Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/oRBn3lxlZ_882m0B4IwjSsKofKw.roa
File: oRBn3lxlZ_882m0B4IwjSsKofKw.roa (raw, json)
Hash identifier: SyORTlRn6PZnNxtDajquLqKJeXDtfyB4Imh+N+2N6os=
Subject key identifier: A1:10:67:DE:5C:65:67:FF:3C:DA:6D:01:E0:8C:23:4A:C2:A8:7C:AC
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 018B9B33F8470719672ADF931674FD1DE6EE
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/oRBn3lxlZ_882m0B4IwjSsKofKw.roa
Signing time: Sat 04 Nov 2023 16:39:16 +0000
ROA not before: Sat 04 Nov 2023 16:39:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 95.214.172.0/24 maxlen: 24
95.214.181.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9b:33:f8:47:07:19:67:2a:df:93:16:74:fd:1d:e6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Nov 4 16:39:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a11067de5c6567ff3cda6d01e08c234ac2a87cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:47:b1:ce:da:f6:f6:2e:48:88:7a:ae:c5:d5:
bd:82:d8:bc:36:5d:bc:3f:fe:f0:c8:57:4d:5b:7c:
34:02:1b:ca:27:c4:cb:60:dd:b0:2a:38:c9:62:ba:
a4:cf:af:65:54:9c:a0:50:57:4c:8c:51:86:2e:18:
cf:86:98:ca:6a:34:d9:8e:b2:6c:db:da:63:b6:d8:
99:93:d4:35:7a:83:50:8d:d0:75:a4:52:67:be:f2:
d1:58:4c:8b:98:0a:92:f3:46:5b:77:72:e3:e0:b4:
da:2d:04:0e:63:a9:b2:59:17:0a:f8:34:60:e3:6b:
08:83:a1:09:d3:2a:7d:8f:23:bd:31:a1:60:0f:e9:
4d:24:f0:15:63:aa:f9:a0:8d:92:ab:5b:6f:f0:a2:
f6:e7:3b:e4:c8:17:3c:00:0a:8b:59:b6:af:96:91:
10:87:fb:00:65:00:3d:b9:42:0e:ac:fd:8d:2e:8e:
f8:65:08:cc:a4:c2:d7:9c:53:c0:6f:56:7d:1f:f5:
45:10:77:5b:13:e4:f6:dc:6b:ab:df:0c:8c:4f:29:
e2:ff:4e:a3:04:ad:38:b4:03:87:62:b2:5a:83:d3:
17:2c:c2:41:70:7c:ea:fa:1d:9f:93:ca:90:47:b7:
d0:b6:e2:15:54:79:d2:cb:ea:19:b7:90:3d:df:ea:
eb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:10:67:DE:5C:65:67:FF:3C:DA:6D:01:E0:8C:23:4A:C2:A8:7C:AC
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/oRBn3lxlZ_882m0B4IwjSsKofKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.172.0/24
95.214.181.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:51:d0:8a:82:bb:ca:98:bf:fb:47:33:e3:67:44:31:8e:b8:
04:d5:a4:b5:f8:a1:bd:5f:90:21:78:42:38:6d:c7:4c:9c:2b:
cb:35:62:66:4d:5b:20:91:d8:dc:c6:99:b4:11:79:5c:56:c4:
94:e2:22:ae:d8:b5:b2:ce:ef:6b:6f:86:ce:02:17:28:34:44:
e0:ac:7b:5c:db:0a:1c:44:91:73:42:58:30:0e:6a:72:52:50:
78:69:4e:38:e4:e3:14:ab:64:02:20:92:e6:2d:94:a8:09:85:
59:fc:eb:44:09:01:89:08:96:3e:c0:08:43:95:69:09:e4:84:
bf:af:8a:5a:bf:bc:9c:48:a9:42:98:a3:f0:aa:8d:48:3d:09:
b4:1e:20:c5:ae:37:19:3f:cf:a3:ea:c6:94:ef:f5:4f:b0:2f:
28:9e:4f:0e:5d:9c:fa:0f:71:2f:90:9d:fc:34:89:77:0a:2a:
f8:9e:06:74:d4:83:ad:8e:d6:d9:72:ae:8e:52:3d:d3:a1:fe:
a2:f5:2c:b0:ec:9e:15:de:ac:29:ba:d5:19:b6:bc:b3:de:e2:
bf:ed:bb:88:e1:be:d1:35:82:42:43:fd:96:bf:5a:d9:62:9d:
23:19:7e:d7:64:13:15:10:72:20:b5:81:2d:89:c2:40:0c:28:
35:99:66:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYubM/hHBxlnKt+TFnT9HebuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMxMTA0MTYzOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTEwNjdkZTVjNjU2N2ZmM2NkYTZkMDFlMDhjMjM0YWMyYTg3Y2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0exztr29i5IiHquxdW9gti8Nl28
P/7wyFdNW3w0AhvKJ8TLYN2wKjjJYrqkz69lVJygUFdMjFGGLhjPhpjKajTZjrJs
29pjttiZk9Q1eoNQjdB1pFJnvvLRWEyLmAqS80Zbd3Lj4LTaLQQOY6myWRcK+DRg
42sIg6EJ0yp9jyO9MaFgD+lNJPAVY6r5oI2Sq1tv8KL25zvkyBc8AAqLWbavlpEQ
h/sAZQA9uUIOrP2NLo74ZQjMpMLXnFPAb1Z9H/VFEHdbE+T23Gur3wyMTyni/06j
BK04tAOHYrJag9MXLMJBcHzq+h2fk8qQR7fQtuIVVHnSy+oZt5A93+rreQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKEQZ95cZWf/PNptAeCMI0rCqHysMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvb1JCbjNseGxaXzg4Mm0wQjRJd2pTc0tvZkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9asAwQA
X9a1MA0GCSqGSIb3DQEBCwUAA4IBAQC0UdCKgrvKmL/7RzPjZ0QxjrgE1aS1+KG9
X5AheEI4bcdMnCvLNWJmTVsgkdjcxpm0EXlcVsSU4iKu2LWyzu9rb4bOAhcoNETg
rHtc2wocRJFzQlgwDmpyUlB4aU445OMUq2QCIJLmLZSoCYVZ/OtECQGJCJY+wAhD
lWkJ5IS/r4pav7ycSKlCmKPwqo1IPQm0HiDFrjcZP8+j6saU7/VPsC8onk8OXZz6
D3EvkJ38NIl3Cir4ngZ01IOtjtbZcq6OUj3Tof6i9Syw7J4V3qwputUZtryz3uK/
7buI4b7RNYJCQ/2Wv1rZYp0jGX7XZBMVEHIgtYEticJADCg1mWYi
-----END CERTIFICATE-----
Generated at Sun Nov 5 18:12:15 2023 by rpki-client on console-ams.rpki-client.org