Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/f04a57-5ee9-4b6a-9da2-bd9a3b55f125/1/nQSOa9EAwdfv30PeNOJ-Spyz-mU.roa
File: nQSOa9EAwdfv30PeNOJ-Spyz-mU.roa (raw, json)
Hash identifier: nWh3ButlCctHl2+gDGOJSwF+4LN6pprvbsgUeDWAbmA=
Subject key identifier: 9D:04:8E:6B:D1:00:C1:D7:EF:DF:43:DE:34:E2:7E:4A:9C:B3:FA:65
Certificate issuer: /CN=558dcc5d7e6887c941ae3b28ce3cbf2fb4f20603
Certificate serial: 01856ED4C81BA314C341552F9BCD7AB9C117
Authority key identifier: 55:8D:CC:5D:7E:68:87:C9:41:AE:3B:28:CE:3C:BF:2F:B4:F2:06:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VY3MXX5oh8lBrjsozjy_L7TyBgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/f04a57-5ee9-4b6a-9da2-bd9a3b55f125/1/nQSOa9EAwdfv30PeNOJ-Spyz-mU.roa
Signing time: Sun 01 Jan 2023 19:35:16 +0000
ROA not before: Sun 01 Jan 2023 19:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209681
IP address blocks: 95.214.68.0/22 maxlen: 24
2a09:d980::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c8:1b:a3:14:c3:41:55:2f:9b:cd:7a:b9:c1:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=558dcc5d7e6887c941ae3b28ce3cbf2fb4f20603
Validity
Not Before: Jan 1 19:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d048e6bd100c1d7efdf43de34e27e4a9cb3fa65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:eb:7f:03:2c:d0:2d:d0:0d:20:a0:a2:a9:9b:
09:bd:c3:6c:5b:08:f1:bd:24:11:57:b0:75:47:56:
a3:8d:7a:7d:32:d3:48:99:88:0f:73:fe:25:5c:3b:
51:7b:cf:78:c8:44:4b:71:fb:f7:9a:b3:e5:ce:e6:
76:8e:b3:13:43:de:b8:e5:78:25:4f:bf:ca:50:0f:
92:9b:32:58:4c:ac:d2:7b:c5:7c:46:81:e0:4b:a0:
41:e6:eb:17:55:f1:92:f2:e8:da:09:78:a7:6e:77:
35:84:14:3d:ad:10:32:cd:52:8f:bb:09:d1:e3:cf:
e5:8a:7f:5f:ee:0d:e9:0d:eb:44:ac:52:58:ae:1a:
a4:4c:1a:54:ea:a9:2e:0b:9b:cf:1b:8e:14:5c:9a:
09:36:a5:a6:53:a0:b4:a2:cc:60:98:00:77:76:97:
1d:cf:ad:fc:2f:0f:b2:77:89:ff:f0:eb:92:06:65:
b4:16:e5:c9:82:72:33:1b:e3:09:0f:f0:8b:16:a4:
8e:e1:e6:ea:44:4c:65:c7:dd:1f:e3:3c:fc:67:21:
f6:85:e7:c1:f7:d3:1f:d5:6a:8e:a2:21:8b:d4:ab:
47:7b:4d:a2:1c:66:ed:5b:8b:47:04:5f:b6:74:b1:
00:b9:83:2d:40:b0:7c:19:13:1c:18:50:ef:ef:4e:
7d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:04:8E:6B:D1:00:C1:D7:EF:DF:43:DE:34:E2:7E:4A:9C:B3:FA:65
X509v3 Authority Key Identifier:
keyid:55:8D:CC:5D:7E:68:87:C9:41:AE:3B:28:CE:3C:BF:2F:B4:F2:06:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VY3MXX5oh8lBrjsozjy_L7TyBgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f04a57-5ee9-4b6a-9da2-bd9a3b55f125/1/nQSOa9EAwdfv30PeNOJ-Spyz-mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f04a57-5ee9-4b6a-9da2-bd9a3b55f125/1/VY3MXX5oh8lBrjsozjy_L7TyBgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.68.0/22
