Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/7_hlcfIUkSz3NRJGhlKflQzPAjY.roa
File: 7_hlcfIUkSz3NRJGhlKflQzPAjY.roa (raw, json)
Hash identifier: aaPZjFozt2RMe7RKHmxVLr/ZhG51X/JQJB6O75UBvBI=
Subject key identifier: EF:F8:65:71:F2:14:91:2C:F7:35:12:46:86:52:9F:95:0C:CF:02:36
Certificate issuer: /CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Certificate serial: 018CC56EE1038DA15D25B1CE512516AB205E
Authority key identifier: E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/7_hlcfIUkSz3NRJGhlKflQzPAjY.roa
Signing time: Mon 01 Jan 2024 14:30:27 +0000
ROA not before: Mon 01 Jan 2024 14:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3
IP address blocks: 95.70.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Dec 2024 08:42:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e1:03:8d:a1:5d:25:b1:ce:51:25:16:ab:20:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Validity
Not Before: Jan 1 14:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eff86571f214912cf735124686529f950ccf0236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7b:9b:00:99:6d:a4:b5:dc:2f:d1:2a:5d:43:
f1:21:1a:75:39:bb:f3:c6:42:af:6a:4e:75:63:d2:
b0:a3:6d:10:ca:b8:bb:a3:1c:da:f1:75:0b:61:06:
ca:a1:88:c4:18:d9:83:6b:b7:11:f5:d3:3f:2c:f9:
a2:9f:e3:4f:91:84:1b:cc:2e:01:d4:98:21:09:65:
d4:dc:4a:83:84:ef:3e:19:4f:a0:70:6e:51:7c:0a:
25:fe:8b:c3:37:e0:3b:e0:71:0a:a4:d6:cb:39:1b:
c3:4a:1f:d4:29:09:c7:ee:53:69:9b:d0:75:60:cf:
92:a4:35:69:98:8e:f8:a4:47:06:fe:e8:cc:b5:87:
bb:aa:4c:87:18:e3:5a:32:b5:c7:5b:db:db:81:3e:
13:42:e9:43:69:e3:9d:f2:d6:f2:1e:45:80:96:2c:
69:46:0c:ca:05:b6:4a:c8:43:6e:05:10:c8:f9:9c:
b9:30:1b:8f:19:14:d3:c5:af:af:cc:79:c4:0b:83:
93:b0:75:77:01:9a:82:84:3e:65:a4:3c:eb:2b:9a:
7f:08:31:6c:06:a0:b4:37:32:18:32:02:73:df:9e:
c0:20:04:79:76:89:4b:d2:74:2c:68:92:28:02:1a:
9c:e7:4e:5e:80:04:c5:30:90:d0:79:53:30:91:97:
79:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F8:65:71:F2:14:91:2C:F7:35:12:46:86:52:9F:95:0C:CF:02:36
X509v3 Authority Key Identifier:
keyid:E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/7_hlcfIUkSz3NRJGhlKflQzPAjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.70.211.0/24
Signature Algorithm: sha256WithRSAEncryption
23:97:da:e3:fa:e0:5d:f1:c1:85:a6:ee:ef:ed:d0:36:13:d6:
21:2f:d8:99:4d:fd:66:a2:98:4c:89:67:69:47:fb:46:b3:2a:
08:df:a6:c3:b8:2d:26:c8:30:78:bf:6b:36:bc:4a:6d:6e:a1:
29:98:e7:38:5a:a6:c2:1d:ae:1d:0c:0c:bf:2c:5e:a5:17:af:
76:9f:8e:26:17:34:1e:27:a0:43:77:22:ad:00:32:09:c6:0b:
64:53:1c:a0:b5:9a:1d:96:8a:31:59:e8:8a:fc:30:09:42:30:
c3:f1:af:3c:8b:14:e8:a4:34:36:db:de:c2:8f:17:e3:e3:09:
f4:63:6d:2f:d1:e4:3a:72:56:08:bd:e5:80:6c:36:d7:23:df:
4d:7b:ab:8b:e8:10:26:fe:7e:2d:96:cd:c7:65:f1:47:b3:3d:
31:72:8e:31:5a:a1:28:63:fe:9a:28:76:97:b0:c2:76:f8:22:
67:1c:be:03:04:08:86:bd:63:a6:9c:b2:52:19:b5:14:e3:75:
fb:11:e9:44:e5:58:54:68:37:96:dc:0f:78:29:d3:a8:be:16:
27:5e:42:2a:d1:f2:da:0f:d7:95:94:2e:c1:df:35:77:05:5b:
b1:de:2f:d6:3f:80:7b:a5:ce:0f:f8:4f:89:e4:51:34:05:45:
af:7a:05:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbuEDjaFdJbHOUSUWqyBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMGQ1YzI5YTM0Mzk3MDNkODliNWFiZjAzYTc1ZDg2MTc3
MWJlZjQwHhcNMjQwMTAxMTQzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmY4NjU3MWYyMTQ5MTJjZjczNTEyNDY4NjUyOWY5NTBjY2YwMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXubAJltpLXcL9EqXUPxIRp1Obvz
xkKvak51Y9Kwo20Qyri7oxza8XULYQbKoYjEGNmDa7cR9dM/LPmin+NPkYQbzC4B
1JghCWXU3EqDhO8+GU+gcG5RfAol/ovDN+A74HEKpNbLORvDSh/UKQnH7lNpm9B1
YM+SpDVpmI74pEcG/ujMtYe7qkyHGONaMrXHW9vbgT4TQulDaeOd8tbyHkWAlixp
RgzKBbZKyENuBRDI+Zy5MBuPGRTTxa+vzHnEC4OTsHV3AZqChD5lpDzrK5p/CDFs
BqC0NzIYMgJz357AIAR5dolL0nQsaJIoAhqc505egATFMJDQeVMwkZd5nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/4ZXHyFJEs9zUSRoZSn5UMzwI2MB8GA1UdIwQY
MBaAFOENXCmjQ5cD2JtavwOnXYYXcb70MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWIt
ZTQyYTU4MDY0YTYzLzEvN19obGNmSVVrU3ozTlJKR2hsS2ZsUXpQQWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWItZTQyYTU4MDY0YTYz
LzEvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX0bTMA0G
CSqGSIb3DQEBCwUAA4IBAQAjl9rj+uBd8cGFpu7v7dA2E9YhL9iZTf1mophMiWdp
R/tGsyoI36bDuC0myDB4v2s2vEptbqEpmOc4WqbCHa4dDAy/LF6lF692n44mFzQe
J6BDdyKtADIJxgtkUxygtZodlooxWeiK/DAJQjDD8a88ixTopDQ2297Cjxfj4wn0
Y20v0eQ6clYIveWAbDbXI99Ne6uL6BAm/n4tls3HZfFHsz0xco4xWqEoY/6aKHaX
sMJ2+CJnHL4DBAiGvWOmnLJSGbUU43X7EelE5VhUaDeW3A94KdOovhYnXkIq0fLa
D9eVlC7B3zV3BVux3i/WP4B7pc4P+E+J5FE0BUWvegW5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:44 2025 by rpki-client