Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/IE2Rvkfnu921A3vHFmm__cF1rOE.roa
File: IE2Rvkfnu921A3vHFmm__cF1rOE.roa (raw, json)
Hash identifier: qiZAmh+yILKYoWoazTG/8wbEmPLka0V8MicKpfEygy4=
Subject key identifier: 20:4D:91:BE:47:E7:BB:DD:B5:03:7B:C7:16:69:BF:FD:C1:75:AC:E1
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018B00BB1B3F7A2A020A390D34BD9ECA44E5
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/IE2Rvkfnu921A3vHFmm__cF1rOE.roa
Signing time: Thu 05 Oct 2023 16:45:44 +0000
ROA not before: Thu 05 Oct 2023 16:45:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6461
IP address blocks: 95.164.24.0/21 maxlen: 24
95.164.96.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:bb:1b:3f:7a:2a:02:0a:39:0d:34:bd:9e:ca:44:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Oct 5 16:45:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=204d91be47e7bbddb5037bc71669bffdc175ace1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:28:8b:97:c6:1d:c8:9e:9b:9e:eb:4e:dc:0a:
76:d1:34:59:50:df:6c:c2:4e:0a:16:8e:58:a9:0d:
52:33:c4:ef:f1:fc:8f:a9:f4:97:1e:77:b6:cf:d3:
e3:3b:8d:82:fa:91:5e:14:b9:eb:b2:e7:e0:36:62:
da:8f:13:96:5e:fb:62:ca:35:8a:78:f4:a3:a6:da:
5d:d1:b5:93:0a:eb:8c:73:42:8e:0b:7c:9c:35:4c:
6a:fb:fb:c4:1b:2f:38:9a:e4:bd:7a:26:0e:3c:01:
6c:96:d6:24:c3:63:d1:b5:7f:62:cb:76:63:3c:f1:
f2:00:9d:92:3b:c5:48:09:d1:3a:09:82:9e:9b:ad:
65:04:cc:88:1c:73:aa:c5:d1:10:91:5e:a2:83:82:
1d:f0:d4:4b:9b:4c:41:1c:3c:83:ed:d8:0f:ba:30:
92:00:ef:c4:c4:50:0d:9c:7a:0c:95:71:80:a6:7c:
83:c5:4b:25:60:54:81:32:dc:e5:bd:06:2f:0c:40:
54:91:68:5a:9a:18:e7:2b:ed:13:1b:77:a2:af:8f:
63:2c:df:a1:73:13:d7:03:b2:5b:b2:89:2b:3e:15:
18:bf:88:22:d3:ae:21:2c:e0:b7:fa:37:ab:9a:f4:
a6:a9:b9:8f:32:14:d1:71:9f:a8:81:74:85:2f:8a:
21:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:4D:91:BE:47:E7:BB:DD:B5:03:7B:C7:16:69:BF:FD:C1:75:AC:E1
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/IE2Rvkfnu921A3vHFmm__cF1rOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.24.0/21
95.164.96.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:92:d3:a0:30:7f:4a:7f:33:c0:8f:9c:37:e5:3f:32:2d:93:
88:a5:73:86:c2:69:c5:68:ae:ca:b4:49:7a:b7:d8:24:49:21:
d9:f3:4d:3f:91:2a:b0:cf:7c:2f:56:18:fb:85:b8:50:09:7d:
fa:4c:3d:fc:22:fc:47:9f:df:75:7d:ac:12:f2:b0:8c:00:5c:
9c:06:09:c9:b6:b6:8f:a6:3e:ba:1d:23:8d:bd:55:fc:c6:a8:
d1:ba:d0:c2:31:ec:b1:dd:a6:e5:5a:21:89:64:bb:e6:9d:bf:
80:f9:00:1b:d1:a0:aa:c5:d9:55:98:6a:07:f7:db:98:04:30:
e5:a7:58:0e:b8:1a:61:7d:40:d1:ae:5a:09:4d:d2:56:ed:63:
18:ec:67:b5:6d:a4:91:63:01:3b:25:d6:ae:1b:2a:40:aa:51:
03:41:11:e7:ab:d8:08:42:73:63:a7:aa:8f:fe:63:00:33:fe:
c8:84:16:29:ca:b8:be:e0:8e:c5:87:a6:36:01:ef:43:1f:54:
af:88:fe:82:c5:f9:32:b8:e9:dc:7f:cd:a7:29:a5:a8:17:2d:
62:ea:10:41:bb:10:63:57:8e:cd:b0:87:69:c8:3c:e2:65:6e:
1e:ec:c3:57:d2:8f:ee:d9:06:7a:05:16:ca:4e:44:d9:ff:c1:
e5:c8:5c:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsAuxs/eioCCjkNNL2eykTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMxMDA1MTY0NTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDRkOTFiZTQ3ZTdiYmRkYjUwMzdiYzcxNjY5YmZmZGMxNzVhY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyiLl8YdyJ6bnutO3Ap20TRZUN9s
wk4KFo5YqQ1SM8Tv8fyPqfSXHne2z9PjO42C+pFeFLnrsufgNmLajxOWXvtiyjWK
ePSjptpd0bWTCuuMc0KOC3ycNUxq+/vEGy84muS9eiYOPAFsltYkw2PRtX9iy3Zj
PPHyAJ2SO8VICdE6CYKem61lBMyIHHOqxdEQkV6ig4Id8NRLm0xBHDyD7dgPujCS
AO/ExFANnHoMlXGApnyDxUslYFSBMtzlvQYvDEBUkWhamhjnK+0TG3eir49jLN+h
cxPXA7JbsokrPhUYv4gi064hLOC3+jermvSmqbmPMhTRcZ+ogXSFL4ohOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCBNkb5H57vdtQN7xxZpv/3BdazhMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvSUUyUnZrZm51OTIxQTN2SEZtbV9fY0Yxck9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX6QYAwQE
X6RgMA0GCSqGSIb3DQEBCwUAA4IBAQBfktOgMH9KfzPAj5w35T8yLZOIpXOGwmnF
aK7KtEl6t9gkSSHZ800/kSqwz3wvVhj7hbhQCX36TD38IvxHn991fawS8rCMAFyc
BgnJtraPpj66HSONvVX8xqjRutDCMeyx3ablWiGJZLvmnb+A+QAb0aCqxdlVmGoH
99uYBDDlp1gOuBphfUDRrloJTdJW7WMY7Ge1baSRYwE7JdauGypAqlEDQRHnq9gI
QnNjp6qP/mMAM/7IhBYpyri+4I7Fh6Y2Ae9DH1SviP6CxfkyuOncf82nKaWoFy1i
6hBBuxBjV47NsIdpyDziZW4e7MNX0o/u2QZ6BRbKTkTZ/8HlyFwZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org