Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/Db5rbmLkhbhQJI_OWNnfGxBJISw.roa
File: Db5rbmLkhbhQJI_OWNnfGxBJISw.roa (raw, json)
Hash identifier: wH5jByO+xo/+BKJs/67CUxijogzU9H3Cj/PZHx5mL/4=
Subject key identifier: 0D:BE:6B:6E:62:E4:85:B8:50:24:8F:CE:58:D9:DF:1B:10:49:21:2C
Certificate issuer: /CN=aa8b798ce7adaeae9e70915ba2cbcf83fe65d9dd
Certificate serial: 01856C6EFB468D70AED04E47B8C8D800EDB7
Authority key identifier: AA:8B:79:8C:E7:AD:AE:AE:9E:70:91:5B:A2:CB:CF:83:FE:65:D9:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qot5jOetrq6ecJFbosvPg_5l2d0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/Db5rbmLkhbhQJI_OWNnfGxBJISw.roa
Signing time: Sun 01 Jan 2023 08:24:50 +0000
ROA not before: Sun 01 Jan 2023 08:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49063
IP address blocks: 95.181.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:fb:46:8d:70:ae:d0:4e:47:b8:c8:d8:00:ed:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa8b798ce7adaeae9e70915ba2cbcf83fe65d9dd
Validity
Not Before: Jan 1 08:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dbe6b6e62e485b850248fce58d9df1b1049212c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:63:21:34:9b:a6:94:72:1c:e5:2f:6b:3d:10:
78:74:35:8e:15:73:f4:70:44:22:69:17:10:77:a1:
7f:66:3c:59:ee:b7:00:bc:16:6d:76:29:0b:93:0f:
88:9e:2d:71:9a:b7:66:22:b7:fa:91:4d:fc:ce:65:
24:25:41:fd:32:2f:be:59:48:6a:c3:1a:b0:12:df:
9b:1e:82:90:99:b3:06:a4:46:65:b8:f3:13:d9:11:
84:00:13:d3:a7:f7:d2:1a:51:35:ae:ce:14:8c:13:
ca:fc:b2:b4:18:a4:39:1e:6b:0a:01:f8:f9:3f:a0:
f2:0f:56:59:2a:09:fb:48:62:66:52:69:3f:f6:49:
4d:7a:bc:7d:d1:01:04:53:b6:5e:f7:38:84:b3:bf:
f5:7e:3b:eb:0e:fa:92:4d:51:0a:3c:36:f3:3a:70:
02:98:ff:fb:fd:5d:67:55:01:f4:70:b3:e5:ed:7a:
57:0d:f3:b1:03:f1:fa:27:e0:00:32:34:c7:3c:e7:
d2:1d:bd:85:ee:bb:d5:49:28:84:17:a5:fc:55:ca:
a7:b6:99:fd:21:e0:2f:61:c3:e8:0a:92:d6:e4:33:
70:da:7d:02:60:4e:21:b4:9e:c9:5d:50:54:5b:d5:
09:9d:dd:6e:34:f6:de:f0:f8:34:4e:cd:4f:a9:7b:
bb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:BE:6B:6E:62:E4:85:B8:50:24:8F:CE:58:D9:DF:1B:10:49:21:2C
X509v3 Authority Key Identifier:
keyid:AA:8B:79:8C:E7:AD:AE:AE:9E:70:91:5B:A2:CB:CF:83:FE:65:D9:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qot5jOetrq6ecJFbosvPg_5l2d0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/Db5rbmLkhbhQJI_OWNnfGxBJISw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/qot5jOetrq6ecJFbosvPg_5l2d0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:24:56:96:6b:e9:10:78:54:93:75:d1:0d:80:a3:5d:e2:e8:
