Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/x4QV14A8HCbt8LgxI1SA8EhuF14.roa
File: x4QV14A8HCbt8LgxI1SA8EhuF14.roa (raw, json)
Hash identifier: gaz2dBZbUmz/vTf86AnTSEJOvh+Nw5Fs9GBycMk9EZk=
Subject key identifier: C7:84:15:D7:80:3C:1C:26:ED:F0:B8:31:23:54:80:F0:48:6E:17:5E
Certificate issuer: /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial: 018CC795867FB678793F39DFC0A4E8A23FE9
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/x4QV14A8HCbt8LgxI1SA8EhuF14.roa
Signing time: Tue 02 Jan 2024 00:31:54 +0000
ROA not before: Tue 02 Jan 2024 00:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5413
IP address blocks: 95.172.224.0/19 maxlen: 24
212.105.160.0/19 maxlen: 24
2a00:10ef::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Mar 2024 17:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:86:7f:b6:78:79:3f:39:df:c0:a4:e8:a2:3f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Validity
Not Before: Jan 2 00:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c78415d7803c1c26edf0b831235480f0486e175e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:46:eb:f6:2a:ee:5b:e4:3a:f9:64:77:bf:20:
23:8b:da:c0:e2:5c:32:6b:61:ee:c2:89:b9:c8:65:
68:ad:5a:a5:01:6b:8e:4d:ed:f0:6e:0f:37:54:18:
95:a6:c2:7f:10:e4:9b:19:a3:8e:28:2e:b6:3b:ae:
8b:42:4d:b0:d4:59:5b:b8:b5:5a:2f:5c:06:de:6e:
3b:70:c5:98:9b:ec:d8:f6:23:cd:fa:a7:9c:9d:5e:
cb:53:21:67:70:e7:1f:1d:35:30:75:94:f5:24:ce:
c1:00:8c:fa:f2:19:bc:f6:32:71:57:2a:42:06:eb:
05:4a:fb:1a:40:9c:bb:e4:85:91:54:fd:5f:a4:85:
7d:81:df:6f:8f:19:4c:2e:32:ea:a0:e6:e8:83:7d:
9e:5b:c1:44:0e:f3:34:ab:43:19:88:50:ea:48:4d:
aa:71:26:cc:1d:51:2e:80:1c:60:6c:da:16:ac:4a:
00:98:78:07:fd:34:58:bb:0f:22:02:84:74:ec:0d:
c2:a1:3a:d7:8a:8e:d8:ca:5f:bf:df:e3:6e:f8:17:
05:76:cb:7f:6b:ba:2b:22:3a:6a:45:ad:c4:41:1f:
37:24:07:d2:db:86:1b:dc:3a:68:f5:f6:0a:72:3a:
27:df:85:16:b5:a3:d4:6a:31:7a:b6:b1:e2:70:67:
11:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:84:15:D7:80:3C:1C:26:ED:F0:B8:31:23:54:80:F0:48:6E:17:5E
X509v3 Authority Key Identifier:
keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/x4QV14A8HCbt8LgxI1SA8EhuF14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.172.224.0/19
212.105.160.0/19
IPv6:
2a00:10ef::/32
Signature Algorithm: sha256WithRSAEncryption
1c:29:3b:79:75:29:91:8e:9c:4c:6a:dd:71:b1:ee:54:c1:8d:
70:6e:43:7c:a4:a2:a3:f2:39:af:29:51:22:be:38:d0:24:0e:
04:09:fb:fd:31:13:04:62:29:61:17:b3:f4:80:6c:6a:7f:db:
85:5d:4a:53:47:7c:39:6a:0a:92:41:8d:c4:f7:26:23:a4:09:
82:b1:54:c5:2a:cc:d0:48:ee:29:89:33:9c:23:b3:52:6a:db:
4c:99:e1:be:64:50:b0:fb:af:18:0c:16:4c:a7:5d:68:6e:65:
6f:d6:8d:9f:88:d7:70:1a:da:74:ef:f0:aa:b0:b1:30:2c:12:
31:82:9e:1c:ae:01:7a:8e:12:06:5a:4b:e0:6d:8d:f5:d4:af:
b4:93:33:f2:b6:38:4f:d3:f2:d3:f4:58:60:24:98:bd:c5:9c:
39:89:7c:21:cc:c6:e9:c9:5a:aa:df:b0:94:89:f1:4d:30:53:
38:b5:aa:52:fc:5a:0c:e4:1e:dd:2c:db:4b:3c:65:f5:3e:c9:
d2:3a:b4:81:b5:d2:c9:78:24:a5:e0:ca:c6:61:a2:4c:2b:50:
d5:a3:ec:4a:9b:c6:41:5a:9f:e2:43:e6:ad:e0:57:c0:0f:6d:
71:b0:bc:8e:1b:97:de:4b:00:6b:80:2d:4d:9c:3d:8b:bb:35:
b5:da:9c:e1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHlYZ/tnh5PznfwKTooj/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTk2ZDAyYTgyMmY0NjI1M2MyYWVlNjgwNDQxZDVhYzI3
YzNkZjUwHhcNMjQwMTAyMDAzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzg0MTVkNzgwM2MxYzI2ZWRmMGI4MzEyMzU0ODBmMDQ4NmUxNzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUbr9iruW+Q6+WR3vyAji9rA4lwy
a2Huwom5yGVorVqlAWuOTe3wbg83VBiVpsJ/EOSbGaOOKC62O66LQk2w1FlbuLVa
L1wG3m47cMWYm+zY9iPN+qecnV7LUyFncOcfHTUwdZT1JM7BAIz68hm89jJxVypC
BusFSvsaQJy75IWRVP1fpIV9gd9vjxlMLjLqoObog32eW8FEDvM0q0MZiFDqSE2q
cSbMHVEugBxgbNoWrEoAmHgH/TRYuw8iAoR07A3CoTrXio7Yyl+/3+Nu+BcFdst/
a7orIjpqRa3EQR83JAfS24Yb3Dpo9fYKcjon34UWtaPUajF6trHicGcRawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMeEFdeAPBwm7fC4MSNUgPBIbhdeMB8GA1UdIwQY
MBaAFL2pbQKoIvRiU8Ku5oBEHVrCfD31MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzIt
Y2Y4M2Q2ZTQwNTU4LzEveDRRVjE0QThIQ2J0OExneEkxU0E4RWh1RjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzItY2Y4M2Q2ZTQwNTU4
LzEvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFX6zgAwQF
1GmgMA0EAgACMAcDBQAqABDvMA0GCSqGSIb3DQEBCwUAA4IBAQAcKTt5dSmRjpxM
at1xse5UwY1wbkN8pKKj8jmvKVEivjjQJA4ECfv9MRMEYilhF7P0gGxqf9uFXUpT
R3w5agqSQY3E9yYjpAmCsVTFKszQSO4piTOcI7NSattMmeG+ZFCw+68YDBZMp11o
bmVv1o2fiNdwGtp07/CqsLEwLBIxgp4crgF6jhIGWkvgbY311K+0kzPytjhP0/LT
9FhgJJi9xZw5iXwhzMbpyVqq37CUifFNMFM4tapS/FoM5B7dLNtLPGX1PsnSOrSB
tdLJeCSl4MrGYaJMK1DVo+xKm8ZBWp/iQ+at4FfAD21xsLyOG5feSwBrgC1NnD2L
uzW12pzh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:34 2024 by rpki-client on console-fra.rpki-client.org