Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/yVC79uAzXnHgqrJCXrV9e2psxOo.roa
File: yVC79uAzXnHgqrJCXrV9e2psxOo.roa (raw, json)
Hash identifier: zcIYvPudx7oyPxNLLU/UkI4hYU6c+7J++vcCFwA1rS0=
Subject key identifier: C9:50:BB:F6:E0:33:5E:71:E0:AA:B2:42:5E:B5:7D:7B:6A:6C:C4:EA
Certificate issuer: /CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Certificate serial: 018BC875ADD668AE9A00329C33E7B757A4AD
Authority key identifier: 99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/yVC79uAzXnHgqrJCXrV9e2psxOo.roa
Signing time: Mon 13 Nov 2023 11:33:57 +0000
ROA not before: Mon 13 Nov 2023 11:33:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210732
IP address blocks: 45.95.114.0/24 maxlen: 24
45.158.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Dec 2023 10:57:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:75:ad:d6:68:ae:9a:00:32:9c:33:e7:b7:57:a4:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Validity
Not Before: Nov 13 11:33:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c950bbf6e0335e71e0aab2425eb57d7b6a6cc4ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:20:a8:8f:f5:8f:72:87:41:33:d7:80:cb:60:
03:64:76:8d:41:0f:0c:2c:53:4d:19:e0:08:84:20:
a2:52:ec:82:6a:4f:ba:96:ca:51:8c:74:c9:4f:14:
b0:53:34:f0:bb:37:07:51:cb:a3:bd:ea:70:51:87:
e2:ed:99:90:82:bf:81:89:87:f8:69:f5:46:22:6a:
66:84:88:79:95:ad:d4:a0:6a:e8:3c:f5:a9:78:b8:
99:c0:5c:6a:cb:82:43:a9:a0:3d:9c:59:67:04:6f:
f1:14:17:aa:81:dc:2e:50:73:6e:20:a8:84:63:6e:
af:63:3e:91:4d:c3:26:7d:86:2e:76:62:6c:59:4d:
c9:7c:86:44:79:bb:61:c5:15:e5:ad:57:cc:f5:34:
78:40:92:ac:13:e4:91:e1:9c:09:c4:e6:3c:65:02:
ea:db:a1:f7:67:91:00:ce:7b:b4:6d:fd:2b:dc:d4:
e7:52:eb:b4:2b:d4:70:c6:6d:0b:c9:43:29:f3:ec:
83:d8:a1:3d:49:81:15:e0:93:f0:b0:92:12:c8:02:
93:35:7a:d8:7c:7a:62:d4:08:c0:45:29:c1:77:40:
31:12:00:d1:59:e4:be:e4:8b:d9:84:cc:44:39:86:
15:7b:de:a9:d8:09:e5:71:96:a2:b9:1c:43:bf:2e:
33:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:50:BB:F6:E0:33:5E:71:E0:AA:B2:42:5E:B5:7D:7B:6A:6C:C4:EA
X509v3 Authority Key Identifier:
keyid:99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/yVC79uAzXnHgqrJCXrV9e2psxOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.114.0/24
45.158.76.0/24
Signature Algorithm: sha256WithRSAEncryption
11:7a:12:95:d6:22:a3:f4:88:72:29:a4:7b:0e:3b:d0:b0:8d:
67:f9:16:04:7f:50:91:4f:5d:53:7d:22:41:0e:9a:89:ee:f2:
49:aa:de:d7:64:0d:d9:1e:5d:be:6a:0e:49:f2:99:0c:38:43:
b9:58:6b:f8:25:67:60:1b:d0:cb:c5:a6:a0:33:2d:87:e6:f0:
2a:5a:10:78:8c:09:5b:19:df:d0:a4:0b:18:c7:c5:b5:e3:7c:
e0:59:13:80:77:5b:46:83:69:ff:04:a7:33:6d:58:b7:54:dc:
83:8c:34:c5:f0:31:be:fc:57:d8:83:71:8f:49:b1:51:e5:54:
08:72:68:d4:94:78:25:6b:6b:94:af:91:1e:7a:60:d7:29:eb:
10:4c:ea:81:05:85:49:07:08:4f:b0:a0:15:c2:30:a6:a5:3d:
61:f4:02:a7:84:49:99:3d:12:04:49:54:fc:93:e8:78:23:97:
ed:a2:e4:04:d6:e9:41:16:7b:18:33:cd:97:ac:91:7c:79:e3:
b9:9f:c0:12:12:48:c9:ab:dc:33:36:3b:11:e6:d1:ad:ef:69:
9a:bd:da:c8:88:1a:bd:85:bb:2c:49:be:75:8b:d6:32:38:d0:
b1:d5:0d:c9:e4:76:2c:ce:c1:ae:33:a8:44:5b:30:8e:46:0f:
88:3c:7c:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvIda3WaK6aADKcM+e3V6StMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmVlN2NiZDhlNzhkMWYxNGE0NTNhMDRiOTE2ZjdjMTU4
MWQyMDQwHhcNMjMxMTEzMTEzMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTUwYmJmNmUwMzM1ZTcxZTBhYWIyNDI1ZWI1N2Q3YjZhNmNjNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCCoj/WPcodBM9eAy2ADZHaNQQ8M
LFNNGeAIhCCiUuyCak+6lspRjHTJTxSwUzTwuzcHUcujvepwUYfi7ZmQgr+BiYf4
afVGImpmhIh5la3UoGroPPWpeLiZwFxqy4JDqaA9nFlnBG/xFBeqgdwuUHNuIKiE
Y26vYz6RTcMmfYYudmJsWU3JfIZEebthxRXlrVfM9TR4QJKsE+SR4ZwJxOY8ZQLq
26H3Z5EAznu0bf0r3NTnUuu0K9Rwxm0LyUMp8+yD2KE9SYEV4JPwsJISyAKTNXrY
fHpi1AjARSnBd0AxEgDRWeS+5IvZhMxEOYYVe96p2AnlcZaiuRxDvy4zQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMlQu/bgM15x4KqyQl61fXtqbMTqMB8GA1UdIwQY
MBaAFJn+58vY540fFKRToEuRb3wVgdIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTct
MWMyMmVmZjcyODE4LzEveVZDNzl1QXpYbkhncXJKQ1hyVjllMnBzeE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTctMWMyMmVmZjcyODE4
LzEvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV9yAwQA
LZ5MMA0GCSqGSIb3DQEBCwUAA4IBAQARehKV1iKj9IhyKaR7DjvQsI1n+RYEf1CR
T11TfSJBDpqJ7vJJqt7XZA3ZHl2+ag5J8pkMOEO5WGv4JWdgG9DLxaagMy2H5vAq
WhB4jAlbGd/QpAsYx8W143zgWROAd1tGg2n/BKczbVi3VNyDjDTF8DG+/FfYg3GP
SbFR5VQIcmjUlHgla2uUr5EeemDXKesQTOqBBYVJBwhPsKAVwjCmpT1h9AKnhEmZ
PRIESVT8k+h4I5ftouQE1ulBFnsYM82XrJF8eeO5n8ASEkjJq9wzNjsR5tGt72ma
vdrIiBq9hbssSb51i9YyONCx1Q3J5HYszsGuM6hEWzCORg+IPHyT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org