Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/q9cmH5V7Z6mObnKV_U6JSbaZ5vA.roa
File: q9cmH5V7Z6mObnKV_U6JSbaZ5vA.roa (raw, json)
Hash identifier: kzEgwpNDdjYi2COs8+NQo93fnoSQB2Ow0BtGAQspCuY=
Subject key identifier: AB:D7:26:1F:95:7B:67:A9:8E:6E:72:95:FD:4E:89:49:B6:99:E6:F0
Certificate issuer: /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial: 018570427DD3D92C6EED0E91142C9BBE2E06
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/q9cmH5V7Z6mObnKV_U6JSbaZ5vA.roa
Signing time: Mon 02 Jan 2023 02:14:43 +0000
ROA not before: Mon 02 Jan 2023 02:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36351
IP address blocks: 95.142.114.0/24 maxlen: 24
95.142.117.0/24 maxlen: 24
185.54.231.0/24 maxlen: 24
95.142.120.0/24 maxlen: 24
95.142.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Jun 2023 09:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:7d:d3:d9:2c:6e:ed:0e:91:14:2c:9b:be:2e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Validity
Not Before: Jan 2 02:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abd7261f957b67a98e6e7295fd4e8949b699e6f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3f:ca:91:28:8d:59:09:03:a6:d6:90:bd:5d:
98:ba:31:2f:e0:da:67:c3:ff:07:d6:b8:6d:b7:8f:
82:a0:cd:db:e5:fa:d2:63:54:88:62:d2:1a:92:d0:
6c:57:25:bc:ea:4e:3c:f7:10:04:d7:2a:f7:57:e0:
15:bb:f1:91:e2:5e:ab:64:9f:98:35:93:59:fa:6b:
4b:90:f5:4c:3a:db:35:39:1d:ae:04:30:35:a1:e9:
a9:2d:95:2e:20:19:ee:1b:aa:53:ef:93:58:99:7b:
36:1a:3d:c3:f8:1a:a7:8a:ab:f5:92:c5:9f:05:e3:
a5:bb:1f:41:cd:37:91:7d:73:d9:a5:cf:0a:bf:c7:
c3:0d:c0:81:3b:1c:9e:d0:74:67:33:0c:64:c7:e9:
4b:2c:83:6f:e9:86:db:90:ae:c8:2b:5a:6d:14:24:
d9:6b:da:55:a6:91:6d:57:f4:c7:0f:aa:33:53:9b:
58:50:73:07:4c:dc:f6:99:7a:e2:a2:35:7f:75:9b:
26:ba:ed:44:a0:69:5e:8c:5d:46:68:ca:8c:e0:21:
84:89:fe:a2:04:3d:7e:32:ad:43:35:25:cb:ef:ca:
20:0b:e4:c9:78:49:a1:0c:12:e2:41:09:e0:5e:8d:
47:4c:cb:60:d6:23:ce:c2:56:e3:60:4c:b9:4f:8d:
76:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D7:26:1F:95:7B:67:A9:8E:6E:72:95:FD:4E:89:49:B6:99:E6:F0
X509v3 Authority Key Identifier:
keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/q9cmH5V7Z6mObnKV_U6JSbaZ5vA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.114.0/24
95.142.117.0/24
95.142.120.0/24
95.142.126.0/24
185.54.231.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:82:7a:2c:3c:a6:80:e1:de:c5:b5:34:b8:0a:b2:d7:c9:fc:
dd:30:e9:05:0c:40:d2:86:a8:4b:26:65:bb:93:34:a3:50:fb:
3f:cc:d7:23:8a:53:fa:7d:e9:6c:54:40:5b:cd:2b:1f:eb:7e:
1b:bc:b9:58:82:0d:fe:8a:2f:14:d6:0b:cf:a2:03:4c:8d:29:
a6:93:63:17:67:3d:51:c9:8c:df:2b:a3:9b:f2:09:b4:1c:7e:
08:07:b1:7d:19:e7:f0:3b:1a:49:03:e7:d8:78:a3:5a:61:fe:
31:e3:52:de:2b:e3:bb:ce:40:51:79:44:92:14:c5:08:4b:e0:
c5:65:12:ca:9b:74:1e:7f:a5:e7:ae:1d:21:f4:2a:9d:e1:b8:
59:7e:14:67:f1:ae:e2:24:fc:ca:5f:0e:43:47:16:d8:a4:d2:
70:60:0f:1a:cf:4b:d2:6b:26:bf:40:60:df:41:3f:db:07:7e:
92:d7:70:95:9f:13:3c:7d:fa:50:b3:3e:8e:30:ab:5c:76:8c:
2c:c2:93:c4:02:c9:2d:44:be:55:72:3f:58:b6:db:b7:c0:36:
19:8d:02:4e:f6:00:c4:45:9f:11:d4:f6:54:50:fc:71:2d:7e:
12:7e:92:50:47:2d:c9:99:2e:b2:e9:ac:f3:ca:ea:66:75:36:
4a:ba:4f:3d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwQn3T2Sxu7Q6RFCybvi4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjMwMTAyMDIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmQ3MjYxZjk1N2I2N2E5OGU2ZTcyOTVmZDRlODk0OWI2OTllNmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT/KkSiNWQkDptaQvV2YujEv4Npn
w/8H1rhtt4+CoM3b5frSY1SIYtIaktBsVyW86k489xAE1yr3V+AVu/GR4l6rZJ+Y
NZNZ+mtLkPVMOts1OR2uBDA1oempLZUuIBnuG6pT75NYmXs2Gj3D+Bqniqv1ksWf
BeOlux9BzTeRfXPZpc8Kv8fDDcCBOxye0HRnMwxkx+lLLINv6YbbkK7IK1ptFCTZ
a9pVppFtV/THD6ozU5tYUHMHTNz2mXriojV/dZsmuu1EoGlejF1GaMqM4CGEif6i
BD1+Mq1DNSXL78ogC+TJeEmhDBLiQQngXo1HTMtg1iPOwlbjYEy5T412mQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKvXJh+Ve2epjm5ylf1OiUm2mebwMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEvcTljbUg1VjdaNm1PYm5LVl9VNkpTYmFaNXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAX45yAwQA
X451AwQAX454AwQAX45+AwQAuTbnMA0GCSqGSIb3DQEBCwUAA4IBAQBPgnosPKaA
4d7FtTS4CrLXyfzdMOkFDEDShqhLJmW7kzSjUPs/zNcjilP6felsVEBbzSsf634b
vLlYgg3+ii8U1gvPogNMjSmmk2MXZz1RyYzfK6Ob8gm0HH4IB7F9GefwOxpJA+fY
eKNaYf4x41LeK+O7zkBReUSSFMUIS+DFZRLKm3Qef6Xnrh0h9Cqd4bhZfhRn8a7i
JPzKXw5DRxbYpNJwYA8az0vSaya/QGDfQT/bB36S13CVnxM8ffpQsz6OMKtcdows
wpPEAsktRL5Vcj9Yttu3wDYZjQJO9gDERZ8R1PZUUPxxLX4SfpJQRy3JmS6y6azz
yupmdTZKuk89
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:08 2024 by rpki-client on console-ams.rpki-client.org