Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/e32df8-3a1e-42fc-b351-0ed24ebc4ed8/1/oCjvRPxsM4h_3UhOH6R-nDusFgA.roa
File: oCjvRPxsM4h_3UhOH6R-nDusFgA.roa (raw, json)
Hash identifier: C38+PkKH/74+gyEmO6wBg7APUL1FKCGvtL8C3XzGNx4=
Subject key identifier: A0:28:EF:44:FC:6C:33:88:7F:DD:48:4E:1F:A4:7E:9C:3B:AC:16:00
Certificate issuer: /CN=c77fe005d7e58ec033ca9aba87e0606021533617
Certificate serial: 018571277E1B8E8AFB514E6E943A81933ED6
Authority key identifier: C7:7F:E0:05:D7:E5:8E:C0:33:CA:9A:BA:87:E0:60:60:21:53:36:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3_gBdfljsAzypq6h-BgYCFTNhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/e32df8-3a1e-42fc-b351-0ed24ebc4ed8/1/oCjvRPxsM4h_3UhOH6R-nDusFgA.roa
Signing time: Mon 02 Jan 2023 06:24:51 +0000
ROA not before: Mon 02 Jan 2023 06:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49840
IP address blocks: 95.142.135.0/24 maxlen: 24
95.142.134.0/24 maxlen: 24
95.142.133.0/24 maxlen: 24
95.142.136.0/24 maxlen: 24
95.142.128.0/24 maxlen: 24
95.142.131.0/24 maxlen: 24
95.142.130.0/24 maxlen: 24
95.142.129.0/24 maxlen: 24
95.142.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:7e:1b:8e:8a:fb:51:4e:6e:94:3a:81:93:3e:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c77fe005d7e58ec033ca9aba87e0606021533617
Validity
Not Before: Jan 2 06:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a028ef44fc6c33887fdd484e1fa47e9c3bac1600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:69:39:d1:35:f2:d5:ec:4e:86:96:ab:73:af:
3c:80:49:08:42:4a:af:02:5a:5e:37:6a:09:e7:2e:
03:b2:7a:53:10:40:ce:dd:89:c2:bb:88:60:4e:a5:
c2:a3:3f:c8:8e:08:fe:d4:35:37:ef:ea:5a:e9:59:
55:b7:65:63:6e:cb:5f:aa:12:d5:a2:4d:e9:61:9c:
e9:da:2b:cc:8f:5b:58:58:75:16:e8:7e:8d:fc:e7:
ee:30:21:8c:e9:e4:c3:b4:55:39:bc:69:66:42:a3:
e6:83:3f:0b:7f:93:1d:16:e1:92:9e:34:13:96:b5:
d4:d4:5c:b6:f0:6d:6b:7a:65:53:2f:65:37:38:45:
82:c7:eb:77:ee:ce:f4:68:b1:42:55:90:19:cd:cf:
ac:2c:fc:35:1c:01:60:d9:94:9f:22:db:4f:1b:f8:
67:66:43:4e:4a:d5:75:7c:87:e3:9e:2d:71:4e:07:
4a:fd:9a:0b:7a:be:bb:d9:7c:d0:61:f0:0d:93:2e:
22:b2:87:fc:8f:d2:10:43:c6:98:93:8e:a6:fa:ee:
01:fc:25:d8:b9:75:3c:8b:04:f5:f7:1f:38:13:91:
b2:7d:e8:56:1a:73:e8:01:cb:19:41:88:61:00:94:
c3:61:d2:c4:00:9c:ba:8c:8d:94:c9:5e:06:19:82:
78:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:28:EF:44:FC:6C:33:88:7F:DD:48:4E:1F:A4:7E:9C:3B:AC:16:00
X509v3 Authority Key Identifier:
keyid:C7:7F:E0:05:D7:E5:8E:C0:33:CA:9A:BA:87:E0:60:60:21:53:36:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3_gBdfljsAzypq6h-BgYCFTNhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e32df8-3a1e-42fc-b351-0ed24ebc4ed8/1/oCjvRPxsM4h_3UhOH6R-nDusFgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e32df8-3a1e-42fc-b351-0ed24ebc4ed8/1/x3_gBdfljsAzypq6h-BgYCFTNhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.128.0-95.142.136.255
