Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/Mjis0QV3F5qhFliH3Mr8WFjhvNw.roa
File: Mjis0QV3F5qhFliH3Mr8WFjhvNw.roa (raw, json)
Hash identifier: CyYy4kAsUSvOLieXeTVU/njlAQ5YBhaG9SWvuHXOL80=
Subject key identifier: 32:38:AC:D1:05:77:17:9A:A1:16:58:87:DC:CA:FC:58:58:E1:BC:DC
Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Certificate serial: 01856DC1B17D360C0C76B9A429069D12BBF0
Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/Mjis0QV3F5qhFliH3Mr8WFjhvNw.roa
Signing time: Sun 01 Jan 2023 14:34:48 +0000
ROA not before: Sun 01 Jan 2023 14:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48519
IP address blocks: 185.95.96.0/23 maxlen: 24
185.95.98.0/23 maxlen: 24
2a00:1c3e:96::/47 maxlen: 48
2a00:1c3e:98::/47 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:b1:7d:36:0c:0c:76:b9:a4:29:06:9d:12:bb:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Validity
Not Before: Jan 1 14:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3238acd10577179aa1165887dccafc5858e1bcdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:57:81:fb:bf:e0:3c:7e:43:9b:a5:bd:2a:9f:
97:73:ba:0b:20:99:e4:b1:7d:1f:01:3b:07:c9:d5:
41:9d:49:d6:c4:0d:9d:21:b7:c2:bc:18:88:9a:6d:
a5:45:f2:83:1e:79:18:fe:e4:19:9c:04:3c:ed:f9:
b3:f4:5b:aa:8e:f3:88:34:1c:fe:61:60:5f:b2:a8:
d2:92:fa:43:0c:ee:36:2e:8e:cb:30:52:a3:5c:f2:
0f:be:f4:ad:cf:49:c1:d0:8d:b0:25:f5:37:39:2a:
4d:49:81:59:c4:6a:3e:bc:af:7a:53:c1:48:fc:59:
92:be:79:21:04:3a:c4:4a:34:3c:ac:e5:40:2e:a1:
cf:d7:3f:41:45:f2:61:94:b7:86:42:a8:0d:ac:2a:
a4:e1:ec:4a:38:1f:88:47:66:f3:aa:38:63:14:b3:
ae:78:ab:26:da:ba:09:84:a0:0d:ab:bb:d0:8b:f0:
fb:ad:55:48:72:c6:0b:98:3c:8e:e6:2a:ce:71:8c:
ff:18:e0:50:1f:7b:41:02:dc:8c:5f:48:49:fd:d0:
b6:9f:de:9e:b4:5a:66:ea:1b:d9:d4:f5:52:42:36:
80:c6:ad:b1:82:03:bc:1e:5f:b3:7b:35:4b:cf:01:
29:39:53:70:4a:f2:74:93:ac:6f:ce:20:ed:fa:bc:
2a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:38:AC:D1:05:77:17:9A:A1:16:58:87:DC:CA:FC:58:58:E1:BC:DC
X509v3 Authority Key Identifier:
keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/Mjis0QV3F5qhFliH3Mr8WFjhvNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.96.0/22
IPv6:
2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1e:c3:66:9a:2a:92:63:31:97:49:0e:3f:82:00:d4:72:13:55:
8e:c5:75:5e:93:9e:c0:58:57:d4:f8:60:c2:dc:b8:25:b8:cb:
b9:72:25:32:4c:3e:d2:5a:fe:66:f3:ed:d7:af:49:9f:10:96:
8b:8b:94:3c:b0:de:57:8c:b1:7f:d8:06:fc:2e:e1:57:69:65:
3b:ab:f5:7f:4c:e3:8a:d5:2a:49:77:70:d2:08:53:16:90:e3:
cd:4c:c8:ba:f9:77:e4:b3:de:36:3f:c1:8f:65:fb:cc:ba:1f:
b9:18:ac:61:fd:16:60:4b:ce:7a:aa:95:d8:7c:b5:a7:38:20:
35:ec:c4:18:c3:c3:fc:2d:6b:51:ad:9a:33:76:72:1f:b2:48:
de:c9:f4:22:5c:6a:2f:ff:44:f8:bc:8c:8e:d6:56:f1:ab:e4:
1e:28:95:4a:db:b0:95:4b:b1:a4:2c:41:4a:34:c5:3f:02:d9:
6d:15:a2:3c:d9:8b:d9:3e:04:30:83:d8:a9:10:04:e8:29:57:
11:66:0b:05:0a:fb:15:c9:32:1a:62:59:6a:3c:da:07:33:bb:
9e:d0:bd:db:db:2a:df:2e:0c:db:c4:08:7c:ac:f7:4e:3e:95:
26:3a:1d:65:46:7c:05:3b:f3:0a:6c:44:b6:b8:b5:ae:d8:8e:
de:76:4c:e2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVtwbF9NgwMdrmkKQadErvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIy
ZWNmOTMwHhcNMjMwMTAxMTQzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjM4YWNkMTA1NzcxNzlhYTExNjU4ODdkY2NhZmM1ODU4ZTFiY2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuleB+7/gPH5Dm6W9Kp+Xc7oLIJnk
sX0fATsHydVBnUnWxA2dIbfCvBiImm2lRfKDHnkY/uQZnAQ87fmz9FuqjvOINBz+
YWBfsqjSkvpDDO42Lo7LMFKjXPIPvvStz0nB0I2wJfU3OSpNSYFZxGo+vK96U8FI
/FmSvnkhBDrESjQ8rOVALqHP1z9BRfJhlLeGQqgNrCqk4exKOB+IR2bzqjhjFLOu
eKsm2roJhKANq7vQi/D7rVVIcsYLmDyO5irOcYz/GOBQH3tBAtyMX0hJ/dC2n96e
tFpm6hvZ1PVSQjaAxq2xggO8Hl+zezVLzwEpOVNwSvJ0k6xvziDt+rwqRQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDI4rNEFdxeaoRZYh9zK/FhY4bzcMB8GA1UdIwQY
MBaAFF7gBL76VT3bNVZPt3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjIt
ZTIyOGFhYjQ1MDE0LzEvTWppczBRVjNGNXFoRmxpSDNNcjhXRmpodk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0
LzEvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoE
AgACMBQwEgMHASoAHD4AlgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEAHsNm
miqSYzGXSQ4/ggDUchNVjsV1XpOewFhX1Phgwty4JbjLuXIlMkw+0lr+ZvPt169J
nxCWi4uUPLDeV4yxf9gG/C7hV2llO6v1f0zjitUqSXdw0ghTFpDjzUzIuvl35LPe
Nj/Bj2X7zLofuRisYf0WYEvOeqqV2Hy1pzggNezEGMPD/C1rUa2aM3ZyH7JI3sn0
IlxqL/9E+LyMjtZW8avkHiiVStuwlUuxpCxBSjTFPwLZbRWiPNmL2T4EMIPYqRAE
6ClXEWYLBQr7FckyGmJZajzaBzO7ntC929sq3y4M28QIfKz3Tj6VJjodZUZ8BTvz
CmxEtri1rtiO3nZM4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:00 2024 by rpki-client on console-fra.rpki-client.org