Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/a0BmN_PRc7aLKMay7aM59UFB32M.roa
File: a0BmN_PRc7aLKMay7aM59UFB32M.roa (raw, json)
Hash identifier: UHmarYRdxpUg4Plb/XWYhe7O1m26+CC0Cq49RdlQxLo=
Subject key identifier: 6B:40:66:37:F3:D1:73:B6:8B:28:C6:B2:ED:A3:39:F5:41:41:DF:63
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191D5FF96AB0E7680E64C4E6A738DEA1298
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/a0BmN_PRc7aLKMay7aM59UFB32M.roa
Signing time: Mon 09 Sep 2024 08:56:22 +0000
ROA not before: Mon 09 Sep 2024 08:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202759
IP address blocks: 95.156.206.0/24 maxlen: 24
188.214.37.0/24 maxlen: 24
2a03:f80:372::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 30 Sep 2024 07:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d5:ff:96:ab:0e:76:80:e6:4c:4e:6a:73:8d:ea:12:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 9 08:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b406637f3d173b68b28c6b2eda339f54141df63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:87:c6:0b:ae:ab:7c:45:4b:ea:64:57:44:92:
a5:dc:b1:39:f3:2d:ca:df:90:57:96:af:ce:0a:73:
75:fc:9f:fb:f1:f4:1a:4f:3e:f3:52:e2:3d:8f:1e:
5b:c2:89:ae:74:82:25:fb:a6:59:be:a1:a3:dd:6d:
52:03:9b:1f:57:d8:b6:94:49:24:fb:b5:1c:88:51:
36:10:a6:02:db:65:16:1f:cc:94:41:03:33:33:28:
32:d4:63:9c:c1:6c:39:2b:e6:76:a8:c4:55:b5:32:
57:87:fe:e2:3a:84:c6:74:d7:79:07:1e:36:f6:8c:
43:e7:75:a9:4f:60:5f:45:95:8a:3f:08:0d:62:cc:
9a:87:c1:37:17:89:b0:aa:42:ba:47:77:8a:1f:58:
da:0a:27:0d:53:59:ad:be:5f:94:4a:be:e2:8b:80:
4a:8c:5a:72:4c:bb:e0:ab:da:19:f3:bc:c1:60:9f:
b3:30:85:34:27:46:ae:e4:00:62:63:19:21:b9:4c:
b7:20:a8:fd:21:5d:e7:30:ce:b3:61:70:0f:63:17:
a3:e0:65:d5:db:92:07:fc:ae:5d:73:48:38:ee:23:
0e:e8:dc:65:d6:90:52:9c:ea:68:1c:1c:43:7b:25:
30:7c:ec:0d:d5:1c:6d:30:17:09:f4:d3:3c:b8:64:
f2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:40:66:37:F3:D1:73:B6:8B:28:C6:B2:ED:A3:39:F5:41:41:DF:63
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/a0BmN_PRc7aLKMay7aM59UFB32M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.156.206.0/24
188.214.37.0/24
IPv6:
2a03:f80:372::/48
Signature Algorithm: sha256WithRSAEncryption
3c:77:34:6f:7d:47:c7:8a:40:6d:4d:e9:6e:6e:80:c0:6c:f7:
ea:c4:1d:cf:b8:5d:66:f3:9f:50:6f:61:65:58:50:3b:46:67:
f9:b4:96:db:b6:f2:c0:e4:e9:67:82:4c:1e:6f:7a:d0:04:a7:
af:58:f5:82:b2:7a:0a:8f:4c:b5:4b:d8:1e:9b:a7:c8:50:f5:
ab:93:f6:10:25:17:d1:88:45:be:05:d8:23:dc:69:69:19:c9:
43:15:64:33:fb:6d:bc:8a:be:09:9c:65:c3:eb:f8:83:92:e2:
f0:3a:45:89:15:e4:f3:d4:5b:4c:a1:6c:b7:63:d4:1e:aa:5a:
b4:ad:1d:4c:60:2a:6f:a0:cb:27:5f:81:8b:15:57:0a:59:86:
a1:b5:b6:71:86:e7:f0:5e:71:a6:57:75:a2:fa:65:5c:65:11:
9b:b8:66:f4:85:0c:67:83:77:a7:54:d2:53:62:1b:e6:c4:1f:
43:5b:12:c8:73:12:db:28:cd:be:6f:87:26:3d:82:42:3c:60:
29:d3:10:c0:d1:90:47:09:08:fb:b0:02:56:e1:49:74:2b:73:
4a:18:92:a1:3d:4d:17:52:d3:38:23:58:c1:ca:7b:22:56:b2:
9e:1b:71:38:82:5a:db:b6:fc:8d:0a:b5:96:19:00:e3:7b:e8:
69:4f:90:f3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZHV/5arDnaA5kxOanON6hKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTA5MDg1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQwNjYzN2YzZDE3M2I2OGIyOGM2YjJlZGEzMzlmNTQxNDFkZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArofGC66rfEVL6mRXRJKl3LE58y3K
35BXlq/OCnN1/J/78fQaTz7zUuI9jx5bwomudIIl+6ZZvqGj3W1SA5sfV9i2lEkk
+7UciFE2EKYC22UWH8yUQQMzMygy1GOcwWw5K+Z2qMRVtTJXh/7iOoTGdNd5Bx42
9oxD53WpT2BfRZWKPwgNYsyah8E3F4mwqkK6R3eKH1jaCicNU1mtvl+USr7ii4BK
jFpyTLvgq9oZ87zBYJ+zMIU0J0au5ABiYxkhuUy3IKj9IV3nMM6zYXAPYxej4GXV
25IH/K5dc0g47iMO6Nxl1pBSnOpoHBxDeyUwfOwN1RxtMBcJ9NM8uGTyOwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGtAZjfz0XO2iyjGsu2jOfVBQd9jMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvYTBCbU5fUFJjN2FMS01heTdhTTU5VUZCMzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAX5zOAwQA
vNYlMA8EAgACMAkDBwAqAw+AA3IwDQYJKoZIhvcNAQELBQADggEBADx3NG99R8eK
QG1N6W5ugMBs9+rEHc+4XWbzn1BvYWVYUDtGZ/m0ltu28sDk6WeCTB5vetAEp69Y
9YKyegqPTLVL2B6bp8hQ9auT9hAlF9GIRb4F2CPcaWkZyUMVZDP7bbyKvgmcZcPr
+IOS4vA6RYkV5PPUW0yhbLdj1B6qWrStHUxgKm+gyydfgYsVVwpZhqG1tnGG5/Be
caZXdaL6ZVxlEZu4ZvSFDGeDd6dU0lNiG+bEH0NbEshzEtsozb5vhyY9gkI8YCnT
EMDRkEcJCPuwAlbhSXQrc0oYkqE9TRdS0zgjWMHKeyJWsp4bcTiCWtu2/I0KtZYZ
AON76GlPkPM=
-----END CERTIFICATE-----
Generated at Mon Sep 30 09:20:30 2024 by rpki-client on console-fra.rpki-client.org