Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/yWhZcJETjY7HXoBCgbYpgJC94KM.roa
File: yWhZcJETjY7HXoBCgbYpgJC94KM.roa (raw, json)
Hash identifier: gTU/F98V2l9kCRh2Y33TpxEjCTpUMl9HUn5icsPHL10=
Subject key identifier: C9:68:59:70:91:13:8D:8E:C7:5E:80:42:81:B6:29:80:90:BD:E0:A3
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018CC64AD44EF8AA31DD1651C1480D2F0DDD
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/yWhZcJETjY7HXoBCgbYpgJC94KM.roa
Signing time: Mon 01 Jan 2024 18:30:41 +0000
ROA not before: Mon 01 Jan 2024 18:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39249
IP address blocks: 95.164.12.0/22 maxlen: 22
195.149.96.0/24 maxlen: 24
95.164.71.0/24 maxlen: 24
195.214.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 23:35:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d4:4e:f8:aa:31:dd:16:51:c1:48:0d:2f:0d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 18:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c968597091138d8ec75e804281b6298090bde0a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:88:99:87:8b:e9:1c:fe:c6:54:82:4f:35:35:
7a:06:c7:5f:22:a9:f2:0c:d1:ba:83:cc:ea:e2:3f:
fc:28:0f:7d:15:2f:cd:49:50:f1:29:c0:41:ba:11:
15:9c:bf:28:4b:a4:e6:2c:ed:6e:e3:2c:de:21:d4:
aa:92:58:d3:9b:52:c5:9e:d2:5e:d7:11:e5:9c:a8:
2d:a5:79:6b:94:23:1a:37:66:ff:b6:ea:87:38:69:
21:a8:db:89:45:24:3a:d0:eb:a4:ca:2e:45:7a:40:
63:73:ce:d7:52:83:ce:2b:b4:90:d1:23:bc:33:ba:
03:e5:cf:1d:7b:2b:7f:4d:aa:de:cd:cd:a6:f4:2a:
46:b6:d8:94:14:34:32:75:da:2a:ff:7d:a8:fb:5d:
a3:e3:cd:8d:99:9d:28:5d:0f:f0:f9:be:99:df:00:
08:4d:c6:1c:d6:ed:5b:4c:c1:33:7e:b9:21:e2:a5:
5c:42:8b:1b:fe:8c:10:50:49:f7:07:b2:60:26:2c:
bd:63:47:fe:1d:b5:19:c0:89:27:84:df:4f:1b:a5:
f2:31:df:81:09:53:e7:37:45:d9:5a:10:67:94:44:
ed:f3:01:5a:6c:a0:fc:1a:48:84:43:7b:36:11:4e:
1f:6b:29:45:ce:b7:53:ad:73:c4:29:04:0e:e6:c8:
29:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:68:59:70:91:13:8D:8E:C7:5E:80:42:81:B6:29:80:90:BD:E0:A3
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/yWhZcJETjY7HXoBCgbYpgJC94KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.12.0/22
95.164.71.0/24
195.149.96.0/24
195.214.212.0/24
Signature Algorithm: sha256WithRSAEncryption
72:19:63:53:5b:12:10:d3:6e:e7:43:6f:46:8b:60:e6:e6:a9:
42:74:83:f3:a0:f9:4e:30:b8:d6:1b:27:35:2a:21:68:15:79:
ce:b5:95:25:30:bd:49:e4:26:d9:23:c1:d7:2d:73:88:ab:b9:
9c:d0:d3:46:0c:74:66:bd:17:1a:b0:e0:af:e9:84:ce:cb:08:
f4:81:0e:fa:50:fe:47:e5:74:bf:28:05:38:59:15:9a:d0:a1:
91:6e:2a:0d:2b:60:ab:f7:ee:e6:82:e4:35:c1:fb:96:ac:ca:
d1:7b:d6:15:eb:1f:bb:a9:fd:28:6f:3e:13:2a:dc:3e:e8:07:
cd:3a:4c:58:22:9b:80:67:e4:04:aa:42:1c:12:dd:c6:7b:0e:
10:f1:3f:4b:e8:38:71:60:f9:7d:9a:6c:09:a0:be:c3:be:cb:
6a:61:99:78:e3:f6:6b:68:80:39:65:a0:7e:bd:e7:3f:43:84:
b5:4e:4c:dc:d4:1f:98:8b:cc:09:a0:c6:ff:8b:24:11:18:2e:
a2:6e:3f:9d:21:f4:1c:7c:dc:be:a8:6e:2e:67:7d:65:e5:c9:
0b:19:8b:98:92:e9:9b:04:de:47:2d:2c:99:57:41:76:0a:2c:
19:94:91:6d:23:a9:83:ea:11:dd:8b:b4:23:a1:e7:da:ec:c1:
97:27:21:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGStRO+Kox3RZRwUgNLw3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTAxMTgzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTY4NTk3MDkxMTM4ZDhlYzc1ZTgwNDI4MWI2Mjk4MDkwYmRlMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4iZh4vpHP7GVIJPNTV6BsdfIqny
DNG6g8zq4j/8KA99FS/NSVDxKcBBuhEVnL8oS6TmLO1u4yzeIdSqkljTm1LFntJe
1xHlnKgtpXlrlCMaN2b/tuqHOGkhqNuJRSQ60Oukyi5FekBjc87XUoPOK7SQ0SO8
M7oD5c8deyt/Tarezc2m9CpGttiUFDQyddoq/32o+12j482NmZ0oXQ/w+b6Z3wAI
TcYc1u1bTMEzfrkh4qVcQosb/owQUEn3B7JgJiy9Y0f+HbUZwIknhN9PG6XyMd+B
CVPnN0XZWhBnlETt8wFabKD8GkiEQ3s2EU4faylFzrdTrXPEKQQO5sgpUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMloWXCRE42Ox16AQoG2KYCQveCjMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEveVdoWmNKRVRqWTdIWG9CQ2diWXBnSkM5NEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCX6QMAwQA
X6RHAwQAw5VgAwQAw9bUMA0GCSqGSIb3DQEBCwUAA4IBAQByGWNTWxIQ027nQ29G
i2Dm5qlCdIPzoPlOMLjWGyc1KiFoFXnOtZUlML1J5CbZI8HXLXOIq7mc0NNGDHRm
vRcasOCv6YTOywj0gQ76UP5H5XS/KAU4WRWa0KGRbioNK2Cr9+7mguQ1wfuWrMrR
e9YV6x+7qf0obz4TKtw+6AfNOkxYIpuAZ+QEqkIcEt3Gew4Q8T9L6DhxYPl9mmwJ
oL7DvstqYZl44/ZraIA5ZaB+vec/Q4S1Tkzc1B+Yi8wJoMb/iyQRGC6ibj+dIfQc
fNy+qG4uZ31l5ckLGYuYkumbBN5HLSyZV0F2CiwZlJFtI6mD6hHdi7Qjoefa7MGX
JyEB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org