Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/5ollpC6cgd8sRmIPnefhzx4gI9s.roa
File: 5ollpC6cgd8sRmIPnefhzx4gI9s.roa (raw, json)
Hash identifier: 2NGQonT4Pukvx5Qy7ADCsTuAjDhzNWiOwykvkgvqfJM=
Subject key identifier: E6:89:65:A4:2E:9C:81:DF:2C:46:62:0F:9D:E7:E1:CF:1E:20:23:DB
Certificate issuer: /CN=432fe70f4cef10376836152f38e4e08532cc7b9f
Certificate serial: 018F5E17EAB300272ED598992227022E0664
Authority key identifier: 43:2F:E7:0F:4C:EF:10:37:68:36:15:2F:38:E4:E0:85:32:CC:7B:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy_nD0zvEDdoNhUvOOTghTLMe58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/5ollpC6cgd8sRmIPnefhzx4gI9s.roa
Signing time: Thu 09 May 2024 16:02:56 +0000
ROA not before: Thu 09 May 2024 16:02:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29399
IP address blocks: 185.95.168.0/22 maxlen: 22
185.95.168.0/24 maxlen: 24
185.95.169.0/24 maxlen: 24
185.95.170.0/24 maxlen: 24
185.95.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 09:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5e:17:ea:b3:00:27:2e:d5:98:99:22:27:02:2e:06:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432fe70f4cef10376836152f38e4e08532cc7b9f
Validity
Not Before: May 9 16:02:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e68965a42e9c81df2c46620f9de7e1cf1e2023db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:23:2b:b3:95:2b:4b:50:19:f5:58:ae:47:bc:
0a:84:28:e3:58:e6:ed:0c:09:a1:8e:54:a7:3f:d7:
b8:fd:83:2c:18:95:b5:cd:28:e5:be:6f:c8:1e:79:
f0:b5:72:a3:41:26:25:92:86:17:46:24:33:fe:7b:
62:fc:00:51:78:c5:7b:71:d0:7a:b1:4a:a9:29:26:
41:7c:0e:b1:e9:d4:59:98:a4:cd:77:d6:ae:52:d0:
47:28:0d:ea:e1:cb:db:f6:72:e4:b0:65:da:4a:d8:
55:e2:ac:1e:d4:6c:6d:0d:a5:b6:a0:79:c4:4e:6b:
b8:46:77:da:b6:7f:a0:05:01:28:b3:1c:00:65:46:
2b:ed:06:a9:de:ec:0d:dd:4c:dc:3e:53:a0:2a:85:
8f:e2:54:6c:a6:d9:a5:b7:2c:0a:b3:0b:29:fb:e9:
c9:95:4c:c2:de:a5:0c:ee:77:6c:d9:b9:ec:0a:f0:
8b:4d:b7:3a:4b:7a:8e:cc:cc:b3:b0:3e:ca:c2:fd:
7e:a4:6e:d8:14:d8:c3:9c:78:da:07:1e:2c:26:50:
7f:e6:99:9f:bf:f0:ca:16:a8:f8:2b:0c:fd:25:4b:
2d:ec:b9:ad:4c:1e:96:3f:87:7a:ae:31:1c:21:f4:
2b:3b:c7:a9:3c:98:c4:16:6c:48:2e:6c:7f:eb:3d:
6f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:89:65:A4:2E:9C:81:DF:2C:46:62:0F:9D:E7:E1:CF:1E:20:23:DB
X509v3 Authority Key Identifier:
keyid:43:2F:E7:0F:4C:EF:10:37:68:36:15:2F:38:E4:E0:85:32:CC:7B:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy_nD0zvEDdoNhUvOOTghTLMe58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/5ollpC6cgd8sRmIPnefhzx4gI9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/Qy_nD0zvEDdoNhUvOOTghTLMe58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.168.0/22