6f:a6:91:ae:15:0f:de:df:81:fb:93:89:fb:f9:89:ab:12:9b:
55:28:60:94:66:22:d8:0b:d9:8e:23:50:64:5c:a9:57:84:e0:
7d:7f:e1:95:97:6b:b7:eb:44:da:97:d5:c7:64:66:03:d7:b4:
fb:e4:71:f1:50:4a:53:a5:05:82:26:6d:ee:c1:6c:e3:db:1e:
6a:95:6f:93:87:10:9a:43:79:3b:27:76:3a:4c:d9:6f:52:8c:
84:42:9a:65:34:7d:df:3d:a7:03:e9:e1:8a:82:2a:10:37:2d:
06:fb:56:68:eb:9a:1f:66:23:79:27:95:38:d1:73:e9:6c:8e:
4b:6d:9c:b6:d7:af:5e:64:9b:a4:73:0f:fc:12:6d:9a:73:b2:
74:f0:d8:08:88:b0:4b:f5:6f:2b:bf:a6:29:52:4f:52:d3:70:
7f:78:ac:db:d2:b5:25:ea:5e:f1:a0:b6:3c:f5:cb:3a:58:0c:
85:97:32:b6:7a:0d:a1:94:31:cb:86:63:1b:ba:82:c0:4f:64:
4c:cf:b1:ab:d9:3c:49:6f:b5:8e:96:cd:44:2d:43:3e:59:c4:
66:a2:57:91:e8:2c:e5:e0:e7:f1:06:f6:cc:b5:bc:f6:6f:1c:
7e:04:be:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvtGjXCu0E5HuMjYAO23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOGI3OThjZTdhZGFlYWU5ZTcwOTE1YmEyY2JjZjgzZmU2
NWQ5ZGQwHhcNMjMwMTAxMDgyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGJlNmI2ZTYyZTQ4NWI4NTAyNDhmY2U1OGQ5ZGYxYjEwNDkyMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWMhNJumlHIc5S9rPRB4dDWOFXP0
cEQiaRcQd6F/ZjxZ7rcAvBZtdikLkw+Ini1xmrdmIrf6kU38zmUkJUH9Mi++WUhq
wxqwEt+bHoKQmbMGpEZluPMT2RGEABPTp/fSGlE1rs4UjBPK/LK0GKQ5HmsKAfj5
P6DyD1ZZKgn7SGJmUmk/9klNerx90QEEU7Ze9ziEs7/1fjvrDvqSTVEKPDbzOnAC
mP/7/V1nVQH0cLPl7XpXDfOxA/H6J+AAMjTHPOfSHb2F7rvVSSiEF6X8Vcqntpn9
IeAvYcPoCpLW5DNw2n0CYE4htJ7JXVBUW9UJnd1uNPbe8Pg0Ts1PqXu7kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA2+a25i5IW4UCSPzljZ3xsQSSEsMB8GA1UdIwQY
MBaAFKqLeYznra6unnCRW6LLz4P+ZdndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW90NWpPZXRycTZlY0pGYm9zdlBnXzVsMmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hMWY5ZGYtYzQ4ZS00OTdmLWFkMzMt
ODJmYWY4ZjNiMTgwLzEvRGI1cmJtTGtoYmhRSklfT1dObmZHeEJKSVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hMWY5ZGYtYzQ4ZS00OTdmLWFkMzMtODJmYWY4ZjNiMTgw
LzEvcW90NWpPZXRycTZlY0pGYm9zdlBnXzVsMmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7XGMA0G
CSqGSIb3DQEBCwUAA4IBAQBdJFaWa+kQeFSTddENgKNd4uhvppGuFQ/e34H7k4n7
+YmrEptVKGCUZiLYC9mOI1BkXKlXhOB9f+GVl2u360Tal9XHZGYD17T75HHxUEpT
pQWCJm3uwWzj2x5qlW+ThxCaQ3k7J3Y6TNlvUoyEQpplNH3fPacD6eGKgioQNy0G
+1Zo65ofZiN5J5U40XPpbI5LbZy2169eZJukcw/8Em2ac7J08NgIiLBL9W8rv6Yp
Uk9S03B/eKzb0rUl6l7xoLY89cs6WAyFlzK2eg2hlDHLhmMbuoLAT2RMz7Gr2TxJ
b7WOls1ELUM+WcRmoleR6Czl4OfxBvbMtbz2bxx+BL6v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:44 2024 by rpki-client on console-fra.rpki-client.org