Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/sJd5sAmCzNPE52uVIEn-NtYP47Q.roa
File: sJd5sAmCzNPE52uVIEn-NtYP47Q.roa (raw, json)
Hash identifier: ipmC4sU0eL1UegekV0AYtHiPZjJ57D+gmK0Y2liAEsU=
Subject key identifier: B0:97:79:B0:09:82:CC:D3:C4:E7:6B:95:20:49:FE:36:D6:0F:E3:B4
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 01896F56CEA4B3EB935130D5B92B2758CF8D
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/sJd5sAmCzNPE52uVIEn-NtYP47Q.roa
Signing time: Wed 19 Jul 2023 18:08:27 +0000
ROA not before: Wed 19 Jul 2023 18:08:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 95.214.174.0/24 maxlen: 24
95.214.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jul 2023 09:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6f:56:ce:a4:b3:eb:93:51:30:d5:b9:2b:27:58:cf:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Jul 19 18:08:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b09779b00982ccd3c4e76b952049fe36d60fe3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fc:ab:c5:3e:b1:25:dd:70:98:5f:e0:b3:bc:
91:04:86:4c:3f:db:c5:68:86:5f:a5:0e:55:cd:16:
37:6f:5e:89:c2:6a:ac:65:05:8f:6d:ab:7f:8a:84:
5e:98:9f:87:3e:00:a3:4b:ae:fd:d4:d0:2a:c6:6c:
a1:0a:d8:67:df:1c:61:50:9d:ac:81:73:44:01:66:
79:5b:1f:84:cc:0f:d1:87:11:04:d8:1c:76:d2:e6:
98:5a:4a:9a:85:f0:60:16:46:6c:34:2b:b5:06:0e:
ef:6b:15:31:37:b7:5f:71:d2:78:81:3a:87:8c:4a:
f7:59:37:6c:ed:45:99:d9:9f:cd:12:6a:59:e9:83:
9e:10:49:8b:2c:f4:92:49:1c:fc:ec:58:2d:a8:16:
9e:01:58:ca:0b:62:88:62:6e:e1:33:29:37:99:31:
78:03:cd:89:7c:d6:24:57:fc:02:0d:1f:8a:00:1b:
51:39:9e:ac:5b:f7:de:22:c9:99:3d:80:22:cc:87:
0e:d3:55:59:1e:73:e0:4f:01:bb:9f:46:61:e3:37:
5c:6c:49:bb:1b:b6:a2:c9:60:00:63:47:b7:a1:45:
6f:be:5b:bb:9c:7a:57:79:17:38:67:30:36:50:89:
bd:0e:51:2e:2a:0e:0c:c2:9c:ce:48:cc:68:0c:c1:
c5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:97:79:B0:09:82:CC:D3:C4:E7:6B:95:20:49:FE:36:D6:0F:E3:B4
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/sJd5sAmCzNPE52uVIEn-NtYP47Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.174.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:21:a8:e4:16:39:57:02:01:5e:03:af:82:71:4b:71:ca:55:
44:2d:3b:ef:c9:7f:1b:82:5f:77:17:c5:a9:e6:66:3b:b9:8b:
87:bb:7b:da:1d:2e:db:07:f9:2f:66:14:a6:34:9b:88:67:c9:
2a:fe:b6:4b:f0:e5:7b:a9:e1:57:78:fb:08:82:c3:7d:ba:5e:
50:ed:3f:ad:19:b9:bc:b4:5a:bd:a4:a7:a4:a7:72:57:82:af:
f4:d5:61:61:ca:e1:6c:60:aa:fb:68:30:99:93:13:18:01:f7:
75:9b:8d:a3:5f:4a:36:0b:8c:9f:30:d0:70:0a:80:9c:79:1c:
71:ca:82:c5:41:ba:a4:a8:df:b1:e2:ff:4a:a6:51:63:c9:ed:
91:e9:2b:e3:1f:c1:a7:39:93:1c:d0:0e:12:c7:7c:4b:86:de:
91:a6:71:27:06:06:07:a1:a3:17:a7:22:c9:1e:0c:6f:c6:7a:
c4:22:96:19:9e:37:42:90:d7:80:32:ad:f0:f3:f3:de:74:68:
30:53:2c:69:fb:17:0b:fb:97:df:66:38:f8:c9:fc:6f:b2:f1:
a4:22:ac:2d:b2:ef:fe:33:4e:d4:20:b9:eb:3b:19:52:fc:54:
3a:c0:e3:fd:af:59:6e:5a:89:bd:0d:ae:ee:8e:f8:02:3e:70:
79:02:2a:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlvVs6ks+uTUTDVuSsnWM+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMwNzE5MTgwODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk3NzliMDA5ODJjY2QzYzRlNzZiOTUyMDQ5ZmUzNmQ2MGZlM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPyrxT6xJd1wmF/gs7yRBIZMP9vF
aIZfpQ5VzRY3b16JwmqsZQWPbat/ioRemJ+HPgCjS6791NAqxmyhCthn3xxhUJ2s
gXNEAWZ5Wx+EzA/RhxEE2Bx20uaYWkqahfBgFkZsNCu1Bg7vaxUxN7dfcdJ4gTqH
jEr3WTds7UWZ2Z/NEmpZ6YOeEEmLLPSSSRz87FgtqBaeAVjKC2KIYm7hMyk3mTF4
A82JfNYkV/wCDR+KABtROZ6sW/feIsmZPYAizIcO01VZHnPgTwG7n0Zh4zdcbEm7
G7aiyWAAY0e3oUVvvlu7nHpXeRc4ZzA2UIm9DlEuKg4MwpzOSMxoDMHFnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLCXebAJgszTxOdrlSBJ/jbWD+O0MB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvc0pkNXNBbUN6TlBFNTJ1VklFbi1OdFlQNDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBX9auMA0G
CSqGSIb3DQEBCwUAA4IBAQCoIajkFjlXAgFeA6+CcUtxylVELTvvyX8bgl93F8Wp
5mY7uYuHu3vaHS7bB/kvZhSmNJuIZ8kq/rZL8OV7qeFXePsIgsN9ul5Q7T+tGbm8
tFq9pKekp3JXgq/01WFhyuFsYKr7aDCZkxMYAfd1m42jX0o2C4yfMNBwCoCceRxx
yoLFQbqkqN+x4v9KplFjye2R6SvjH8GnOZMc0A4Sx3xLht6RpnEnBgYHoaMXpyLJ
HgxvxnrEIpYZnjdCkNeAMq3w8/PedGgwUyxp+xcL+5ffZjj4yfxvsvGkIqwtsu/+
M07UILnrOxlS/FQ6wOP9r1luWom9Da7ujvgCPnB5Aioc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org