Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/PACQlIfYyMnOkKydDs-OWcd3iYE.roa
File: PACQlIfYyMnOkKydDs-OWcd3iYE.roa (raw, json)
Hash identifier: nVE8dFR3jMKFgDMQoy+/d4r1r04dxH/YqEPVKrimQRg=
Subject key identifier: 3C:00:90:94:87:D8:C8:C9:CE:90:AC:9D:0E:CF:8E:59:C7:77:89:81
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 018BA08730149282D0DC64E85A116F12EFE6
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/PACQlIfYyMnOkKydDs-OWcd3iYE.roa
Signing time: Sun 05 Nov 2023 17:28:16 +0000
ROA not before: Sun 05 Nov 2023 17:28:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216414
IP address blocks: 95.214.181.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a0:87:30:14:92:82:d0:dc:64:e8:5a:11:6f:12:ef:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Nov 5 17:28:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c00909487d8c8c9ce90ac9d0ecf8e59c7778981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d2:af:ea:57:3a:f8:22:06:ab:77:c6:42:26:
c2:e3:9a:0f:5a:9d:f9:03:6c:1d:8d:a4:1c:74:2c:
af:96:d5:99:6e:83:12:39:35:f3:fb:52:33:35:0c:
d1:7e:8c:1a:6b:81:95:c2:01:0d:61:04:97:cd:47:
97:85:99:5c:dd:d7:41:be:bd:ef:1b:ac:b8:b5:8d:
0a:a9:a3:a6:f1:00:f9:82:83:ea:e4:de:d1:83:8b:
fb:80:50:4b:2e:d0:fb:c2:82:30:92:3a:a6:17:aa:
fc:89:ea:b3:52:70:fa:fb:7a:39:e7:ca:25:04:38:
32:1a:7a:f3:e9:a9:e4:9e:40:bd:01:b4:ab:df:48:
52:e3:9e:71:5b:69:20:82:20:5a:de:02:67:c3:93:
36:07:b6:f4:fc:5f:b6:e9:01:33:2d:b3:be:95:c1:
12:b9:04:e6:03:73:aa:9b:f6:78:79:e3:06:0c:62:
ae:18:07:ac:6c:86:76:9a:ba:55:2d:39:7b:2f:35:
86:7c:d7:52:a3:17:8e:0b:b5:4b:71:0e:70:2a:86:
14:04:cd:99:9f:b3:b0:4a:05:6d:5c:90:50:dd:d9:
50:d1:f9:57:ab:9f:2e:3e:31:fa:45:02:27:7f:61:
54:04:ef:87:ea:81:5a:4b:06:48:1b:4d:f1:50:16:
70:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:00:90:94:87:D8:C8:C9:CE:90:AC:9D:0E:CF:8E:59:C7:77:89:81
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/PACQlIfYyMnOkKydDs-OWcd3iYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.181.0/24
Signature Algorithm: sha256WithRSAEncryption
28:fd:f9:7a:d7:48:a0:20:f0:1e:ee:89:f4:86:e5:c4:f0:25:
61:bc:33:36:2f:2d:2d:96:40:3d:13:56:73:db:38:e3:55:9a:
d4:22:a0:87:32:cd:26:fb:1c:fa:71:68:5f:fe:16:53:f7:d1:
bf:07:eb:7f:7e:ab:07:02:f1:1c:8c:4c:a7:04:bc:9e:25:3b:
b7:2e:e8:2d:04:69:ff:f7:64:08:cc:90:b4:db:01:bf:d0:ae:
25:a8:82:54:a0:e6:a5:01:9e:54:30:80:96:7d:af:79:c7:11:
90:1e:06:e5:af:ff:ae:36:27:05:12:0c:cc:35:55:d5:f8:27:
81:e5:45:a3:3d:ef:5e:96:bb:86:9a:7d:83:48:a2:2a:25:53:
ed:47:91:bd:b8:17:23:70:f1:db:a9:b7:86:d2:e7:0c:c6:0a:
55:1c:b1:58:7d:09:b4:19:d3:7c:6c:29:0f:38:b7:2d:cc:b2:
3b:1b:12:c8:c4:9a:d4:06:ac:4e:70:80:72:03:7f:49:a2:21:
e5:15:e0:b4:1b:fe:a0:91:b3:96:e0:e3:f7:5a:b2:18:15:7d:
63:9f:58:c5:07:42:9a:89:59:2b:e9:73:ef:4b:74:5b:aa:71:
a4:b8:b0:73:8b:6f:c4:ee:6c:1b:19:ea:cf:78:32:ea:17:4b:
40:26:c4:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYughzAUkoLQ3GToWhFvEu/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMxMTA1MTcyODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzAwOTA5NDg3ZDhjOGM5Y2U5MGFjOWQwZWNmOGU1OWM3Nzc4OTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9Kv6lc6+CIGq3fGQibC45oPWp35
A2wdjaQcdCyvltWZboMSOTXz+1IzNQzRfowaa4GVwgENYQSXzUeXhZlc3ddBvr3v
G6y4tY0KqaOm8QD5goPq5N7Rg4v7gFBLLtD7woIwkjqmF6r8ieqzUnD6+3o558ol
BDgyGnrz6anknkC9AbSr30hS455xW2kggiBa3gJnw5M2B7b0/F+26QEzLbO+lcES
uQTmA3Oqm/Z4eeMGDGKuGAesbIZ2mrpVLTl7LzWGfNdSoxeOC7VLcQ5wKoYUBM2Z
n7OwSgVtXJBQ3dlQ0flXq58uPjH6RQInf2FUBO+H6oFaSwZIG03xUBZwCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwAkJSH2MjJzpCsnQ7PjlnHd4mBMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvUEFDUWxJZll5TW5Pa0t5ZERzLU9XY2QzaVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9a1MA0G
CSqGSIb3DQEBCwUAA4IBAQAo/fl610igIPAe7on0huXE8CVhvDM2Ly0tlkA9E1Zz
2zjjVZrUIqCHMs0m+xz6cWhf/hZT99G/B+t/fqsHAvEcjEynBLyeJTu3LugtBGn/
92QIzJC02wG/0K4lqIJUoOalAZ5UMICWfa95xxGQHgblr/+uNicFEgzMNVXV+CeB
5UWjPe9elruGmn2DSKIqJVPtR5G9uBcjcPHbqbeG0ucMxgpVHLFYfQm0GdN8bCkP
OLctzLI7GxLIxJrUBqxOcIByA39JoiHlFeC0G/6gkbOW4OP3WrIYFX1jn1jFB0Ka
iVkr6XPvS3RbqnGkuLBzi2/E7mwbGerPeDLqF0tAJsTr
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:03 2024 by rpki-client on console-fra.rpki-client.org