IPv6:
2a09:d980::/29
Signature Algorithm: sha256WithRSAEncryption
78:a7:e4:c6:25:be:08:1e:9f:f5:ee:04:ec:e8:d2:53:74:a6:
89:de:b3:ad:cd:51:61:82:09:70:bd:6c:fc:df:3b:c2:d3:2f:
06:48:f3:70:1d:e3:80:32:bf:6c:06:e7:5e:0f:71:1e:61:2f:
20:3a:4e:e4:3a:16:1a:a3:d5:f8:ee:44:15:74:aa:fd:10:c1:
62:bf:02:9b:68:dd:e7:be:db:17:b5:40:46:b4:61:e3:51:17:
1b:eb:eb:7b:7c:b7:7b:f1:8b:a2:f2:ea:eb:08:b3:8d:e2:d2:
d9:81:cc:3a:9e:dc:1c:ac:5c:c3:e9:fc:e9:ed:0a:a8:4b:30:
f7:0e:8c:4d:13:8f:56:77:af:d2:fe:81:d4:8d:93:50:4c:08:
09:06:6d:2a:47:9d:29:bf:72:7f:6d:70:fe:7c:90:d3:b8:f6:
bf:5e:22:b4:d2:ca:8c:5c:8e:af:e1:24:05:75:3a:6a:a7:69:
70:7e:7d:4b:e2:11:7a:e9:64:c0:a8:31:e9:9c:09:91:a2:46:
09:82:95:a2:fc:cd:eb:5c:bd:f2:b4:6c:d6:01:06:20:3f:d9:
6b:e7:a1:ff:37:a0:d5:c7:b8:4f:c8:5a:51:31:1c:46:14:16:
73:ef:99:a0:2c:4a:05:22:25:05:20:4f:52:f5:a3:4a:90:12:
c0:97:9b:7d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu1MgboxTDQVUvm816ucEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1OGRjYzVkN2U2ODg3Yzk0MWFlM2IyOGNlM2NiZjJmYjRm
MjA2MDMwHhcNMjMwMTAxMTkzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDA0OGU2YmQxMDBjMWQ3ZWZkZjQzZGUzNGUyN2U0YTljYjNmYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOt/AyzQLdANIKCiqZsJvcNsWwjx
vSQRV7B1R1ajjXp9MtNImYgPc/4lXDtRe894yERLcfv3mrPlzuZ2jrMTQ9645Xgl
T7/KUA+SmzJYTKzSe8V8RoHgS6BB5usXVfGS8ujaCXinbnc1hBQ9rRAyzVKPuwnR
48/lin9f7g3pDetErFJYrhqkTBpU6qkuC5vPG44UXJoJNqWmU6C0osxgmAB3dpcd
z638Lw+yd4n/8OuSBmW0FuXJgnIzG+MJD/CLFqSO4ebqRExlx90f4zz8ZyH2hefB
99Mf1WqOoiGL1KtHe02iHGbtW4tHBF+2dLEAuYMtQLB8GRMcGFDv7059JQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ0EjmvRAMHX799D3jTifkqcs/plMB8GA1UdIwQY
MBaAFFWNzF1+aIfJQa47KM48vy+08gYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlkzTVhYNW9oOGxCcmpzb3pqeV9MN1R5QmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mMDRhNTctNWVlOS00YjZhLTlkYTIt
YmQ5YTNiNTVmMTI1LzEvblFTT2E5RUF3ZGZ2MzBQZU5PSi1TcHl6LW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mMDRhNTctNWVlOS00YjZhLTlkYTItYmQ5YTNiNTVmMTI1
LzEvVlkzTVhYNW9oOGxCcmpzb3pqeV9MN1R5QmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCX9ZEMA0E
AgACMAcDBQMqCdmAMA0GCSqGSIb3DQEBCwUAA4IBAQB4p+TGJb4IHp/17gTs6NJT
dKaJ3rOtzVFhgglwvWz83zvC0y8GSPNwHeOAMr9sBudeD3EeYS8gOk7kOhYao9X4
7kQVdKr9EMFivwKbaN3nvtsXtUBGtGHjURcb6+t7fLd78Yui8urrCLON4tLZgcw6
ntwcrFzD6fzp7QqoSzD3DoxNE49Wd6/S/oHUjZNQTAgJBm0qR50pv3J/bXD+fJDT
uPa/XiK00sqMXI6v4SQFdTpqp2lwfn1L4hF66WTAqDHpnAmRokYJgpWi/M3rXL3y
tGzWAQYgP9lr56H/N6DVx7hPyFpRMRxGFBZz75mgLEoFIiUFIE9S9aNKkBLAl5t9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:07 2024 by rpki-client on console-fra.rpki-client.org