Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/3-Ha7thlVXn9A1a3DUUWrl125n0.roa
File: 3-Ha7thlVXn9A1a3DUUWrl125n0.roa (raw, json)
Hash identifier: jeIgG45GRtOhaqpxtUMMMgp4hdPl01WkmRS3BDY6uPc=
Subject key identifier: DF:E1:DA:EE:D8:65:55:79:FD:03:56:B7:0D:45:16:AE:5D:76:E6:7D
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 0186F045BB93FC071136C8F94AEC6ACFF2EC
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/3-Ha7thlVXn9A1a3DUUWrl125n0.roa
Signing time: Fri 17 Mar 2023 15:52:27 +0000
ROA not before: Fri 17 Mar 2023 15:52:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203758
IP address blocks: 95.214.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f0:45:bb:93:fc:07:11:36:c8:f9:4a:ec:6a:cf:f2:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Mar 17 15:52:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfe1daeed8655579fd0356b70d4516ae5d76e67d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:10:f4:0d:19:61:84:3d:75:c5:75:41:d7:a3:
db:7a:89:a3:3b:89:90:3d:b8:12:b2:1d:e2:41:6b:
3b:b4:23:88:93:dd:74:34:16:b2:22:d0:3f:a0:34:
94:4b:34:26:08:8e:01:ab:13:a8:b1:4d:f5:bc:8f:
3c:a6:70:e5:37:87:44:89:58:1e:5a:55:8a:91:cf:
e5:2b:41:41:96:f8:6d:1a:d9:fa:7f:ff:4f:94:9e:
9c:e9:15:1f:f4:a1:17:c5:5d:01:d3:55:5b:fc:6d:
ee:f6:16:21:1c:90:47:33:22:4a:3e:15:9b:87:5e:
3b:05:9f:04:74:c1:01:99:f7:42:e4:6b:bf:3c:ba:
b3:be:e3:fd:3b:5e:6a:44:a7:a0:65:55:2b:9d:b5:
79:b9:b8:b8:3d:91:37:e5:05:3c:e1:92:33:36:5c:
2f:cf:ad:0c:46:1c:36:38:e5:83:b6:34:72:69:46:
e1:8f:95:9b:87:51:7c:16:b5:73:d1:3d:eb:61:12:
7e:11:d9:67:fd:67:e7:01:62:ba:91:58:d0:17:ab:
c9:dd:90:92:05:e3:99:42:1c:c6:2e:90:ac:aa:ba:
f0:51:22:5f:05:62:1e:01:87:cd:28:b9:f2:7e:54:
5f:63:8e:9b:79:64:d7:a5:ca:35:9e:ec:d7:81:fa:
f5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E1:DA:EE:D8:65:55:79:FD:03:56:B7:0D:45:16:AE:5D:76:E6:7D
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/3-Ha7thlVXn9A1a3DUUWrl125n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.180.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:5d:64:dc:b6:87:fc:ba:f6:96:19:d0:bb:35:f7:df:ab:be:
a1:72:ff:d5:cd:74:8b:12:dc:c3:20:52:00:2b:ed:f2:c8:13:
af:cf:43:fa:4c:30:6f:f5:af:b5:fd:e0:3b:1c:43:07:ae:dc:
5e:28:e0:e7:92:39:e2:47:a3:44:73:45:3d:1f:2c:cc:14:01:
4b:e3:a0:c0:07:c8:45:21:8b:d6:0a:c4:1a:84:b3:b9:75:f9:
df:e6:2c:65:c8:15:71:4f:d5:fd:90:6b:84:ea:e7:5d:23:bf:
b2:30:06:6f:85:0e:41:e6:19:44:80:53:21:49:5d:4b:70:1d:
d0:c4:9e:61:a1:0a:c6:50:e2:27:98:54:3e:68:fe:23:72:2e:
4f:d5:23:bb:37:ce:33:33:38:71:4b:51:94:70:ca:dc:f6:d6:
3e:8b:05:3f:e7:57:b3:77:bf:f3:23:02:7a:d5:ab:6d:d6:e8:
a3:3a:42:5a:ec:1a:59:37:4d:eb:0e:af:1a:d5:0f:8b:d3:b3:
ea:02:18:67:c1:f8:46:0c:52:4c:b5:92:6e:42:a4:18:ff:d2:
5d:2d:82:b0:b4:24:7a:3d:f5:a2:33:79:81:23:d8:a6:67:b9:
82:d2:1e:bb:c1:72:33:0a:35:6d:a0:2a:a1:e3:0b:b5:87:fb:
cc:cc:ac:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbwRbuT/AcRNsj5Suxqz/LsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMwMzE3MTU1MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmUxZGFlZWQ4NjU1NTc5ZmQwMzU2YjcwZDQ1MTZhZTVkNzZlNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxD0DRlhhD11xXVB16PbeomjO4mQ
PbgSsh3iQWs7tCOIk910NBayItA/oDSUSzQmCI4BqxOosU31vI88pnDlN4dEiVge
WlWKkc/lK0FBlvhtGtn6f/9PlJ6c6RUf9KEXxV0B01Vb/G3u9hYhHJBHMyJKPhWb
h147BZ8EdMEBmfdC5Gu/PLqzvuP9O15qRKegZVUrnbV5ubi4PZE35QU84ZIzNlwv
z60MRhw2OOWDtjRyaUbhj5Wbh1F8FrVz0T3rYRJ+Edln/WfnAWK6kVjQF6vJ3ZCS
BeOZQhzGLpCsqrrwUSJfBWIeAYfNKLnyflRfY46beWTXpco1nuzXgfr1/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/h2u7YZVV5/QNWtw1FFq5dduZ9MB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvMy1IYTd0aGxWWG45QTFhM0RVVVdybDEyNW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9a0MA0G
CSqGSIb3DQEBCwUAA4IBAQArXWTctof8uvaWGdC7Nfffq76hcv/VzXSLEtzDIFIA
K+3yyBOvz0P6TDBv9a+1/eA7HEMHrtxeKODnkjniR6NEc0U9HyzMFAFL46DAB8hF
IYvWCsQahLO5dfnf5ixlyBVxT9X9kGuE6uddI7+yMAZvhQ5B5hlEgFMhSV1LcB3Q
xJ5hoQrGUOInmFQ+aP4jci5P1SO7N84zMzhxS1GUcMrc9tY+iwU/51ezd7/zIwJ6
1att1uijOkJa7BpZN03rDq8a1Q+L07PqAhhnwfhGDFJMtZJuQqQY/9JdLYKwtCR6
PfWiM3mBI9imZ7mC0h67wXIzCjVtoCqh4wu1h/vMzKxw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:46 2024 by rpki-client on console-fra.rpki-client.org