Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/yUMrDeJMUN1yOJv46nNL81gV-bg.roa
File: yUMrDeJMUN1yOJv46nNL81gV-bg.roa (raw, json)
Hash identifier: JBvUYDH/6ekosywgP6WQAkqYoWPwOlrGuIf7iBBOHhY=
Subject key identifier: C9:43:2B:0D:E2:4C:50:DD:72:38:9B:F8:EA:73:4B:F3:58:15:F9:B8
Certificate issuer: /CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Certificate serial: 01856D8AACD5B4CEB05452112DADAABA616C
Authority key identifier: 6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/yUMrDeJMUN1yOJv46nNL81gV-bg.roa
Signing time: Sun 01 Jan 2023 13:34:42 +0000
ROA not before: Sun 01 Jan 2023 13:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57793
IP address blocks: 95.131.81.0/24 maxlen: 24
95.131.82.0/23 maxlen: 24
95.131.84.0/22 maxlen: 24
2a02:ef8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:ac:d5:b4:ce:b0:54:52:11:2d:ad:aa:ba:61:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Validity
Not Before: Jan 1 13:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9432b0de24c50dd72389bf8ea734bf35815f9b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c7:05:8a:ae:b8:66:11:0c:ec:8c:c3:7e:10:
f1:09:01:38:98:53:b8:35:61:36:80:64:18:4e:dc:
d4:05:71:eb:3c:2d:b9:2b:88:8c:bb:a5:ce:a1:28:
5c:59:78:1f:79:fc:71:fe:76:0d:fc:30:aa:a6:b5:
23:07:81:6a:f6:91:9b:95:24:1c:a9:e8:c3:18:3f:
f4:fa:15:0a:0a:19:ed:57:be:a5:32:ea:be:42:aa:
b9:7e:6f:36:32:12:da:5e:eb:67:38:ac:5b:a0:ca:
5f:fd:30:e1:78:a5:9e:77:f8:12:f1:60:b0:d6:7b:
b0:10:b7:e5:8a:f7:af:e8:05:86:85:9f:0d:33:1b:
43:30:8d:cf:c4:f3:d8:a4:98:f3:70:ee:fa:34:be:
f2:6b:c2:38:bc:5e:5f:1e:33:be:a3:8a:77:44:0d:
cc:83:12:17:23:6c:1f:6f:46:ff:5f:e7:c5:1e:36:
4e:4b:e9:60:9c:43:85:7a:ac:79:af:f8:60:31:e6:
4b:f1:93:ad:30:5c:c5:21:1f:a8:95:7d:71:10:f2:
35:0a:d6:38:ce:44:c5:77:13:74:de:ac:00:ed:04:
3a:e0:97:8d:a7:8f:97:b2:5f:0a:46:3d:b3:eb:68:
54:15:42:65:53:ad:39:97:e9:0f:a6:47:24:76:45:
39:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:43:2B:0D:E2:4C:50:DD:72:38:9B:F8:EA:73:4B:F3:58:15:F9:B8
X509v3 Authority Key Identifier:
keyid:6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/yUMrDeJMUN1yOJv46nNL81gV-bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/bkBn13v-qZ3yXOXgipIT0RKAFM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.81.0-95.131.87.255
IPv6:
2a02:ef8::/32
Signature Algorithm: sha256WithRSAEncryption
06:a8:05:12:1e:c7:47:dc:44:0e:68:ed:4c:5e:0a:9a:5b:0d:
c8:2c:55:a0:0a:07:05:32:55:c4:31:50:ec:22:ef:28:a3:4a:
