Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ehXP0xXkNYiPFpuyeQXicjotaO0.roa
File: ehXP0xXkNYiPFpuyeQXicjotaO0.roa (raw, json)
Hash identifier: kdN8v1XLsmiJWB9qCGCgiCxbSzmEfpoam/bDsTkEtGg=
Subject key identifier: 7A:15:CF:D3:15:E4:35:88:8F:16:9B:B2:79:05:E2:72:3A:2D:68:ED
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019241CE8F0D2C0DD030208503FCEB12BACC
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ehXP0xXkNYiPFpuyeQXicjotaO0.roa
Signing time: Mon 30 Sep 2024 07:21:48 +0000
ROA not before: Mon 30 Sep 2024 07:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202759
IP address blocks: 95.156.206.0/24 maxlen: 24
188.214.36.0/24 maxlen: 24
188.214.37.0/24 maxlen: 24
2a03:f80:372::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 13:11:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:41:ce:8f:0d:2c:0d:d0:30:20:85:03:fc:eb:12:ba:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 30 07:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a15cfd315e435888f169bb27905e2723a2d68ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:55:12:a7:79:e1:b5:26:f1:ec:ec:ea:cd:52:
c1:30:6f:80:ba:84:d9:fd:41:ad:9e:0d:a4:40:bd:
4b:e7:f3:44:73:dc:5b:b3:2b:80:36:8f:22:4d:fc:
a3:30:d9:aa:f0:81:4d:66:6d:83:37:1a:d9:02:19:
3a:83:42:6a:73:e4:00:67:2b:58:e3:bd:b1:57:1e:
76:f0:12:4c:41:5f:12:b8:0d:c7:db:3f:bf:b0:d5:
49:44:78:2a:eb:92:6c:9a:4c:6a:39:81:2d:1a:86:
66:60:95:ac:40:42:0f:36:0b:6f:dd:bb:36:60:54:
c5:37:1b:48:6e:8c:11:48:62:78:1a:f0:3d:99:c5:
15:72:ef:80:30:9b:4f:8f:f3:26:2f:73:83:69:8f:
43:fe:3d:6a:46:04:d5:c9:59:bb:96:76:9b:96:87:
07:34:74:28:c3:82:66:b2:03:46:36:10:4b:7e:4f:
51:cd:8e:94:e7:e1:a2:cc:44:50:98:c6:ba:16:c0:
68:90:1e:27:e1:ce:6f:97:f0:e2:7e:6f:28:1c:ea:
5b:f9:c9:c1:97:05:a3:f6:fb:82:21:50:4d:db:a2:
35:db:ea:22:ce:47:65:d5:1b:29:fb:da:25:59:45:
5f:73:e4:09:06:f9:84:c2:1c:b9:0d:04:22:b2:5a:
6a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:15:CF:D3:15:E4:35:88:8F:16:9B:B2:79:05:E2:72:3A:2D:68:ED
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ehXP0xXkNYiPFpuyeQXicjotaO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.156.206.0/24
188.214.36.0/23
IPv6:
2a03:f80:372::/48
Signature Algorithm: sha256WithRSAEncryption
06:94:b6:bf:5b:14:f4:10:81:f6:b4:70:85:4c:6b:f0:13:a4:
66:d5:ad:ee:72:a9:29:a6:e0:3a:60:0a:db:b2:24:a4:11:51:
69:83:72:61:56:95:23:81:ce:91:9a:f5:79:1f:a2:8d:e0:42:
14:ce:6b:58:58:5d:2f:a5:80:eb:09:00:96:12:d9:99:23:2a:
0d:f8:19:33:fe:65:81:02:e9:6c:1c:83:c0:c1:91:0e:e0:e1:
19:bb:e1:c3:38:0f:5b:bb:80:51:a4:ce:2f:2f:48:b0:71:0b:
df:15:e8:a9:aa:66:2f:3b:61:59:bd:a1:0b:78:ca:eb:dd:b4:
3f:35:2a:12:23:7c:8a:87:cc:a6:22:02:8c:b9:d7:f3:5c:26:
2b:1a:95:af:74:b2:c9:a4:1e:0c:ad:85:ea:59:fa:d2:e5:6d:
a2:f8:5f:35:9a:ba:80:b5:c1:fb:63:87:4d:af:e7:84:fe:df:
26:74:4e:f9:86:47:5b:07:9c:c9:f2:cb:94:5f:ce:ef:28:f2:
d0:af:00:a6:e3:50:20:53:bf:f9:57:10:a0:a0:9e:88:55:a6:
98:cc:6b:8b:a5:18:1d:ea:5a:ff:81:e3:f0:aa:44:81:9e:96:
07:ca:7a:42:88:25:f2:82:ed:70:d3:fa:bd:96:57:91:0f:52:
b8:58:12:6d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZJBzo8NLA3QMCCFA/zrErrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTMwMDcyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTE1Y2ZkMzE1ZTQzNTg4OGYxNjliYjI3OTA1ZTI3MjNhMmQ2OGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVUSp3nhtSbx7OzqzVLBMG+AuoTZ
/UGtng2kQL1L5/NEc9xbsyuANo8iTfyjMNmq8IFNZm2DNxrZAhk6g0Jqc+QAZytY
472xVx528BJMQV8SuA3H2z+/sNVJRHgq65JsmkxqOYEtGoZmYJWsQEIPNgtv3bs2
YFTFNxtIbowRSGJ4GvA9mcUVcu+AMJtPj/MmL3ODaY9D/j1qRgTVyVm7lnablocH
NHQow4JmsgNGNhBLfk9RzY6U5+GizERQmMa6FsBokB4n4c5vl/Difm8oHOpb+cnB
lwWj9vuCIVBN26I12+oizkdl1Rsp+9olWUVfc+QJBvmEwhy5DQQislpq/wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHoVz9MV5DWIjxabsnkF4nI6LWjtMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvZWhYUDB4WGtOWWlQRnB1eWVRWGljam90YU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAX5zOAwQB
vNYkMA8EAgACMAkDBwAqAw+AA3IwDQYJKoZIhvcNAQELBQADggEBAAaUtr9bFPQQ
gfa0cIVMa/ATpGbVre5yqSmm4DpgCtuyJKQRUWmDcmFWlSOBzpGa9Xkfoo3gQhTO
a1hYXS+lgOsJAJYS2ZkjKg34GTP+ZYEC6Wwcg8DBkQ7g4Rm74cM4D1u7gFGkzi8v
SLBxC98V6KmqZi87YVm9oQt4yuvdtD81KhIjfIqHzKYiAoy51/NcJisala90ssmk
HgythepZ+tLlbaL4XzWauoC1wftjh02v54T+3yZ0TvmGR1sHnMnyy5Rfzu8o8tCv
AKbjUCBTv/lXEKCgnohVppjMa4ulGB3qWv+B4/CqRIGelgfKekKIJfKC7XDT+r2W
V5EPUrhYEm0=
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:12:49 2024 by rpki-client on console-fra.rpki-client.org