Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4750ee-1bbb-4570-bb83-59d9d48ea3b1/1/qwRg-_0tDafPBymXx9QDKcjwm8g.roa
File: qwRg-_0tDafPBymXx9QDKcjwm8g.roa (raw, json)
Hash identifier: 7kHJY7WrVTk6L60uaYRL0qg0VzQgvH80JeFbV88Fvxk=
Subject key identifier: AB:04:60:FB:FD:2D:0D:A7:CF:07:29:97:C7:D4:03:29:C8:F0:9B:C8
Certificate issuer: /CN=97ecb9d8d3489416667ee995f5f4e21a37b6f9f8
Certificate serial: 018BAE3EDDB0582B1E7D077A4B624EFCA20C
Authority key identifier: 97:EC:B9:D8:D3:48:94:16:66:7E:E9:95:F5:F4:E2:1A:37:B6:F9:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l-y52NNIlBZmfumV9fTiGje2-fg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4750ee-1bbb-4570-bb83-59d9d48ea3b1/1/qwRg-_0tDafPBymXx9QDKcjwm8g.roa
Signing time: Wed 08 Nov 2023 09:23:57 +0000
ROA not before: Wed 08 Nov 2023 09:23:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209684
IP address blocks: 95.214.56.5/32 maxlen: 32
95.214.58.0/24 maxlen: 24
95.214.56.0/24 maxlen: 24
95.214.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:3e:dd:b0:58:2b:1e:7d:07:7a:4b:62:4e:fc:a2:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ecb9d8d3489416667ee995f5f4e21a37b6f9f8
Validity
Not Before: Nov 8 09:23:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab0460fbfd2d0da7cf072997c7d40329c8f09bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cf:d1:10:1c:a1:ab:3b:8c:35:01:92:c4:9b:
92:c1:b3:2a:70:09:aa:ad:d0:8e:2f:89:dc:24:30:
78:5a:19:3d:c1:43:45:89:08:51:c2:b5:a5:fd:9c:
8b:15:21:70:42:7c:e5:09:f8:ec:79:51:a9:c7:e4:
1f:eb:f5:b2:34:e8:1e:6d:9e:ec:47:78:90:f7:64:
ee:77:2c:74:bd:23:da:34:e8:cf:5c:fb:5b:8f:76:
ec:94:6a:95:90:10:8b:a8:c1:5d:15:2c:ab:cb:82:
d1:59:9c:bc:c0:f9:9b:11:96:bd:51:ab:57:ba:e3:
b0:1a:e8:2a:72:4d:a0:69:7f:45:2b:55:d7:ee:4d:
fe:bb:9a:a8:ab:2b:d2:2b:6d:88:09:43:2d:06:b3:
24:eb:1c:82:af:f9:e4:78:2b:45:97:b2:31:eb:2c:
85:2f:67:08:5a:40:2b:a1:8e:27:2f:b1:78:56:3d:
8f:29:26:dc:48:04:84:9e:bf:e0:da:77:65:b6:71:
45:da:df:94:56:af:b8:0f:30:8c:3a:fd:ea:d7:a4:
bb:24:2b:01:54:79:9f:a5:d1:15:f5:6c:b7:ae:11:
37:4b:f6:8d:ea:58:1c:0b:b1:1c:f2:d8:75:c6:05:
68:7d:6d:2b:db:0d:7b:64:0d:11:8d:6c:1f:31:af:
6a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:04:60:FB:FD:2D:0D:A7:CF:07:29:97:C7:D4:03:29:C8:F0:9B:C8
X509v3 Authority Key Identifier:
keyid:97:EC:B9:D8:D3:48:94:16:66:7E:E9:95:F5:F4:E2:1A:37:B6:F9:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l-y52NNIlBZmfumV9fTiGje2-fg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4750ee-1bbb-4570-bb83-59d9d48ea3b1/1/qwRg-_0tDafPBymXx9QDKcjwm8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4750ee-1bbb-4570-bb83-59d9d48ea3b1/1/l-y52NNIlBZmfumV9fTiGje2-fg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.56.0/24
