Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/9y7387NBTpcMPUWlMtZTdQgahLA.roa
File: 9y7387NBTpcMPUWlMtZTdQgahLA.roa (raw, json)
Hash identifier: k6d5+v/tjHEN5cPF6eWR8EzBasNpxStFWBYB/Ntxthc=
Subject key identifier: F7:2E:F7:F3:B3:41:4E:97:0C:3D:45:A5:32:D6:53:75:08:1A:84:B0
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 018D454A9292E84CA268A85A7BE1D1747903
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/9y7387NBTpcMPUWlMtZTdQgahLA.roa
Signing time: Fri 26 Jan 2024 10:22:11 +0000
ROA not before: Fri 26 Jan 2024 10:22:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49025
IP address blocks: 95.173.200.0/21 maxlen: 21
95.173.201.0/24 maxlen: 24
95.173.202.0/23 maxlen: 23
95.173.204.0/22 maxlen: 22
95.173.208.0/21 maxlen: 21
95.173.216.0/21 maxlen: 21
185.2.40.0/22 maxlen: 22
185.111.108.0/24 maxlen: 24
185.111.109.0/24 maxlen: 24
185.111.111.0/24 maxlen: 24
2a02:a48:f000::/36 maxlen: 36
2a06:5d80::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 07 Jun 2024 11:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:4a:92:92:e8:4c:a2:68:a8:5a:7b:e1:d1:74:79:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Jan 26 10:22:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f72ef7f3b3414e970c3d45a532d65375081a84b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:86:9d:c5:d4:a1:f2:c5:41:39:6d:79:a2:87:
66:5a:7b:0f:c4:88:aa:c2:a1:d8:5d:86:86:c3:31:
2f:dd:45:09:68:07:2e:cc:72:3a:38:03:e3:96:e4:
08:64:7a:3b:28:c7:ac:ce:6b:44:b3:ae:c2:cc:bb:
fa:c7:8c:ea:d5:cc:f8:e7:5f:3e:f1:0f:87:00:3b:
35:76:0f:8a:fa:3e:a6:0e:36:2d:fe:bd:1e:ed:e9:
fa:ed:49:2b:c8:e5:35:c6:63:a7:66:94:6a:67:df:
79:31:78:27:5b:5e:f9:88:58:72:fa:a8:a3:ba:f6:
88:45:db:58:b2:68:ca:5e:81:08:30:dd:69:41:4b:
32:b8:12:25:4f:d9:7e:d9:20:4f:3d:13:24:1f:2d:
43:db:4c:1a:c9:fc:8c:5a:ad:bc:7f:a4:21:bd:fd:
13:f8:d6:94:e1:94:eb:a0:31:30:49:d4:76:e5:65:
64:b0:59:ef:15:86:6e:79:11:5b:24:76:e6:f8:4f:
db:3c:b6:98:c8:50:54:d6:a6:64:60:43:09:6d:5b:
b1:58:b7:d9:56:3a:35:f4:dc:63:b9:a6:c1:ca:ef:
2b:fd:6d:27:34:85:a2:cc:25:9f:18:36:1d:27:6f:
7e:89:57:e5:0f:0e:48:17:c2:36:15:34:5a:2c:03:
b7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2E:F7:F3:B3:41:4E:97:0C:3D:45:A5:32:D6:53:75:08:1A:84:B0
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/9y7387NBTpcMPUWlMtZTdQgahLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.200.0-95.173.223.255
185.2.40.0/22
185.111.108.0/23
185.111.111.0/24
IPv6:
2a02:a48:f000::/36
2a06:5d80::/32
Signature Algorithm: sha256WithRSAEncryption
64:fc:29:e1:dc:c8:bd:e6:c5:24:49:06:b3:fc:55:47:81:30:
c2:e4:63:56:3c:48:73:07:bf:fd:29:74:2a:bb:78:84:d2:0e:
3d:80:6f:50:8a:5c:ca:69:cd:34:4d:66:28:72:f0:fe:82:ab:
c2:e3:ab:e8:7a:18:01:ae:3b:31:05:f1:ba:53:26:c8:b2:38:
c1:63:1e:2c:cd:92:a5:bd:d7:95:b4:ae:50:d8:c0:51:0d:de:
03:18:c2:c3:a0:27:ce:e9:14:38:0e:df:51:fb:2b:e5:84:6e:
eb:96:ae:f8:46:49:12:e8:69:8d:5c:85:76:5d:8c:e1:5c:35:
89:cd:cf:70:c9:cd:a2:49:2d:4d:a4:dd:1b:e3:80:fb:d5:3f:
3b:ef:78:70:22:c6:a3:9c:14:42:d2:09:57:f3:10:ff:a9:64:
ab:93:4f:ad:67:1c:b0:a2:93:2c:9a:c7:13:b1:2d:01:3e:21:
d8:7a:7f:30:3f:cd:74:44:a3:1d:49:33:38:64:d6:59:86:01:
61:aa:6f:4f:7e:22:20:3b:5a:65:1d:96:32:11:17:71:30:8e:
c5:cb:3e:e9:52:fa:d4:1f:9a:38:27:e0:af:0e:24:67:be:dd:
d6:df:8a:b9:2a:23:f8:0f:1d:cb:f2:f7:1f:e8:d2:37:51:01:
27:97:7c:a9
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY1FSpKS6EyiaKhae+HRdHkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjQwMTI2MTAyMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzJlZjdmM2IzNDE0ZTk3MGMzZDQ1YTUzMmQ2NTM3NTA4MWE4NGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYadxdSh8sVBOW15oodmWnsPxIiq
wqHYXYaGwzEv3UUJaAcuzHI6OAPjluQIZHo7KMeszmtEs67CzLv6x4zq1cz4518+
8Q+HADs1dg+K+j6mDjYt/r0e7en67UkryOU1xmOnZpRqZ995MXgnW175iFhy+qij
uvaIRdtYsmjKXoEIMN1pQUsyuBIlT9l+2SBPPRMkHy1D20wayfyMWq28f6Qhvf0T
+NaU4ZTroDEwSdR25WVksFnvFYZueRFbJHbm+E/bPLaYyFBU1qZkYEMJbVuxWLfZ
Vjo19NxjuabByu8r/W0nNIWizCWfGDYdJ29+iVflDw5IF8I2FTRaLAO3kwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPcu9/OzQU6XDD1FpTLWU3UIGoSwMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvOXk3Mzg3TkJUcGNNUFVXbE10WlRkUWdhaExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAmBAIAATAgMAwDBANfrcgD
BAVfrcADBAK5AigDBAG5b2wDBAC5b28wFQQCAAIwDwMGBCoCCkjwAwUAKgZdgDAN
BgkqhkiG9w0BAQsFAAOCAQEAZPwp4dzIvebFJEkGs/xVR4EwwuRjVjxIcwe//Sl0
Krt4hNIOPYBvUIpcymnNNE1mKHLw/oKrwuOr6HoYAa47MQXxulMmyLI4wWMeLM2S
pb3XlbSuUNjAUQ3eAxjCw6AnzukUOA7fUfsr5YRu65au+EZJEuhpjVyFdl2M4Vw1
ic3PcMnNokktTaTdG+OA+9U/O+94cCLGo5wUQtIJV/MQ/6lkq5NPrWccsKKTLJrH
E7EtAT4h2Hp/MD/NdESjHUkzOGTWWYYBYapvT34iIDtaZR2WMhEXcTCOxcs+6VL6
1B+aOCfgrw4kZ77d1t+KuSoj+A8dy/L3H+jSN1EBJ5d8qQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:48:47 2024 by rpki-client on console-ams.rpki-client.org