Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/xzpzS9KkZP52ZAjrDlcmK6cUfbk.roa
File: xzpzS9KkZP52ZAjrDlcmK6cUfbk.roa (raw, json)
Hash identifier: hjhkOMVN/suE6Shbk9up/bJRPnOKqvNq7zgaXTad/KE=
Subject key identifier: C7:3A:73:4B:D2:A4:64:FE:76:64:08:EB:0E:57:26:2B:A7:14:7D:B9
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01856FD52A5BA778DB1EAA31C3932C49A187
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/xzpzS9KkZP52ZAjrDlcmK6cUfbk.roa
Signing time: Mon 02 Jan 2023 00:15:19 +0000
ROA not before: Mon 02 Jan 2023 00:15:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200837
IP address blocks: 185.95.28.0/23 maxlen: 23
2a05:1500::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:2a:5b:a7:78:db:1e:aa:31:c3:93:2c:49:a1:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 2 00:15:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c73a734bd2a464fe766408eb0e57262ba7147db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3f:ad:50:77:db:8a:4d:42:3c:5a:c4:ce:23:
a3:f8:f1:47:ca:e1:fc:05:55:2d:fd:e4:8d:25:e9:
b1:92:8d:af:7b:bd:40:19:f5:80:76:7f:de:76:d4:
26:93:22:8d:55:21:c9:52:2a:fc:d4:62:1a:d7:f5:
95:e6:68:00:c9:5b:db:f6:c1:14:8c:8f:4e:27:2f:
db:02:43:ad:14:14:b2:bd:ee:58:ce:9b:f8:81:2e:
f9:01:2a:7a:7a:38:7b:13:a3:9e:2f:76:f3:c3:58:
b8:2d:8f:76:bb:4c:12:47:6a:52:8d:f5:d0:ce:00:
d0:05:46:42:55:5c:4f:4d:1b:44:33:88:c8:80:d2:
39:19:66:35:96:35:54:77:71:02:84:c3:8f:c0:79:
f8:4f:f0:2a:6f:e4:3b:5f:d3:7e:c4:c5:1e:b4:e6:
50:19:b0:57:36:12:94:e1:96:a5:c3:88:23:5d:49:
85:df:20:3e:de:46:32:76:13:0f:b7:58:17:a6:ed:
23:a8:7b:ff:a4:b5:59:ee:8b:f5:15:92:26:bf:96:
d3:f8:89:77:77:ff:00:d3:39:69:e2:eb:17:7b:8e:
bb:37:ab:47:b7:78:61:53:9f:68:b1:d0:bc:bf:8a:
7c:93:6f:48:74:38:79:9d:a3:eb:00:90:ae:8d:c4:
03:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3A:73:4B:D2:A4:64:FE:76:64:08:EB:0E:57:26:2B:A7:14:7D:B9
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/xzpzS9KkZP52ZAjrDlcmK6cUfbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.28.0/23
IPv6:
2a05:1500::/40
Signature Algorithm: sha256WithRSAEncryption
69:6f:80:84:52:9c:bd:1e:11:7b:b8:00:11:4b:6c:a2:8b:0d:
58:ca:96:55:4e:ae:69:fc:bc:73:54:b5:aa:6f:b8:89:3c:52:
7c:75:f9:d9:fb:12:19:11:96:8e:93:b3:dc:28:4d:34:c9:a8:
31:1e:ad:17:d0:4e:a0:2b:03:75:fe:52:ff:22:f1:83:8c:5b:
31:ef:0d:19:2e:13:28:3c:d3:e0:47:e1:ff:de:f1:64:68:50:
97:ea:f3:67:01:ed:cb:88:72:84:8a:ab:60:29:97:a1:da:98:
47:2a:09:e8:ab:fe:b6:45:48:4d:42:47:03:a9:d6:02:4e:ae:
76:19:27:e3:67:d2:52:cc:cf:79:96:c4:d1:1d:88:5d:ab:7f:
ca:4d:e5:64:5d:4b:4e:64:e6:cb:79:82:fd:18:0d:84:63:71:
58:c1:a7:8e:d5:11:f1:88:a0:28:f1:5b:b1:9d:7c:bb:37:84:
10:60:ed:fa:29:98:da:5a:69:75:07:1a:b2:14:62:5a:f5:18:
4d:3b:76:82:5a:2a:f0:25:67:19:df:72:2b:10:ad:20:6a:41:
ef:c2:0f:bd:61:bb:8d:2e:ec:9d:c1:4d:fe:dc:db:0c:7c:87:
2a:af:e8:f8:30:96:39:16:58:5b:50:f3:29:98:cb:f9:5b:67:
4c:4e:a5:0e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVv1Spbp3jbHqoxw5MsSaGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMTAyMDAxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzNhNzM0YmQyYTQ2NGZlNzY2NDA4ZWIwZTU3MjYyYmE3MTQ3ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzD+tUHfbik1CPFrEziOj+PFHyuH8
BVUt/eSNJemxko2ve71AGfWAdn/edtQmkyKNVSHJUir81GIa1/WV5mgAyVvb9sEU
jI9OJy/bAkOtFBSyve5Yzpv4gS75ASp6ejh7E6OeL3bzw1i4LY92u0wSR2pSjfXQ
zgDQBUZCVVxPTRtEM4jIgNI5GWY1ljVUd3EChMOPwHn4T/Aqb+Q7X9N+xMUetOZQ
GbBXNhKU4Zalw4gjXUmF3yA+3kYydhMPt1gXpu0jqHv/pLVZ7ov1FZImv5bT+Il3
d/8A0zlp4usXe467N6tHt3hhU59osdC8v4p8k29IdDh5naPrAJCujcQDEwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMc6c0vSpGT+dmQI6w5XJiunFH25MB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEveHpwelM5S2taUDUyWkFqckRsY21LNmNVZmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuV8cMA4E
AgACMAgDBgAqBRUAADANBgkqhkiG9w0BAQsFAAOCAQEAaW+AhFKcvR4Re7gAEUts
oosNWMqWVU6uafy8c1S1qm+4iTxSfHX52fsSGRGWjpOz3ChNNMmoMR6tF9BOoCsD
df5S/yLxg4xbMe8NGS4TKDzT4Efh/97xZGhQl+rzZwHty4hyhIqrYCmXodqYRyoJ
6Kv+tkVITUJHA6nWAk6udhkn42fSUszPeZbE0R2IXat/yk3lZF1LTmTmy3mC/RgN
hGNxWMGnjtUR8YigKPFbsZ18uzeEEGDt+imY2lppdQcashRiWvUYTTt2gloq8CVn
Gd9yKxCtIGpB78IPvWG7jS7sncFN/tzbDHyHKq/o+DCWORZYW1DzKZjL+VtnTE6l
Dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org