Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/qIGqXFxxCdQ-YKYrwO1wFjIA3dc.roa
File: qIGqXFxxCdQ-YKYrwO1wFjIA3dc.roa (raw, json)
Hash identifier: DEj59xZSlq3y3uYkHYR1MRtOMHwUCgm6mSQWW6MxGvA=
Subject key identifier: A8:81:AA:5C:5C:71:09:D4:3E:60:A6:2B:C0:ED:70:16:32:00:DD:D7
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01882BD361535CA9F0B9C8E7C1BD14BD3FF5
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/qIGqXFxxCdQ-YKYrwO1wFjIA3dc.roa
Signing time: Wed 17 May 2023 22:27:33 +0000
ROA not before: Wed 17 May 2023 22:27:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39249
IP address blocks: 95.164.12.0/22 maxlen: 22
95.164.71.0/24 maxlen: 24
195.214.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Sep 2023 18:11:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2b:d3:61:53:5c:a9:f0:b9:c8:e7:c1:bd:14:bd:3f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: May 17 22:27:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a881aa5c5c7109d43e60a62bc0ed70163200ddd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:60:ee:cb:26:f1:7a:c7:cb:f7:81:70:99:ce:
77:ee:16:69:c3:f0:33:1f:8a:d3:38:18:55:2d:b2:
4b:98:cf:3b:af:92:e9:73:e1:f6:0d:09:df:96:cd:
39:73:fc:01:ed:f6:cc:71:7b:bd:41:1a:63:66:5f:
7e:dd:f8:ec:6b:63:cb:ec:b2:f0:95:1d:bc:6b:f6:
7c:b6:1c:bb:2f:94:37:44:cf:da:30:fc:a4:45:d0:
0d:7a:fe:a3:93:76:b8:2a:f5:3e:2d:34:22:b6:38:
8f:cb:0e:ee:72:8c:6f:1a:46:28:cc:c1:79:41:ee:
44:22:00:57:43:9a:ba:a4:36:5c:ca:03:31:5f:7f:
7a:cf:90:eb:28:0f:70:00:90:3d:16:df:79:39:56:
e2:e5:23:89:64:0c:0e:a2:c2:45:92:f2:b8:72:42:
a6:8e:3c:2e:2c:aa:f7:6a:44:9b:ac:50:f9:61:e1:
63:6d:04:71:69:38:6f:45:58:0d:08:ba:99:c3:84:
c6:28:35:45:37:2c:5d:c0:7b:be:94:3b:ed:36:e3:
eb:2b:7e:50:1b:77:98:a1:18:bb:1c:bd:4a:f1:fc:
c0:95:74:22:0c:1a:15:6c:c8:48:52:c5:21:3f:5c:
84:63:e9:69:40:68:12:f1:ee:c2:f4:73:0e:95:35:
27:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:81:AA:5C:5C:71:09:D4:3E:60:A6:2B:C0:ED:70:16:32:00:DD:D7
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/qIGqXFxxCdQ-YKYrwO1wFjIA3dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.12.0/22
95.164.71.0/24
195.214.212.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:34:29:3c:e3:d3:04:0a:a1:fc:13:f7:33:22:e2:f3:af:0b:
0f:23:50:d4:00:79:d6:4a:27:52:d2:45:d1:eb:8b:79:76:3d:
21:4f:40:70:42:84:cd:ce:4c:ea:8f:98:09:6e:47:2c:17:fa:
d4:e1:52:5d:b9:97:30:8b:69:4f:0a:99:10:b5:97:9a:68:2f:
fd:ee:7a:f7:70:64:b8:6f:6b:c8:8b:6b:7e:eb:3f:2e:c5:77:
3d:1d:0d:8e:02:51:23:0b:cf:e8:d2:97:2a:42:df:21:b1:ee:
d3:c9:0c:0f:c9:af:f3:06:81:79:f8:d4:8f:7a:9e:98:a9:85:
24:df:15:a3:de:e0:ec:ee:93:0a:e7:6f:18:22:40:21:61:be:
3c:dc:6a:26:cc:0d:70:da:99:18:81:74:f8:5a:1a:e1:f6:33:
6a:44:38:f2:2f:1d:77:c6:c3:e5:ad:b2:aa:eb:5f:41:28:be:
89:95:92:f7:8f:0c:87:b5:4f:0a:f4:4e:91:76:2b:c7:98:82:
10:9c:03:e1:d1:cc:e5:5e:1d:b7:be:07:7b:da:84:c8:25:8a:
10:2b:36:8c:01:8a:5a:d7:11:ec:f9:97:b1:1e:4d:bc:4a:c6:
64:95:9a:91:de:e4:18:df:0d:05:c4:b1:b7:68:d5:2d:a0:3a:
1f:76:0e:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgr02FTXKnwucjnwb0UvT/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwNTE3MjIyNzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODgxYWE1YzVjNzEwOWQ0M2U2MGE2MmJjMGVkNzAxNjMyMDBkZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGDuyybxesfL94Fwmc537hZpw/Az
H4rTOBhVLbJLmM87r5Lpc+H2DQnfls05c/wB7fbMcXu9QRpjZl9+3fjsa2PL7LLw
lR28a/Z8thy7L5Q3RM/aMPykRdANev6jk3a4KvU+LTQitjiPyw7ucoxvGkYozMF5
Qe5EIgBXQ5q6pDZcygMxX396z5DrKA9wAJA9Ft95OVbi5SOJZAwOosJFkvK4ckKm
jjwuLKr3akSbrFD5YeFjbQRxaThvRVgNCLqZw4TGKDVFNyxdwHu+lDvtNuPrK35Q
G3eYoRi7HL1K8fzAlXQiDBoVbMhIUsUhP1yEY+lpQGgS8e7C9HMOlTUnvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKiBqlxccQnUPmCmK8DtcBYyAN3XMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvcUlHcVhGeHhDZFEtWUtZcndPMXdGaklBM2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCX6QMAwQA
X6RHAwQAw9bUMA0GCSqGSIb3DQEBCwUAA4IBAQCjNCk849MECqH8E/czIuLzrwsP
I1DUAHnWSidS0kXR64t5dj0hT0BwQoTNzkzqj5gJbkcsF/rU4VJduZcwi2lPCpkQ
tZeaaC/97nr3cGS4b2vIi2t+6z8uxXc9HQ2OAlEjC8/o0pcqQt8hse7TyQwPya/z
BoF5+NSPep6YqYUk3xWj3uDs7pMK528YIkAhYb483GomzA1w2pkYgXT4Whrh9jNq
RDjyLx13xsPlrbKq619BKL6JlZL3jwyHtU8K9E6RdivHmIIQnAPh0czlXh23vgd7
2oTIJYoQKzaMAYpa1xHs+ZexHk28SsZklZqR3uQY3w0FxLG3aNUtoDofdg6r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org