:45:cc:cb:f7:63:d8:bc:54:5e:3d:a7:4d:04:cc:
13:ec:02:10:1a:5f:e8:d4:b1:64:52:7b:41:61:15:c2:82:91:
2e:22:55:9c:60:eb:84:8b:e1:31:34:db:08:96:d1:d7:d1:91:
28:60:17:81:ef:7d:9c:98:43:cf:02:4d:a1:f3:51:d5:e5:53:
6b:39:4f:27
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYwkQrikOi+kz5xtnyY+rKtTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjAxMDcyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDAwM2EzZWM2NGZiNmVjMGJmZGE1ODJkYjU2NWY5NjM5ZDBhY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9elXpvf281QMdC0O5tAWoBJLKfOD
Kvl9NsCTw7LAEWxVDdbo1vcRs/nNjdzeijfodqDYW0ZQ7H/YT7uAIBFeZGa5du24
pDbAYz4cwWLjpg4Ztmw0c0WPOX1noiRrb3vEm7/SZSF+QTIvQWpwCPTG+hM2yRdT
K19zLm5ON4yMo9RkM7HrqaBpFO26PExZLI/RO6IOhpc2iB3EtY6poRKyp4l4FVrU
IHd3BiQ05vyb43MLcJ7Nhzn3NaNph95DuDpRurW7bLdlkhTxuv+9Sjo3p5irA83l
V1mkJBY9H/1H/uji91rLmkkMH1ug0QOxGTAxog+p/rJklTPstV2icuN8zQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFI0AOj7GT7bsC/2lgttWX5Y50Kz0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvalFBNlBzWlB0dXdMX2FXQzIxWmZsam5RclBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABf1hkD
BABf1howDQYJKoZIhvcNAQELBQADggEBADKyLqLxS5LMTul/wWM9vKO5FvbVEw89
oyQpQMzYbxlC4D9xOk0rL1s7Ghj2CrdqiiB7ADAivCCOteKnCoYOMe+oJD0kEPe+
bm5KsA55naBh6yLr5oPtSdWCw9puO6ylzmeKFzxpm1YHci7xQpfkjpwMEbPQVMyn
MMXhWFx4YMaHawvD2HpTkCEOyaNAzoz3AFBGRrQ4Za6IzPuoGYNqPQr8PzZZLOKb
UZy9F7aTl7FvVcQJlIgmRiRFzMv3Y9i8VF49p00EzBPsAhAaX+jUsWRSe0FhFcKC
kS4iVZxg64SL4TE02wiW0dfRkShgF4HvfZyYQ88CTaHzUdXlU2s5Tyc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:13 2024 by rpki-client on console-ams.rpki-client.org