Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/9fqxxzfT7xnlLKQkGMOh4sYXs6c.roa
File: 9fqxxzfT7xnlLKQkGMOh4sYXs6c.roa (raw, json)
Hash identifier: jpzZ57ZTqptFND0dLUND3ZT28y2mItoT9DbmISDM5Mw=
Subject key identifier: F5:FA:B1:C7:37:D3:EF:19:E5:2C:A4:24:18:C3:A1:E2:C6:17:B3:A7
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 018CC794926AA9D1B253F9417A8E883FE79D
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/9fqxxzfT7xnlLKQkGMOh4sYXs6c.roa
Signing time: Tue 02 Jan 2024 00:30:51 +0000
ROA not before: Tue 02 Jan 2024 00:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62372
IP address blocks: 95.87.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 07:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:92:6a:a9:d1:b2:53:f9:41:7a:8e:88:3f:e7:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Jan 2 00:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5fab1c737d3ef19e52ca42418c3a1e2c617b3a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6b:7e:b5:c8:e7:7b:e9:4a:0f:78:0f:53:81:
c6:10:35:27:b9:05:fa:81:13:bf:d3:f7:90:89:4d:
2e:02:26:6a:83:12:86:3b:1d:aa:d3:4b:6c:c1:50:
31:68:4a:2c:84:e6:06:4a:58:6d:71:99:5a:4b:9f:
93:74:31:19:c0:5a:94:9d:49:6f:26:bd:bb:5e:b8:
c0:5d:c4:7a:6e:4e:3d:1f:06:06:1a:7f:cb:46:79:
9f:17:a2:ba:36:a5:df:8e:d8:d8:3c:7b:b2:68:e5:
48:0c:cc:fa:6e:28:2d:14:47:93:62:5f:30:ea:f5:
e2:28:5e:15:d9:c4:6a:9a:52:0e:b8:53:27:7b:72:
22:35:37:70:b1:2c:6a:d5:89:af:17:5f:0e:f9:22:
df:78:1f:24:5a:da:b4:ce:58:42:32:9f:e8:72:b3:
83:6b:46:cc:24:f6:24:b7:99:7f:e5:ac:a0:67:5a:
4e:51:87:b9:61:e5:ed:59:98:5c:41:9b:08:52:02:
6c:92:b8:73:a5:5d:f8:f9:b8:06:c7:32:c5:6e:89:
71:81:b1:36:8f:89:32:32:66:3b:ff:f6:46:c5:82:
59:fd:23:3e:ba:86:90:b9:04:d2:23:17:05:72:16:
6e:3c:1a:f6:4b:f4:a6:01:54:79:6b:2d:80:9f:dd:
36:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:FA:B1:C7:37:D3:EF:19:E5:2C:A4:24:18:C3:A1:E2:C6:17:B3:A7
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/9fqxxzfT7xnlLKQkGMOh4sYXs6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.87.1.0/24
Signature Algorithm: sha256WithRSAEncryption
52:ce:f2:ce:78:f9:e8:32:d4:1d:58:82:f5:50:fd:06:95:28:
20:84:35:0c:6f:64:b0:a4:70:15:7c:7b:9d:e7:c3:5f:41:92:
55:9b:df:7e:bd:a7:e5:bd:a8:e8:c9:3a:73:b6:ec:4c:7f:f0:
21:23:ef:32:56:30:53:ad:b8:0f:7d:2d:cf:30:0e:b5:05:af:
03:53:ba:34:a6:34:ea:4a:8c:b3:05:11:40:2d:b4:61:85:99:
b0:0d:5a:e9:c8:25:52:c0:e5:89:1d:5e:e2:c2:66:4d:26:f2:
fc:b9:75:08:52:10:2d:76:f0:47:7c:34:16:8b:3e:93:c8:a9:
79:8a:18:72:05:93:22:ef:55:42:e1:fb:1f:b1:5c:03:6f:a3:
50:77:91:a9:dc:cf:07:71:59:d3:ca:5a:a6:b7:f2:20:b7:07:
9d:0c:e3:21:04:89:1e:dd:ad:60:6c:da:51:0c:cf:1a:d7:03:
3e:fd:74:d8:6f:a7:ca:32:88:9f:d3:2b:b4:a1:9a:d0:70:1b:
55:6e:7c:ed:6c:33:a2:75:6c:aa:5a:20:7e:93:4c:c9:9f:ce:
aa:41:91:45:0b:d3:5e:44:2a:0b:10:ff:16:92:f3:c4:6c:67:
ad:7c:c3:a9:63:92:7a:e0:03:71:6d:44:75:60:65:2d:50:d7:
5e:2a:eb:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlJJqqdGyU/lBeo6IP+edMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjQwMTAyMDAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWZhYjFjNzM3ZDNlZjE5ZTUyY2E0MjQxOGMzYTFlMmM2MTdiM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWt+tcjne+lKD3gPU4HGEDUnuQX6
gRO/0/eQiU0uAiZqgxKGOx2q00tswVAxaEoshOYGSlhtcZlaS5+TdDEZwFqUnUlv
Jr27XrjAXcR6bk49HwYGGn/LRnmfF6K6NqXfjtjYPHuyaOVIDMz6bigtFEeTYl8w
6vXiKF4V2cRqmlIOuFMne3IiNTdwsSxq1YmvF18O+SLfeB8kWtq0zlhCMp/ocrOD
a0bMJPYkt5l/5aygZ1pOUYe5YeXtWZhcQZsIUgJskrhzpV34+bgGxzLFbolxgbE2
j4kyMmY7//ZGxYJZ/SM+uoaQuQTSIxcFchZuPBr2S/SmAVR5ay2An902hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPX6scc30+8Z5SykJBjDoeLGF7OnMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvOWZxeHh6ZlQ3eG5sTEtRa0dNT2g0c1lYczZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX1cBMA0G
CSqGSIb3DQEBCwUAA4IBAQBSzvLOePnoMtQdWIL1UP0GlSgghDUMb2SwpHAVfHud
58NfQZJVm99+vaflvajoyTpztuxMf/AhI+8yVjBTrbgPfS3PMA61Ba8DU7o0pjTq
SoyzBRFALbRhhZmwDVrpyCVSwOWJHV7iwmZNJvL8uXUIUhAtdvBHfDQWiz6TyKl5
ihhyBZMi71VC4fsfsVwDb6NQd5Gp3M8HcVnTylqmt/IgtwedDOMhBIke3a1gbNpR
DM8a1wM+/XTYb6fKMoif0yu0oZrQcBtVbnztbDOidWyqWiB+k0zJn86qQZFFC9Ne
RCoLEP8WkvPEbGetfMOpY5J64ANxbUR1YGUtUNdeKuuq
-----END CERTIFICATE-----
Generated at Fri Sep 27 11:22:41 2024 by rpki-client on console-ams.rpki-client.org