95.214.58.0/23
Signature Algorithm: sha256WithRSAEncryption
79:ea:aa:9a:49:2c:84:5d:33:d4:fc:f7:eb:a6:6f:b3:8e:b2:
97:3f:dc:1f:20:91:ba:d5:ef:72:15:5e:00:f5:25:2c:4c:53:
de:4a:83:f1:aa:5f:65:04:bb:3b:06:e7:54:92:6a:49:22:71:
4c:70:51:3f:04:bb:5c:69:87:dd:0c:a1:ea:1d:00:33:6e:fa:
a6:2f:d8:d5:a2:bd:45:89:65:e7:11:0f:ee:c8:db:f0:bb:dd:
72:12:67:75:9d:3d:6f:39:63:71:55:a7:30:c7:aa:d2:2b:16:
e7:a2:7b:b9:5d:b8:18:3a:68:4c:e3:6b:a3:d4:82:a7:53:26:
8f:ee:09:d0:e9:7d:de:c0:77:5c:0c:c2:e7:c2:50:ed:4c:61:
60:42:3c:31:42:41:1b:68:67:f3:74:61:06:13:91:7f:54:45:
cc:dc:51:89:62:60:6e:34:fc:b4:b1:0c:5d:4c:4d:d6:63:2d:
05:34:9f:1e:51:82:d3:07:7e:ec:e6:dc:53:5e:dc:fb:76:d8:
29:bd:77:31:98:93:ba:00:dd:df:63:1b:8a:9c:bc:89:98:ac:
86:c0:eb:18:af:40:92:96:28:4d:3b:cf:ae:07:ed:32:ca:54:
fc:fc:2b:b3:f8:4e:48:ab:2c:ec:96:3b:fd:2d:3a:5e:3d:2a:
b5:0a:98:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuuPt2wWCsefQd6S2JO/KIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZWNiOWQ4ZDM0ODk0MTY2NjdlZTk5NWY1ZjRlMjFhMzdi
NmY5ZjgwHhcNMjMxMTA4MDkyMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjA0NjBmYmZkMmQwZGE3Y2YwNzI5OTdjN2Q0MDMyOWM4ZjA5YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8/REByhqzuMNQGSxJuSwbMqcAmq
rdCOL4ncJDB4Whk9wUNFiQhRwrWl/ZyLFSFwQnzlCfjseVGpx+Qf6/WyNOgebZ7s
R3iQ92Tudyx0vSPaNOjPXPtbj3bslGqVkBCLqMFdFSyry4LRWZy8wPmbEZa9UatX
uuOwGugqck2gaX9FK1XX7k3+u5qoqyvSK22ICUMtBrMk6xyCr/nkeCtFl7Ix6yyF
L2cIWkAroY4nL7F4Vj2PKSbcSASEnr/g2ndltnFF2t+UVq+4DzCMOv3q16S7JCsB
VHmfpdEV9Wy3rhE3S/aN6lgcC7Ec8th1xgVofW0r2w17ZA0RjWwfMa9qiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKsEYPv9LQ2nzwcpl8fUAynI8JvIMB8GA1UdIwQY
MBaAFJfsudjTSJQWZn7plfX04ho3tvn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbC15NTJOTklsQlptZnVtVjlmVGlHamUyLWZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80NzUwZWUtMWJiYi00NTcwLWJiODMt
NTlkOWQ0OGVhM2IxLzEvcXdSZy1fMHREYWZQQnltWHg5UURLY2p3bThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80NzUwZWUtMWJiYi00NTcwLWJiODMtNTlkOWQ0OGVhM2Ix
LzEvbC15NTJOTklsQlptZnVtVjlmVGlHamUyLWZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9Y4AwQB
X9Y6MA0GCSqGSIb3DQEBCwUAA4IBAQB56qqaSSyEXTPU/Pfrpm+zjrKXP9wfIJG6
1e9yFV4A9SUsTFPeSoPxql9lBLs7BudUkmpJInFMcFE/BLtcaYfdDKHqHQAzbvqm
L9jVor1FiWXnEQ/uyNvwu91yEmd1nT1vOWNxVacwx6rSKxbnonu5XbgYOmhM42uj
1IKnUyaP7gnQ6X3ewHdcDMLnwlDtTGFgQjwxQkEbaGfzdGEGE5F/VEXM3FGJYmBu
NPy0sQxdTE3WYy0FNJ8eUYLTB37s5txTXtz7dtgpvXcxmJO6AN3fYxuKnLyJmKyG
wOsYr0CSlihNO8+uB+0yylT8/Cuz+E5Iqyzsljv9LTpePSq1Cpi6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:36 2024 by rpki-client on console-ams.rpki-client.org