Signature Algorithm: sha256WithRSAEncryption
01:5f:61:f5:c8:2e:1e:46:e2:59:6f:6d:09:ad:9a:c7:6b:8b:
7a:ad:aa:87:fe:bd:1c:1e:54:5d:98:9a:66:0f:cf:c4:ff:1a:
71:5c:00:f0:46:c0:39:88:33:79:0f:cf:2c:6a:d4:21:5b:e1:
5f:d0:86:f9:78:b8:c9:ea:6f:0a:ce:41:44:97:ab:f2:9a:ae:
3f:9f:a0:ee:cd:cc:79:e2:90:dc:6f:09:2b:b1:d8:09:b9:8d:
76:e2:4d:5a:3e:20:ac:9f:b3:61:55:b3:5f:d2:38:fb:02:08:
e1:0a:2b:e5:71:30:78:d3:5a:5f:2b:e6:d7:c8:fc:1e:4b:fc:
78:4e:c4:3b:d5:65:dd:d0:79:9d:a7:ee:ac:1e:ee:97:9b:c8:
4e:8f:75:77:8a:a1:64:e7:0c:fd:ea:a4:34:b1:32:4b:c8:b1:
78:77:da:18:a1:1f:cf:08:e4:09:de:e7:2f:a8:98:39:d2:ac:
0a:09:ac:ae:b3:cc:17:8a:19:33:47:b2:b3:97:89:ec:4c:a4:
2c:65:d4:96:a0:07:12:9d:8d:8e:17:00:53:65:d5:49:51:a1:
78:48:c3:ba:42:73:10:bc:b2:01:ca:40:7c:d2:8a:b6:ae:de:
57:e7:42:3d:ad:24:ac:24:4f:de:07:06:60:39:8e:07:4c:10:
dc:ec:b0:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9eF+qzACcu1ZiZIicCLgZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmZlNzBmNGNlZjEwMzc2ODM2MTUyZjM4ZTRlMDg1MzJj
YzdiOWYwHhcNMjQwNTA5MTYwMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjg5NjVhNDJlOWM4MWRmMmM0NjYyMGY5ZGU3ZTFjZjFlMjAyM2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyMrs5UrS1AZ9ViuR7wKhCjjWObt
DAmhjlSnP9e4/YMsGJW1zSjlvm/IHnnwtXKjQSYlkoYXRiQz/nti/ABReMV7cdB6
sUqpKSZBfA6x6dRZmKTNd9auUtBHKA3q4cvb9nLksGXaSthV4qwe1GxtDaW2oHnE
Tmu4Rnfatn+gBQEosxwAZUYr7Qap3uwN3UzcPlOgKoWP4lRsptmltywKswsp++nJ
lUzC3qUM7nds2bnsCvCLTbc6S3qOzMyzsD7Kwv1+pG7YFNjDnHjaBx4sJlB/5pmf
v/DKFqj4Kwz9JUst7LmtTB6WP4d6rjEcIfQrO8epPJjEFmxILmx/6z1vNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOaJZaQunIHfLEZiD53n4c8eICPbMB8GA1UdIwQY
MBaAFEMv5w9M7xA3aDYVLzjk4IUyzHufMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXlfbkQwenZFRGRvTmhVdk9PVGdoVExNZTU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zMDc2MDctNTcwNi00ZTQ0LWJiOGUt
MTg5ZDAwYTMzM2VlLzEvNW9sbHBDNmNnZDhzUm1JUG5lZmh6eDRnSTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zMDc2MDctNTcwNi00ZTQ0LWJiOGUtMTg5ZDAwYTMzM2Vl
LzEvUXlfbkQwenZFRGRvTmhVdk9PVGdoVExNZTU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV+oMA0G
CSqGSIb3DQEBCwUAA4IBAQABX2H1yC4eRuJZb20JrZrHa4t6raqH/r0cHlRdmJpm
D8/E/xpxXADwRsA5iDN5D88satQhW+Ff0Ib5eLjJ6m8KzkFEl6vymq4/n6Duzcx5
4pDcbwkrsdgJuY124k1aPiCsn7NhVbNf0jj7AgjhCivlcTB401pfK+bXyPweS/x4
TsQ71WXd0Hmdp+6sHu6Xm8hOj3V3iqFk5wz96qQ0sTJLyLF4d9oYoR/PCOQJ3ucv
qJg50qwKCayus8wXihkzR7Kzl4nsTKQsZdSWoAcSnY2OFwBTZdVJUaF4SMO6QnMQ
vLIBykB80oq2rt5X50I9rSSsJE/eBwZgOY4HTBDc7LCk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org