Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/1Un8yfH26Ct-eUjBnWMouqgk1Kw.roa
File: 1Un8yfH26Ct-eUjBnWMouqgk1Kw.roa (raw, json)
Hash identifier: JPlPmq7Zwe+oEzIx7kBdNyhh+e5mxvOAQ7v7QD93nH8=
Subject key identifier: D5:49:FC:C9:F1:F6:E8:2B:7E:79:48:C1:9D:63:28:BA:A8:24:D4:AC
Certificate issuer: /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Certificate serial: 018C72898C485EF57E5E0DF80236AB1F6B35
Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/1Un8yfH26Ct-eUjBnWMouqgk1Kw.roa
Signing time: Sat 16 Dec 2023 12:11:06 +0000
ROA not before: Sat 16 Dec 2023 12:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48937
IP address blocks: 95.140.162.0/24 maxlen: 24
95.140.163.0/24 maxlen: 24
95.140.160.0/22 maxlen: 22
95.140.160.0/24 maxlen: 24
95.140.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:72:89:8c:48:5e:f5:7e:5e:0d:f8:02:36:ab:1f:6b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Validity
Not Before: Dec 16 12:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d549fcc9f1f6e82b7e7948c19d6328baa824d4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d9:57:c0:a2:bc:fb:6e:fb:40:4d:ec:e0:8a:
94:fa:fd:c4:ef:75:61:fb:f5:37:b9:ef:76:11:08:
cf:6e:8f:d7:e6:1a:cd:14:cc:8b:66:51:c5:0e:a5:
be:30:1b:65:d9:d8:51:f1:86:52:6d:7b:41:d9:89:
a5:de:0c:aa:11:a3:95:9d:3d:a5:fb:f3:06:20:55:
d7:9b:ac:8d:a5:60:4f:cf:29:07:48:d0:98:d6:36:
78:3b:5d:61:a9:bf:84:4e:6d:a0:b6:54:f9:b7:68:
c1:6e:83:64:fe:db:7d:28:bf:e2:0c:d7:c4:85:b7:
41:2e:f2:d7:67:08:fd:e5:40:ef:cd:98:5e:12:03:
e4:4e:1a:b6:8d:46:56:88:85:73:fd:65:0f:59:f4:
61:c1:d5:39:d7:c7:9a:36:f3:66:a3:ab:67:cc:1a:
8d:db:8a:c1:cb:8b:96:4b:29:cc:61:9a:d8:c4:38:
27:db:ce:5c:04:20:7b:e5:9f:34:5e:93:69:9f:a6:
3b:49:87:b7:08:dd:7b:e0:40:c0:11:fd:d1:41:68:
8a:2a:f2:1e:c5:62:0e:8d:08:ea:3e:aa:ad:86:39:
3a:5a:d7:6f:3c:4b:43:90:20:dc:d9:ce:3b:35:4d:
6b:db:f4:4e:a3:a6:ad:56:dd:bf:df:c5:8c:71:bc:
21:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:49:FC:C9:F1:F6:E8:2B:7E:79:48:C1:9D:63:28:BA:A8:24:D4:AC
X509v3 Authority Key Identifier:
keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/1Un8yfH26Ct-eUjBnWMouqgk1Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.160.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:57:ff:69:8b:47:dd:92:c7:86:5e:d3:b2:78:26:64:94:1e:
53:b9:aa:98:57:1e:96:68:a5:08:19:a1:3f:93:12:4c:2f:72:
af:70:e6:a8:f8:35:88:db:97:5b:63:64:62:c6:18:42:7b:1e:
e9:f0:df:10:e8:14:9c:b8:14:fe:01:d6:af:c5:93:fc:15:d5:
b3:cf:f0:b3:7c:c5:de:42:05:c1:56:ce:98:e2:31:b4:af:fe:
17:4d:cc:ea:30:80:c4:a1:c4:87:f5:3e:07:b1:2c:7f:ca:c6:
23:a0:b5:b6:1a:41:39:3f:48:ac:d5:d9:69:16:06:c0:ad:2f:
99:bd:0c:ab:ac:2a:b7:43:11:06:ea:b1:1e:ce:ce:c2:e3:78:
86:90:10:82:0f:04:7d:f4:35:0d:31:80:3b:9a:c6:da:4b:9c:
ff:e3:99:99:8b:57:f6:61:13:3c:90:3f:bd:e8:05:af:a0:7d:
a6:f7:1d:e9:43:e0:2a:f0:aa:b6:71:53:95:0f:d3:27:dc:b6:
e6:c5:37:7b:22:81:32:8c:31:9e:7b:86:ae:d1:97:57:2f:47:
8d:1f:1c:cc:89:c7:47:b2:48:40:fc:ce:fd:9b:a0:93:c4:81:
7a:f3:fc:6b:9c:ec:b2:06:59:62:16:c2:17:91:de:9e:7b:a5:
58:46:6d:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxyiYxIXvV+Xg34AjarH2s1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj
NTNjMDYwHhcNMjMxMjE2MTIxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ5ZmNjOWYxZjZlODJiN2U3OTQ4YzE5ZDYzMjhiYWE4MjRkNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79lXwKK8+277QE3s4IqU+v3E73Vh
+/U3ue92EQjPbo/X5hrNFMyLZlHFDqW+MBtl2dhR8YZSbXtB2Yml3gyqEaOVnT2l
+/MGIFXXm6yNpWBPzykHSNCY1jZ4O11hqb+ETm2gtlT5t2jBboNk/tt9KL/iDNfE
hbdBLvLXZwj95UDvzZheEgPkThq2jUZWiIVz/WUPWfRhwdU518eaNvNmo6tnzBqN
24rBy4uWSynMYZrYxDgn285cBCB75Z80XpNpn6Y7SYe3CN174EDAEf3RQWiKKvIe
xWIOjQjqPqqthjk6WtdvPEtDkCDc2c47NU1r2/ROo6atVt2/38WMcbwhLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNVJ/Mnx9ugrfnlIwZ1jKLqoJNSsMB8GA1UdIwQY
MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt
YTg4MWVjODIyOGI1LzEvMVVuOHlmSDI2Q3QtZVVqQm5XTW91cWdrMUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1
LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX4ygMA0G
CSqGSIb3DQEBCwUAA4IBAQAbV/9pi0fdkseGXtOyeCZklB5TuaqYVx6WaKUIGaE/
kxJML3KvcOao+DWI25dbY2RixhhCex7p8N8Q6BScuBT+AdavxZP8FdWzz/CzfMXe
QgXBVs6Y4jG0r/4XTczqMIDEocSH9T4HsSx/ysYjoLW2GkE5P0is1dlpFgbArS+Z
vQyrrCq3QxEG6rEezs7C43iGkBCCDwR99DUNMYA7msbaS5z/45mZi1f2YRM8kD+9
6AWvoH2m9x3pQ+Aq8Kq2cVOVD9Mn3LbmxTd7IoEyjDGee4au0ZdXL0eNHxzMicdH
skhA/M79m6CTxIF68/xrnOyyBlliFsIXkd6ee6VYRm3P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:10 2024 by rpki-client on console-ams.rpki-client.org