Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/yaJY5NJNMIZrq_OBwo44Hinx3BQ.roa
File: yaJY5NJNMIZrq_OBwo44Hinx3BQ.roa (raw, json)
Hash identifier: WzKMDt1/G8omZCOo2Ww6S1DO0NMqz5WIrAL/G3PvCAk=
Subject key identifier: C9:A2:58:E4:D2:4D:30:86:6B:AB:F3:81:C2:8E:38:1E:29:F1:DC:14
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 01922BD76396C3CDDE4A9A7AAF45D16AF14F
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/yaJY5NJNMIZrq_OBwo44Hinx3BQ.roa
Signing time: Thu 26 Sep 2024 00:59:48 +0000
ROA not before: Thu 26 Sep 2024 00:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 95.214.173.0/24 maxlen: 24
193.239.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 17:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2b:d7:63:96:c3:cd:de:4a:9a:7a:af:45:d1:6a:f1:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Sep 26 00:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9a258e4d24d30866babf381c28e381e29f1dc14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:15:11:8b:e3:ba:cb:d7:0b:78:4e:0a:b1:0d:
08:1d:13:58:8e:b7:b6:4e:21:9f:9b:46:b3:10:e5:
52:bc:75:f0:4e:f8:a7:9d:a1:3f:8a:97:4c:ad:84:
86:1e:75:27:ca:73:aa:a6:f0:f9:ef:6a:04:f7:ee:
30:30:40:68:bb:1f:9e:6b:f9:7e:52:2f:38:87:af:
43:9a:65:72:4f:17:d5:15:73:c0:60:12:09:7f:c1:
95:94:a6:6a:d7:d7:d1:de:87:ed:5c:91:0a:6e:77:
68:8f:3b:ee:c5:e0:6b:3d:0f:5b:1d:33:09:43:28:
dc:54:90:e4:2e:c3:d8:22:3f:c5:94:38:7b:0f:5a:
f1:a2:3c:90:0a:c1:aa:77:ff:d6:bc:47:eb:b9:a5:
28:7c:58:0c:76:8e:58:4d:69:a5:a3:cc:71:30:c2:
eb:07:08:fe:fd:13:ab:f0:b7:11:64:99:a6:57:cb:
c5:01:cf:d6:a1:69:c5:b4:3f:59:b2:29:64:8b:d7:
aa:66:b1:d9:8a:68:9f:1a:29:a4:48:9e:de:7d:e7:
70:21:99:b9:3a:f5:74:ea:a0:fc:96:85:09:5a:7d:
6a:ba:8c:72:04:38:0f:cc:09:bb:08:af:39:45:d8:
30:09:aa:f4:13:5c:bf:61:8c:5b:f4:c6:8a:97:cc:
d5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A2:58:E4:D2:4D:30:86:6B:AB:F3:81:C2:8E:38:1E:29:F1:DC:14
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/yaJY5NJNMIZrq_OBwo44Hinx3BQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.173.0/24
193.239.237.0/24
Signature Algorithm: sha256WithRSAEncryption
75:bc:84:d3:17:f8:33:d7:c6:4b:d7:9b:d8:9c:c3:a9:8b:f6:
f0:b2:81:fc:49:b7:1f:cc:36:73:d0:dc:ba:98:7d:78:05:1c:
a9:5f:4e:56:3e:ff:db:2c:05:62:82:5a:24:9c:04:18:37:11:
5f:17:08:1c:12:86:68:8c:94:3c:9d:77:1b:d5:80:c4:0b:ed:
a9:d7:a9:12:63:54:43:c9:b5:e1:bf:89:56:b7:4c:79:c6:3e:
d8:08:7f:22:27:72:58:d8:73:5d:b0:21:4c:ed:18:e6:e4:2d:
5d:3e:40:c2:f3:09:04:54:67:97:5d:97:7e:06:67:02:9e:d0:
73:a2:ee:de:6b:14:f9:59:4f:32:e0:2f:94:a4:c4:5b:23:bb:
0d:78:63:1f:bf:5c:97:e9:33:9d:38:33:f2:e3:e2:40:6b:5b:
ef:aa:8a:46:38:41:7a:6e:61:0a:b2:66:e0:27:f5:8e:e0:e9:
d6:a3:de:5c:46:4f:19:02:10:ba:a1:ab:f6:8e:06:b3:d5:3b:
cf:ae:f8:50:fd:5d:c5:86:22:56:b1:c7:63:27:6d:a6:9b:b1:
d8:26:07:b4:c3:64:a5:a0:de:6f:6d:c5:10:48:0a:4f:da:28:
85:d9:68:f9:4f:2a:2e:13:a4:4e:df:9b:09:75:e5:f8:91:98:
d4:e8:f1:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIr12OWw83eSpp6r0XRavFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjQwOTI2MDA1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWEyNThlNGQyNGQzMDg2NmJhYmYzODFjMjhlMzgxZTI5ZjFkYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBURi+O6y9cLeE4KsQ0IHRNYjre2
TiGfm0azEOVSvHXwTvinnaE/ipdMrYSGHnUnynOqpvD572oE9+4wMEBoux+ea/l+
Ui84h69DmmVyTxfVFXPAYBIJf8GVlKZq19fR3oftXJEKbndojzvuxeBrPQ9bHTMJ
QyjcVJDkLsPYIj/FlDh7D1rxojyQCsGqd//WvEfruaUofFgMdo5YTWmlo8xxMMLr
Bwj+/ROr8LcRZJmmV8vFAc/WoWnFtD9Zsilki9eqZrHZimifGimkSJ7efedwIZm5
OvV06qD8loUJWn1quoxyBDgPzAm7CK85RdgwCar0E1y/YYxb9MaKl8zVMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmiWOTSTTCGa6vzgcKOOB4p8dwUMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEveWFKWTVOSk5NSVpycV9PQndvNDRIaW54M0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9atAwQA
we/tMA0GCSqGSIb3DQEBCwUAA4IBAQB1vITTF/gz18ZL15vYnMOpi/bwsoH8Sbcf
zDZz0Ny6mH14BRypX05WPv/bLAVigloknAQYNxFfFwgcEoZojJQ8nXcb1YDEC+2p
16kSY1RDybXhv4lWt0x5xj7YCH8iJ3JY2HNdsCFM7Rjm5C1dPkDC8wkEVGeXXZd+
BmcCntBzou7eaxT5WU8y4C+UpMRbI7sNeGMfv1yX6TOdODPy4+JAa1vvqopGOEF6
bmEKsmbgJ/WO4OnWo95cRk8ZAhC6oav2jgaz1TvPrvhQ/V3FhiJWscdjJ22mm7HY
Jge0w2SloN5vbcUQSApP2iiF2Wj5TyouE6RO35sJdeX4kZjU6PFA
-----END CERTIFICATE-----
Generated at Mon Sep 30 19:44:48 2024 by rpki-client on console-fra.rpki-client.org