Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/_4fY1YGwTJxnW-DSSK1GD7K-lx8.roa
File: _4fY1YGwTJxnW-DSSK1GD7K-lx8.roa (raw, json)
Hash identifier: SZwtCoGyBpYdqySMo6VFp9fBYF+5wSe7IV5mOoOTVjs=
Subject key identifier: FF:87:D8:D5:81:B0:4C:9C:67:5B:E0:D2:48:AD:46:0F:B2:BE:97:1F
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 018CC26D3051911539702AFD94114527BA7C
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/_4fY1YGwTJxnW-DSSK1GD7K-lx8.roa
Signing time: Mon 01 Jan 2024 00:29:44 +0000
ROA not before: Mon 01 Jan 2024 00:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200837
IP address blocks: 185.95.28.0/23 maxlen: 23
2a05:1500::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 04 Jan 2024 12:13:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:30:51:91:15:39:70:2a:fd:94:11:45:27:ba:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 00:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff87d8d581b04c9c675be0d248ad460fb2be971f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:0f:c3:76:87:38:df:f8:7f:f1:ef:03:a1:
98:dc:fb:da:16:ff:62:79:38:bf:06:51:7e:bc:56:
f8:66:d0:ee:39:24:8e:92:57:ec:18:cf:94:06:8c:
75:22:b2:f7:98:48:cd:9c:7e:92:c5:24:ad:53:8c:
da:ed:1f:05:ff:17:b0:1e:c0:01:e3:2f:ec:1d:32:
03:5a:26:01:f0:38:ce:44:26:66:46:fa:e6:19:2e:
7f:44:0d:44:e9:06:0b:67:0b:b5:2a:49:b5:64:b3:
87:f5:80:c3:1a:33:97:f6:28:b4:44:6e:1c:f7:eb:
ee:fc:6d:37:64:70:99:33:51:68:6d:9a:4d:98:50:
98:d2:32:89:a9:e1:20:e1:8a:64:60:e4:b5:db:e9:
20:28:f8:81:00:26:14:60:67:84:36:ef:93:2c:79:
02:90:a0:67:65:a0:38:39:f4:8c:b7:14:6d:ed:ac:
7e:67:0a:ab:f5:44:5d:1a:b5:b0:e5:cf:b3:90:66:
30:85:0f:7e:27:e2:a8:e9:b8:ca:b3:97:23:be:19:
c7:64:a4:58:04:4e:ff:72:e2:58:5e:76:04:47:eb:
68:a1:57:80:f1:52:96:0d:f5:3d:7e:a6:5c:22:d0:
9b:c5:a4:e4:33:f0:c8:5f:57:d9:b6:8e:ab:8b:05:
f5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:87:D8:D5:81:B0:4C:9C:67:5B:E0:D2:48:AD:46:0F:B2:BE:97:1F
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/_4fY1YGwTJxnW-DSSK1GD7K-lx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.28.0/23
IPv6:
2a05:1500::/40
Signature Algorithm: sha256WithRSAEncryption
1c:e1:a6:26:85:82:44:11:b6:99:dd:7e:73:e8:ec:2b:47:e5:
9e:19:75:d4:46:f7:52:3f:f0:b1:84:5e:39:d8:aa:3a:18:43:
2a:1c:6e:8f:1c:f1:3f:4e:b2:cb:30:4a:0c:e7:f6:2e:ad:21:
23:77:c9:35:2a:60:4b:09:b4:75:1f:5b:36:01:8e:2a:c1:09:
e5:0d:ac:e6:43:52:9e:30:5f:cc:a8:4d:ab:34:c7:4f:fa:2f:
24:db:30:ec:49:78:98:97:ab:d9:0e:a2:50:49:e3:33:12:d3:
2d:9f:fd:61:08:dd:bb:1e:35:f0:9d:10:02:36:57:9d:b3:01:
a5:fd:d6:5d:8e:cd:3e:c0:2c:8e:3c:24:a9:87:4c:3e:ed:ee:
a0:97:55:04:e1:a9:39:ba:2f:09:2d:d4:6f:f8:22:71:e5:a4:
5e:8b:e7:8f:70:0e:f1:cb:89:50:47:11:eb:b5:03:6e:fb:be:
8b:45:d6:b1:15:e0:3b:60:ca:2a:67:cf:e5:df:03:6c:36:13:
16:e5:e8:19:96:cf:3d:7d:de:78:76:83:96:36:8d:6d:5a:51:
55:a9:c2:52:75:89:30:bd:9b:00:45:c9:b0:30:0d:e3:f1:a8:
44:cb:01:52:2c:1b:a6:e2:69:b9:bf:49:b5:44:f4:5e:c7:87:
2b:e2:eb:2f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzCbTBRkRU5cCr9lBFFJ7p8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjQwMTAxMDAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjg3ZDhkNTgxYjA0YzljNjc1YmUwZDI0OGFkNDYwZmIyYmU5NzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZgPw3aHON/4f/HvA6GY3PvaFv9i
eTi/BlF+vFb4ZtDuOSSOklfsGM+UBox1IrL3mEjNnH6SxSStU4za7R8F/xewHsAB
4y/sHTIDWiYB8DjORCZmRvrmGS5/RA1E6QYLZwu1Kkm1ZLOH9YDDGjOX9ii0RG4c
9+vu/G03ZHCZM1FobZpNmFCY0jKJqeEg4YpkYOS12+kgKPiBACYUYGeENu+TLHkC
kKBnZaA4OfSMtxRt7ax+Zwqr9URdGrWw5c+zkGYwhQ9+J+Ko6bjKs5cjvhnHZKRY
BE7/cuJYXnYER+tooVeA8VKWDfU9fqZcItCbxaTkM/DIX1fZto6riwX1ywIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFP+H2NWBsEycZ1vg0kitRg+yvpcfMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvXzRmWTFZR3dUSnhuVy1EU1NLMUdEN0stbHg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuV8cMA4E
AgACMAgDBgAqBRUAADANBgkqhkiG9w0BAQsFAAOCAQEAHOGmJoWCRBG2md1+c+js
K0flnhl11Eb3Uj/wsYReOdiqOhhDKhxujxzxP06yyzBKDOf2Lq0hI3fJNSpgSwm0
dR9bNgGOKsEJ5Q2s5kNSnjBfzKhNqzTHT/ovJNsw7El4mJer2Q6iUEnjMxLTLZ/9
YQjdux418J0QAjZXnbMBpf3WXY7NPsAsjjwkqYdMPu3uoJdVBOGpObovCS3Ub/gi
ceWkXovnj3AO8cuJUEcR67UDbvu+i0XWsRXgO2DKKmfP5d8DbDYTFuXoGZbPPX3e
eHaDljaNbVpRVanCUnWJML2bAEXJsDAN4/GoRMsBUiwbpuJpub9JtUT0XseHK+Lr
Lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org