e5:aa:51:3e:a0:cb:57:8f:6f:d8:aa:4f:82:20:3c:ca:a9:78:
ba:a5:f2:9f:07:30:7a:40:37:fb:2a:70:20:51:8b:f1:bb:26:
af:4a:5a:96:41:da:95:8c:80:ad:d3:8a:ab:1c:d5:0d:7b:a0:
fc:35:1e:25:80:05:b0:36:79:70:c5:b8:e5:04:48:5e:fc:ba:
16:53:3a:c0:ea:a6:20:37:58:97:72:eb:4b:d9:49:74:6f:31:
48:eb:fc:16:c5:c6:31:a9:2c:14:35:b4:da:d0:64:a8:6e:b8:
46:db:dd:b3:00:81:0c:14:04:7a:7e:b8:2e:ed:0c:9e:62:36:
74:bf:d6:cd:72:25:1f:43:a6:73:67:c1:59:46:44:aa:8d:f8:
e1:50:88:d7:83:38:ac:62:7b:ba:35:63:04:91:87:ba:12:14:
62:db:c2:c7:f5:fd:14:a4:4b:a2:ba:b4:c4:36:85:f5:06:93:
4e:41:23:c4:a7:2d:e1:60:9b:80:f2:0b:a9:f8:d7:c3:a2:96:
9a:ea:aa:a0:6c:e1:d0:40:6a:a8:57:b1:0c:99:37:ce:86:1d:
55:db:ba:5c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtiqzVtM6wVFIRLa2qumFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDA2N2Q3N2JmZWE5OWRmMjVjZTVlMDhhOTIxM2QxMTI4
MDE0Y2YwHhcNMjMwMTAxMTMzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTQzMmIwZGUyNGM1MGRkNzIzODliZjhlYTczNGJmMzU4MTVmOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjccFiq64ZhEM7IzDfhDxCQE4mFO4
NWE2gGQYTtzUBXHrPC25K4iMu6XOoShcWXgfefxx/nYN/DCqprUjB4Fq9pGblSQc
qejDGD/0+hUKChntV76lMuq+Qqq5fm82MhLaXutnOKxboMpf/TDheKWed/gS8WCw
1nuwELflivev6AWGhZ8NMxtDMI3PxPPYpJjzcO76NL7ya8I4vF5fHjO+o4p3RA3M
gxIXI2wfb0b/X+fFHjZOS+lgnEOFeqx5r/hgMeZL8ZOtMFzFIR+olX1xEPI1CtY4
zkTFdxN03qwA7QQ64JeNp4+Xsl8KRj2z62hUFUJlU605l+kPpkckdkU5awIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMlDKw3iTFDdcjib+OpzS/NYFfm4MB8GA1UdIwQY
MBaAFG5AZ9d7/qmd8lzl4IqSE9ESgBTPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtCbjEzdi1xWjN5WE9YZ2lwSVQwUktBRk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ODllY2EtM2YxOS00ZTIzLWEzZmIt
MzMwM2Y3MTYyMmY5LzEveVVNckRlSk1VTjF5T0p2NDZuTkw4MWdWLWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81ODllY2EtM2YxOS00ZTIzLWEzZmItMzMwM2Y3MTYyMmY5
LzEvYmtCbjEzdi1xWjN5WE9YZ2lwSVQwUktBRk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBABfg1ED
BANfg1AwDQQCAAIwBwMFACoCDvgwDQYJKoZIhvcNAQELBQADggEBAAaoBRIex0fc
RA5o7UxeCppbDcgsVaAKBwUyVcQxUOwi7yijSuWqUT6gy1ePb9iqT4IgPMqpeLql
8p8HMHpAN/sqcCBRi/G7Jq9KWpZB2pWMgK3Tiqsc1Q17oPw1HiWABbA2eXDFuOUE
SF78uhZTOsDqpiA3WJdy60vZSXRvMUjr/BbFxjGpLBQ1tNrQZKhuuEbb3bMAgQwU
BHp+uC7tDJ5iNnS/1s1yJR9DpnNnwVlGRKqN+OFQiNeDOKxie7o1YwSRh7oSFGLb
wsf1/RSkS6K6tMQ2hfUGk05BI8SnLeFgm4DyC6n418OilprqqqBs4dBAaqhXsQyZ
N86GHVXbulw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:45 2024 by rpki-client on console-fra.rpki-client.org