Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/oXpYgG0gJc_wKYANzT3gDkhEgMQ.roa
File: oXpYgG0gJc_wKYANzT3gDkhEgMQ.roa (raw, json)
Hash identifier: Bf2IgoDZRzApLWQRHCpw1WBXAUadFOnyMTrANcNdvNw=
Subject key identifier: A1:7A:58:80:6D:20:25:CF:F0:29:80:0D:CD:3D:E0:0E:48:44:80:C4
Certificate issuer: /CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Certificate serial: 0189AA89891D7415226C33DC97ACE41E79A3
Authority key identifier: E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/oXpYgG0gJc_wKYANzT3gDkhEgMQ.roa
Signing time: Mon 31 Jul 2023 06:01:27 +0000
ROA not before: Mon 31 Jul 2023 06:01:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3
IP address blocks: 95.70.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:aa:89:89:1d:74:15:22:6c:33:dc:97:ac:e4:1e:79:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Validity
Not Before: Jul 31 06:01:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a17a58806d2025cff029800dcd3de00e484480c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fb:8d:e8:b3:fc:22:77:b7:47:b8:86:d4:53:
ba:d7:f6:ab:f6:99:1e:d8:7b:bb:46:c6:4a:68:4f:
3f:9f:2e:80:fb:0c:23:63:af:6b:f0:39:39:ab:aa:
c0:4d:a5:64:3c:62:64:14:37:70:d4:1e:3f:8f:91:
97:45:f0:22:11:7d:ac:15:b7:0a:fc:9f:e0:5a:6e:
76:01:cc:22:b2:cc:e8:bb:90:bf:a4:55:f2:a3:92:
b5:60:b5:f8:ff:7b:d2:bd:bc:4b:bc:3b:f7:6c:4b:
8e:77:f2:56:b9:31:1c:0c:a5:d0:e9:27:38:e2:c5:
98:5e:6b:45:17:6f:45:ee:f9:d2:a0:ef:4b:4a:8b:
60:e0:af:84:67:81:18:09:06:04:cc:32:6e:0e:1c:
37:d3:c0:a9:ae:b9:d6:5b:37:3d:dd:ed:fa:00:c4:
79:c1:d6:fa:d4:12:b0:d5:1b:ab:bd:00:f9:2c:e3:
c5:da:bc:24:62:17:7d:75:f3:fc:b9:f0:df:c6:21:
88:7b:04:90:f0:85:a1:c9:90:87:a6:1f:81:a4:6c:
56:fe:13:8c:42:ac:47:36:bb:bc:6f:99:fd:f9:45:
84:78:1f:82:b4:ac:5a:1b:6b:47:5e:2a:72:4f:43:
26:0f:8f:de:96:e6:ac:80:9f:ef:2d:6c:6c:5e:7b:
de:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7A:58:80:6D:20:25:CF:F0:29:80:0D:CD:3D:E0:0E:48:44:80:C4
X509v3 Authority Key Identifier:
keyid:E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/oXpYgG0gJc_wKYANzT3gDkhEgMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.70.211.0/24
Signature Algorithm: sha256WithRSAEncryption
66:4e:e6:94:ee:3d:81:ba:e3:a3:f2:f8:ec:b5:ba:7b:ad:d9:
13:7a:34:19:2d:c7:a4:3a:fc:c3:d0:2b:a5:5b:e9:9b:d2:52:
2c:fc:74:42:23:7f:40:85:23:aa:30:8a:b4:6f:56:b4:5d:73:
28:8a:e5:a6:88:aa:7a:e0:32:a0:69:6a:a4:82:ca:a9:65:0d:
91:bc:58:d5:8f:2b:6d:e3:45:17:df:29:85:3c:17:0e:23:7b:
a1:aa:64:bd:95:cb:b5:33:24:13:c7:43:5c:24:87:ab:d7:49:
6c:9b:7d:8f:84:4c:f8:81:4b:0b:45:57:6c:4d:69:eb:80:de:
79:fe:ad:c8:2e:4f:a5:02:ed:e2:5b:73:a8:e2:0c:d7:7d:69:
94:09:08:e1:bf:29:d9:1c:f3:a8:41:44:99:3e:e8:d4:1f:1b:
e0:06:88:25:42:3b:91:24:5b:6d:16:39:45:70:cc:fb:c8:ac:
8e:3e:66:00:8c:ae:f0:bd:be:56:1f:06:90:6e:92:ae:95:cb:
e9:5f:28:e7:a7:7a:ae:2c:70:94:3b:e5:7a:09:68:9d:f9:8b:
14:3d:85:fa:7f:72:d8:4a:27:a1:bc:ca:c3:74:ef:b6:de:55:
60:c8:a1:68:d8:d7:bf:12:90:f4:23:27:d2:e7:66:96:53:f6:
f1:f8:de:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmqiYkddBUibDPcl6zkHnmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMGQ1YzI5YTM0Mzk3MDNkODliNWFiZjAzYTc1ZDg2MTc3
MWJlZjQwHhcNMjMwNzMxMDYwMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTdhNTg4MDZkMjAyNWNmZjAyOTgwMGRjZDNkZTAwZTQ4NDQ4MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/uN6LP8Ine3R7iG1FO61/ar9pke
2Hu7RsZKaE8/ny6A+wwjY69r8Dk5q6rATaVkPGJkFDdw1B4/j5GXRfAiEX2sFbcK
/J/gWm52Acwisszou5C/pFXyo5K1YLX4/3vSvbxLvDv3bEuOd/JWuTEcDKXQ6Sc4
4sWYXmtFF29F7vnSoO9LSotg4K+EZ4EYCQYEzDJuDhw308CprrnWWzc93e36AMR5
wdb61BKw1RurvQD5LOPF2rwkYhd9dfP8ufDfxiGIewSQ8IWhyZCHph+BpGxW/hOM
QqxHNru8b5n9+UWEeB+CtKxaG2tHXipyT0MmD4/eluasgJ/vLWxsXnvekQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKF6WIBtICXP8CmADc094A5IRIDEMB8GA1UdIwQY
MBaAFOENXCmjQ5cD2JtavwOnXYYXcb70MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWIt
ZTQyYTU4MDY0YTYzLzEvb1hwWWdHMGdKY193S1lBTnpUM2dEa2hFZ01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWItZTQyYTU4MDY0YTYz
LzEvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX0bTMA0G
CSqGSIb3DQEBCwUAA4IBAQBmTuaU7j2BuuOj8vjstbp7rdkTejQZLcekOvzD0Cul
W+mb0lIs/HRCI39AhSOqMIq0b1a0XXMoiuWmiKp64DKgaWqkgsqpZQ2RvFjVjytt
40UX3ymFPBcOI3uhqmS9lcu1MyQTx0NcJIer10lsm32PhEz4gUsLRVdsTWnrgN55
/q3ILk+lAu3iW3Oo4gzXfWmUCQjhvynZHPOoQUSZPujUHxvgBoglQjuRJFttFjlF
cMz7yKyOPmYAjK7wvb5WHwaQbpKulcvpXyjnp3quLHCUO+V6CWid+YsUPYX6f3LY
SiehvMrDdO+23lVgyKFo2Ne/EpD0IyfS52aWU/bx+N62
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:29 2024 by rpki-client on console-fra.rpki-client.org