Signature Algorithm: sha256WithRSAEncryption
4c:3f:01:d6:a8:ba:f7:41:ef:f9:41:5e:68:7b:e4:ec:61:e6:
63:67:da:dd:95:4b:6d:ce:86:a4:4f:76:25:27:5a:0b:54:6d:
ef:80:91:e7:72:ea:f6:af:dc:43:d0:ae:58:79:3c:8c:d3:15:
67:14:a8:ae:b9:7b:9a:d4:6f:13:f3:18:11:7e:d5:56:da:88:
98:ed:05:4d:ef:77:44:58:85:b0:ae:cc:23:b4:9b:04:7a:aa:
fb:4b:d9:d9:84:87:31:56:e7:94:bc:c3:b7:48:73:27:f9:b5:
bc:cb:4a:eb:55:04:41:44:66:25:1c:98:04:3d:7c:2e:b6:f6:
1f:5a:7d:48:91:83:0b:6a:0d:14:47:93:19:2c:a5:93:37:c4:
39:b3:28:ba:b5:f9:6e:54:91:cd:ae:0e:aa:64:14:ec:2f:fa:
94:01:4a:d5:d3:1a:da:cb:03:42:cc:51:6d:49:3a:f9:f7:4e:
3c:f5:f4:3e:c9:a6:fb:03:44:fc:40:21:5b:02:8c:cf:f6:8b:
5b:87:d3:d3:57:5e:e1:4d:35:11:10:3a:db:ca:34:d6:12:27:
52:38:f4:5e:7b:c0:c7:e5:a9:db:66:18:c9:14:55:fc:c8:fb:
21:f8:00:bc:f9:8f:9d:b2:67:b4:a1:22:9d:0d:04:e5:0a:de:
00:a4:7a:24
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxJ34bjor7UU5ulDqBkz7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3N2ZlMDA1ZDdlNThlYzAzM2NhOWFiYTg3ZTA2MDYwMjE1
MzM2MTcwHhcNMjMwMTAyMDYyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDI4ZWY0NGZjNmMzMzg4N2ZkZDQ4NGUxZmE0N2U5YzNiYWMxNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mk50TXy1exOhparc688gEkIQkqv
AlpeN2oJ5y4DsnpTEEDO3YnCu4hgTqXCoz/Ijgj+1DU37+pa6VlVt2VjbstfqhLV
ok3pYZzp2ivMj1tYWHUW6H6N/OfuMCGM6eTDtFU5vGlmQqPmgz8Lf5MdFuGSnjQT
lrXU1Fy28G1remVTL2U3OEWCx+t37s70aLFCVZAZzc+sLPw1HAFg2ZSfIttPG/hn
ZkNOStV1fIfjni1xTgdK/ZoLer672XzQYfANky4isof8j9IQQ8aYk46m+u4B/CXY
uXU8iwT19x84E5GyfehWGnPoAcsZQYhhAJTDYdLEAJy6jI2UyV4GGYJ4rwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKAo70T8bDOIf91ITh+kfpw7rBYAMB8GA1UdIwQY
MBaAFMd/4AXX5Y7AM8qauofgYGAhUzYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNfZ0JkZmxqc0F6eXBxNmgtQmdZQ0ZUTmhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lMzJkZjgtM2ExZS00MmZjLWIzNTEt
MGVkMjRlYmM0ZWQ4LzEvb0NqdlJQeHNNNGhfM1VoT0g2Ui1uRHVzRmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9lMzJkZjgtM2ExZS00MmZjLWIzNTEtMGVkMjRlYmM0ZWQ4
LzEveDNfZ0JkZmxqc0F6eXBxNmgtQmdZQ0ZUTmhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAdfjoAD
BABfjogwDQYJKoZIhvcNAQELBQADggEBAEw/AdaouvdB7/lBXmh75Oxh5mNn2t2V
S23OhqRPdiUnWgtUbe+Akedy6vav3EPQrlh5PIzTFWcUqK65e5rUbxPzGBF+1Vba
iJjtBU3vd0RYhbCuzCO0mwR6qvtL2dmEhzFW55S8w7dIcyf5tbzLSutVBEFEZiUc
mAQ9fC629h9afUiRgwtqDRRHkxkspZM3xDmzKLq1+W5Ukc2uDqpkFOwv+pQBStXT
GtrLA0LMUW1JOvn3Tjz19D7JpvsDRPxAIVsCjM/2i1uH09NXXuFNNREQOtvKNNYS
J1I49F57wMflqdtmGMkUVfzI+yH4ALz5j52yZ7ShIp0NBOUK3gCkeiQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org