Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/fMQ4rh8PRhSzjgoF8T98Lie4Aes.roa
File: fMQ4rh8PRhSzjgoF8T98Lie4Aes.roa (raw, json)
Hash identifier: uSxZnMV2Os6lMtHox3xYt5xUQ1YLaGAOQPhcE4LIbGc=
Subject key identifier: 7C:C4:38:AE:1F:0F:46:14:B3:8E:0A:05:F1:3F:7C:2E:27:B8:01:EB
Certificate issuer: /CN=0db0f9f755b0e303cc16d1a633f958c036034945
Certificate serial: 0185723A03307D56999A20D6BAB8D499F870
Authority key identifier: 0D:B0:F9:F7:55:B0:E3:03:CC:16:D1:A6:33:F9:58:C0:36:03:49:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbD591Ww4wPMFtGmM_lYwDYDSUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/fMQ4rh8PRhSzjgoF8T98Lie4Aes.roa
Signing time: Mon 02 Jan 2023 11:24:42 +0000
ROA not before: Mon 02 Jan 2023 11:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15966
IP address blocks: 95.128.0.0/21 maxlen: 21
2a01:a640::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:03:30:7d:56:99:9a:20:d6:ba:b8:d4:99:f8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db0f9f755b0e303cc16d1a633f958c036034945
Validity
Not Before: Jan 2 11:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cc438ae1f0f4614b38e0a05f13f7c2e27b801eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:32:57:ab:01:f2:87:78:b4:dd:cc:64:bc:b4:
02:5d:f6:bf:60:26:fe:f6:b8:4f:91:5f:c1:22:02:
1a:0f:d0:93:21:cc:91:6e:d9:53:fd:37:f0:d3:a3:
e1:78:60:b6:40:4e:52:90:52:04:0f:6f:41:a7:9c:
71:fd:a0:f1:1d:22:31:3a:ce:dd:c6:24:a1:dc:28:
1a:81:8e:03:c4:c1:d8:66:cb:4f:c6:77:7e:e3:3a:
f0:86:e8:4c:8b:27:5a:99:9c:7c:47:89:e4:36:85:
2e:ee:a8:ff:29:b4:40:bf:31:90:0c:df:20:0b:b6:
70:ef:e4:93:89:13:cb:60:ff:83:39:41:72:f1:c5:
6f:76:1f:18:3c:b6:8b:94:04:fe:c3:d1:77:f4:db:
87:41:36:fd:1a:42:5b:0d:62:9b:ab:e1:b7:ed:cb:
42:ae:f8:8d:a7:a2:32:ca:92:0d:cc:ff:33:84:63:
d4:d5:72:7e:98:fd:de:0e:b8:39:46:67:a0:38:11:
44:48:95:2e:27:34:7c:2e:76:ce:0f:66:c3:bc:0d:
a3:b5:12:04:56:fa:e2:fd:06:72:2c:de:bf:98:00:
18:9a:35:62:95:b9:13:6b:82:8c:4f:a0:22:1b:d5:
ab:5e:c7:db:a9:ae:17:85:8f:79:73:15:f4:5c:c9:
3e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C4:38:AE:1F:0F:46:14:B3:8E:0A:05:F1:3F:7C:2E:27:B8:01:EB
X509v3 Authority Key Identifier:
keyid:0D:B0:F9:F7:55:B0:E3:03:CC:16:D1:A6:33:F9:58:C0:36:03:49:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbD591Ww4wPMFtGmM_lYwDYDSUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/fMQ4rh8PRhSzjgoF8T98Lie4Aes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/DbD591Ww4wPMFtGmM_lYwDYDSUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.0.0/21
IPv6:
2a01:a640::/32
Signature Algorithm: sha256WithRSAEncryption
