Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/cIwcxu6CjF6xcDuygLw34PpKAok.roa
File: cIwcxu6CjF6xcDuygLw34PpKAok.roa (raw, json)
Hash identifier: iEe/4Sx8oKe9ehp0bKjxbmk6pYe+o9eLaOGB/fz69Go=
Subject key identifier: 70:8C:1C:C6:EE:82:8C:5E:B1:70:3B:B2:80:BC:37:E0:FA:4A:02:89
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018EA86783540F12DC45B416220131DA280E
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/cIwcxu6CjF6xcDuygLw34PpKAok.roa
Signing time: Thu 04 Apr 2024 09:18:59 +0000
ROA not before: Thu 04 Apr 2024 09:18:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 95.82.16.0/20 maxlen: 24
109.111.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 24 Apr 2024 10:21:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:67:83:54:0f:12:dc:45:b4:16:22:01:31:da:28:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Apr 4 09:18:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=708c1cc6ee828c5eb1703bb280bc37e0fa4a0289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:67:3c:2f:5b:5b:95:f5:20:4f:88:ee:2f:55:
1e:70:3c:d9:b9:a1:36:4c:0a:ca:21:10:ad:8d:13:
9f:1a:f7:65:0a:98:dc:31:03:09:ca:1e:c0:3b:d8:
63:08:fd:46:72:37:e7:f8:f9:98:3f:25:48:c8:98:
a7:1e:80:3e:82:63:59:ce:03:10:91:9c:fb:58:53:
0e:3a:18:de:b7:77:5c:ae:6f:cd:de:8c:48:1c:70:
b1:53:43:ed:aa:8d:86:7d:19:bd:bf:3a:de:ce:74:
d9:36:86:a8:cc:42:78:ff:1a:cd:a3:2d:c8:6e:1e:
be:dc:4d:89:20:67:1e:ea:64:d3:16:5e:05:ff:8c:
d8:86:80:bd:58:69:22:d2:af:34:f6:3f:29:aa:11:
70:c7:fe:64:a1:a5:e8:be:24:33:a6:ac:f1:b5:cb:
1d:c4:6e:f2:91:37:26:1c:ff:00:24:60:8b:58:69:
b0:93:8c:5c:b1:b5:9d:4d:49:58:c1:2a:bd:54:07:
a1:dc:97:23:7e:49:8b:62:7f:66:d7:6f:cc:79:c5:
7b:28:63:35:fa:d9:cb:f6:08:f4:af:de:1b:30:06:
02:5e:3a:64:3e:95:84:11:8a:c5:e2:7d:ea:02:8f:
77:08:d4:a5:24:84:b4:81:f3:12:a5:cb:65:68:33:
fc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8C:1C:C6:EE:82:8C:5E:B1:70:3B:B2:80:BC:37:E0:FA:4A:02:89
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/cIwcxu6CjF6xcDuygLw34PpKAok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.16.0/20
109.111.60.0/22
Signature Algorithm: sha256WithRSAEncryption
17:7e:32:4d:9c:93:a3:77:a6:3c:c1:b2:ee:05:9b:30:31:bb:
83:83:5e:63:bf:9c:b4:5a:fe:61:ad:80:ae:81:1f:ea:b9:80:
ae:6d:a0:da:bb:4a:79:79:63:26:72:a4:1d:c4:63:9b:ba:74:
a2:95:d4:cd:9f:92:58:34:77:5e:4c:b5:d5:9f:b9:6c:8d:26:
82:36:17:21:ec:4b:b9:1e:67:c1:3a:1a:b9:53:64:d8:99:86:
87:1d:00:33:41:d8:07:e9:48:d7:a2:6a:8a:67:4a:98:ff:f9:
bb:10:16:cd:a1:b6:c8:cd:cb:26:20:fa:a0:51:7c:5f:84:67:
ae:1e:71:d3:74:8a:ab:54:5a:ac:d2:ca:b1:cc:c7:34:bb:e5:
5b:0a:1c:d9:6e:55:8e:d4:00:1b:40:19:68:ef:8b:eb:e7:73:
1c:9f:6a:3f:d6:01:21:b7:80:a5:4d:9f:39:13:a7:89:b3:bf:
81:26:26:6a:aa:37:8d:bc:be:91:2c:0f:00:ad:ce:d6:f2:49:
b9:a2:07:4d:84:cf:96:5c:7f:1d:05:9e:c3:14:46:9d:cd:46:
f8:da:49:8d:47:98:e5:f6:64:31:98:a4:87:ff:19:50:e7:cd:
9b:80:9a:4e:29:e0:1b:d4:19:93:f0:75:a0:ad:37:06:5f:fb:
a3:04:18:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6oZ4NUDxLcRbQWIgEx2igOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNDA0MDkxODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhjMWNjNmVlODI4YzVlYjE3MDNiYjI4MGJjMzdlMGZhNGEwMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmc8L1tblfUgT4juL1UecDzZuaE2
TArKIRCtjROfGvdlCpjcMQMJyh7AO9hjCP1Gcjfn+PmYPyVIyJinHoA+gmNZzgMQ
kZz7WFMOOhjet3dcrm/N3oxIHHCxU0Ptqo2GfRm9vzreznTZNoaozEJ4/xrNoy3I
bh6+3E2JIGce6mTTFl4F/4zYhoC9WGki0q809j8pqhFwx/5koaXoviQzpqzxtcsd
xG7ykTcmHP8AJGCLWGmwk4xcsbWdTUlYwSq9VAeh3JcjfkmLYn9m12/MecV7KGM1
+tnL9gj0r94bMAYCXjpkPpWEEYrF4n3qAo93CNSlJIS0gfMSpctlaDP8QQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCMHMbugoxesXA7soC8N+D6SgKJMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvY0l3Y3h1NkNqRjZ4Y0R1eWdMdzM0UHBLQW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEX1IQAwQC
bW88MA0GCSqGSIb3DQEBCwUAA4IBAQAXfjJNnJOjd6Y8wbLuBZswMbuDg15jv5y0
Wv5hrYCugR/quYCubaDau0p5eWMmcqQdxGObunSildTNn5JYNHdeTLXVn7lsjSaC
Nhch7Eu5HmfBOhq5U2TYmYaHHQAzQdgH6UjXomqKZ0qY//m7EBbNobbIzcsmIPqg
UXxfhGeuHnHTdIqrVFqs0sqxzMc0u+VbChzZblWO1AAbQBlo74vr53Mcn2o/1gEh
t4ClTZ85E6eJs7+BJiZqqjeNvL6RLA8Arc7W8km5ogdNhM+WXH8dBZ7DFEadzUb4
2kmNR5jl9mQxmKSH/xlQ582bgJpOKeAb1BmT8HWgrTcGX/ujBBhO
-----END CERTIFICATE-----
Generated at Wed Apr 24 12:34:45 2024 by rpki-client on console-ams.rpki-client.org