Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/xPIGMiV2okLp1GMGo2CjJaK8aHE.roa
File: xPIGMiV2okLp1GMGo2CjJaK8aHE.roa (raw, json)
Hash identifier: pmf/hAJy/HOUC2rn2+666TF2/HDevcnUllLIluZ52Pc=
Subject key identifier: C4:F2:06:32:25:76:A2:42:E9:D4:63:06:A3:60:A3:25:A2:BC:68:71
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 018CC8DE1586D3084B764349B3B774882667
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/xPIGMiV2okLp1GMGo2CjJaK8aHE.roa
Signing time: Tue 02 Jan 2024 06:30:46 +0000
ROA not before: Tue 02 Jan 2024 06:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 95.214.173.0/24 maxlen: 24
193.239.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 05:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:15:86:d3:08:4b:76:43:49:b3:b7:74:88:26:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Jan 2 06:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4f206322576a242e9d46306a360a325a2bc6871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a5:81:30:84:62:63:83:d3:36:d0:aa:73:b4:
ec:5a:46:9a:11:18:9d:f6:32:8c:b2:ff:70:08:05:
e0:d5:bc:de:77:99:86:43:1c:6c:e8:2b:b3:6b:2b:
c4:77:56:c5:a3:79:ba:c5:d0:6f:86:25:8e:07:4f:
f4:ce:f7:ec:f8:bc:02:fd:c4:e3:9f:be:e7:76:cc:
4f:1a:25:4d:25:e0:46:54:0d:18:44:42:63:22:26:
c1:61:a9:3d:b1:7b:01:df:6f:85:98:50:0c:0e:7a:
5f:02:34:2f:8a:b3:c0:c9:a7:d9:15:6a:ea:57:89:
32:dc:7e:27:2d:79:25:6a:b1:ce:69:fc:35:fa:23:
db:33:6c:04:7f:c3:f2:79:d7:f1:2c:93:86:25:7a:
22:77:0c:91:37:f6:46:7d:db:4c:03:15:e6:99:e8:
af:d5:23:1d:d0:0a:34:94:62:b8:54:cc:30:28:36:
2f:4f:6c:50:75:fa:4b:ab:8a:f4:c7:e6:1b:65:f9:
c7:05:00:71:ab:8f:cd:dd:e9:60:8f:bc:b0:6c:31:
04:5c:a0:d1:fe:99:a1:cb:a3:82:6f:6a:ae:f2:1f:
d0:79:94:03:4b:a8:ab:74:35:52:98:1d:17:d7:37:
06:ba:1e:95:43:70:0e:e4:ac:0d:68:92:87:63:d8:
94:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F2:06:32:25:76:A2:42:E9:D4:63:06:A3:60:A3:25:A2:BC:68:71
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/xPIGMiV2okLp1GMGo2CjJaK8aHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.173.0/24
193.239.196.0/24
Signature Algorithm: sha256WithRSAEncryption
30:23:70:f8:f0:2b:d5:4d:40:7c:c2:64:28:79:86:55:e9:60:
bc:79:ec:f5:2e:d3:69:12:19:51:55:ca:19:87:4a:57:a1:a0:
b4:f9:0c:86:70:5c:83:cc:d6:a1:b1:c5:d1:63:5d:5e:73:d6:
d1:d9:ca:47:ef:44:4d:b0:50:9c:bc:cd:0b:1a:f6:b4:2e:60:
2c:a3:72:e4:e9:f0:f8:7f:01:94:c5:2b:98:43:a6:38:d7:10:
1b:55:c3:b6:4a:75:52:a9:c8:0a:db:9d:5d:4c:a1:e3:30:9b:
22:7e:d0:e5:25:f5:0e:c2:61:00:c9:dc:2e:82:e8:4f:22:ea:
6b:57:b4:70:1d:35:24:4e:ed:ad:c6:b8:47:d8:ae:17:7c:21:
f4:7c:2a:8e:3c:e7:47:45:44:3b:be:97:6d:d2:0d:e9:ef:f5:
ab:3e:1b:42:5d:83:15:03:7d:8e:db:94:03:83:b4:cf:51:6b:
b8:75:e8:ec:ad:d1:2b:0f:da:49:5a:e5:52:97:81:39:ad:6e:
55:17:49:e3:8d:e6:05:cd:1b:a1:59:24:db:26:bf:f5:ce:fe:
40:c9:6c:24:23:f2:cb:86:20:3a:1a:c1:c4:83:7c:6f:56:aa:
2b:1e:12:9b:f2:36:11:99:5c:43:c5:94:6f:c2:a0:f2:95:d7:
c1:d5:f3:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3hWG0whLdkNJs7d0iCZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjQwMTAyMDYzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGYyMDYzMjI1NzZhMjQyZTlkNDYzMDZhMzYwYTMyNWEyYmM2ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qWBMIRiY4PTNtCqc7TsWkaaERid
9jKMsv9wCAXg1bzed5mGQxxs6CuzayvEd1bFo3m6xdBvhiWOB0/0zvfs+LwC/cTj
n77ndsxPGiVNJeBGVA0YREJjIibBYak9sXsB32+FmFAMDnpfAjQvirPAyafZFWrq
V4ky3H4nLXklarHOafw1+iPbM2wEf8PyedfxLJOGJXoidwyRN/ZGfdtMAxXmmeiv
1SMd0Ao0lGK4VMwwKDYvT2xQdfpLq4r0x+YbZfnHBQBxq4/N3elgj7ywbDEEXKDR
/pmhy6OCb2qu8h/QeZQDS6irdDVSmB0X1zcGuh6VQ3AO5KwNaJKHY9iUjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMTyBjIldqJC6dRjBqNgoyWivGhxMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEveFBJR01pVjJva0xwMUdNR28yQ2pKYUs4YUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9atAwQA
we/EMA0GCSqGSIb3DQEBCwUAA4IBAQAwI3D48CvVTUB8wmQoeYZV6WC8eez1LtNp
EhlRVcoZh0pXoaC0+QyGcFyDzNahscXRY11ec9bR2cpH70RNsFCcvM0LGva0LmAs
o3Lk6fD4fwGUxSuYQ6Y41xAbVcO2SnVSqcgK251dTKHjMJsiftDlJfUOwmEAydwu
guhPIuprV7RwHTUkTu2txrhH2K4XfCH0fCqOPOdHRUQ7vpdt0g3p7/WrPhtCXYMV
A32O25QDg7TPUWu4dejsrdErD9pJWuVSl4E5rW5VF0njjeYFzRuhWSTbJr/1zv5A
yWwkI/LLhiA6GsHEg3xvVqorHhKb8jYRmVxDxZRvwqDyldfB1fPK
-----END CERTIFICATE-----
Generated at Thu Jul 25 08:30:32 2024 by rpki-client on console-fra.rpki-client.org