9a:4b:5d:af:fe:b3:ce:c5:45:e4:bf:50:b9:bb:b9:50:7e:ea:
a9:48:aa:e6:b7:34:da:f7:9c:50:0f:a5:c7:e5:c2:3f:16:7b:
f4:d1:29:9d:b6:75:13:a8:2d:9e:ac:59:da:2d:a7:49:d8:8d:
e7:17:ec:68:af:d8:ed:1a:dc:32:e3:bf:bb:cf:f5:a7:54:61:
e3:9f:4c:90:90:5c:9d:0d:b6:08:09:9f:9a:50:d8:6c:5e:11:
ea:db:73:fe:0d:b6:05:1a:19:2f:0a:ec:61:29:2d:c2:f7:49:
1e:66:59:da:94:e5:a8:e0:ee:bc:0b:bd:ba:88:56:15:67:e9:
00:7e:f8:c2:03:25:81:65:d3:db:aa:fb:f8:f9:f1:64:11:8d:
a5:e5:8e:eb:0e:29:53:69:42:e2:ca:f7:c0:ea:4e:ea:05:79:
18:1d:2f:8b:fd:b1:cc:44:d9:4f:0a:c6:f7:b3:f8:2f:65:13:
af:73:e6:fb:de:b1:98:fb:09:ed:71:78:bf:87:61:24:d1:86:
fd:27:62:bd:aa:e7:9a:03:09:f8:77:22:62:db:5b:b6:f3:9d:
4e:35:63:3b:c8:67:62:c1:8c:85:b0:3b:77:8f:07:bd:b8:ee:
17:0a:ea:18:b6:e7:8b:32:f9:f8:aa:0f:36:7e:17:72:91:24:
9e:94:e3:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyOgMwfVaZmiDWurjUmfhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjBmOWY3NTViMGUzMDNjYzE2ZDFhNjMzZjk1OGMwMzYw
MzQ5NDUwHhcNMjMwMTAyMTEyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M0MzhhZTFmMGY0NjE0YjM4ZTBhMDVmMTNmN2MyZTI3YjgwMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozJXqwHyh3i03cxkvLQCXfa/YCb+
9rhPkV/BIgIaD9CTIcyRbtlT/Tfw06PheGC2QE5SkFIED29Bp5xx/aDxHSIxOs7d
xiSh3CgagY4DxMHYZstPxnd+4zrwhuhMiydamZx8R4nkNoUu7qj/KbRAvzGQDN8g
C7Zw7+STiRPLYP+DOUFy8cVvdh8YPLaLlAT+w9F39NuHQTb9GkJbDWKbq+G37ctC
rviNp6IyypINzP8zhGPU1XJ+mP3eDrg5RmegOBFESJUuJzR8LnbOD2bDvA2jtRIE
Vvri/QZyLN6/mAAYmjVilbkTa4KMT6AiG9WrXsfbqa4XhY95cxX0XMk+bwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHzEOK4fD0YUs44KBfE/fC4nuAHrMB8GA1UdIwQY
MBaAFA2w+fdVsOMDzBbRpjP5WMA2A0lFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJENTkxV3c0d1BNRnRHbU1fbFl3RFlEU1VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wM2FmYzYtODhmNS00NjYwLTgwMTUt
NjRjOWMyY2M5NjA5LzEvZk1RNHJoOFBSaFN6amdvRjhUOThMaWU0QWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wM2FmYzYtODhmNS00NjYwLTgwMTUtNjRjOWMyY2M5NjA5
LzEvRGJENTkxV3c0d1BNRnRHbU1fbFl3RFlEU1VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDX4AAMA0E
AgACMAcDBQAqAaZAMA0GCSqGSIb3DQEBCwUAA4IBAQCaS12v/rPOxUXkv1C5u7lQ
fuqpSKrmtzTa95xQD6XH5cI/Fnv00SmdtnUTqC2erFnaLadJ2I3nF+xor9jtGtwy
47+7z/WnVGHjn0yQkFydDbYICZ+aUNhsXhHq23P+DbYFGhkvCuxhKS3C90keZlna
lOWo4O68C726iFYVZ+kAfvjCAyWBZdPbqvv4+fFkEY2l5Y7rDilTaULiyvfA6k7q
BXkYHS+L/bHMRNlPCsb3s/gvZROvc+b73rGY+wntcXi/h2Ek0Yb9J2K9queaAwn4
dyJi21u2851ONWM7yGdiwYyFsDt3jwe9uO4XCuoYtueLMvn4qg82fhdykSSelOM9
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:20 2024 by rpki-client on console-ams.rpki-client.org