Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/rg5UQMJGgjmJafpcBcQcMrm8v0k.roa
File: rg5UQMJGgjmJafpcBcQcMrm8v0k.roa (raw, json)
Hash identifier: lZoHGGqVuvh271I1KMDxqStVX+B+JuM4rz2H+q3MEdA=
Subject key identifier: AE:0E:54:40:C2:46:82:39:89:69:FA:5C:05:C4:1C:32:B9:BC:BF:49
Certificate issuer: /CN=332293d0399160788b31e438760dc3bd1ed882eb
Certificate serial: 018FF1995080DAF5A2C737E3A720E350DD08
Authority key identifier: 33:22:93:D0:39:91:60:78:8B:31:E4:38:76:0D:C3:BD:1E:D8:82:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MyKT0DmRYHiLMeQ4dg3DvR7Ygus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/rg5UQMJGgjmJafpcBcQcMrm8v0k.roa
Signing time: Fri 07 Jun 2024 07:28:27 +0000
ROA not before: Fri 07 Jun 2024 07:28:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50188
IP address blocks: 95.215.194.0/24 maxlen: 24
95.215.196.0/24 maxlen: 24
95.215.197.0/24 maxlen: 24
95.215.198.0/24 maxlen: 24
95.215.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 07:52:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:99:50:80:da:f5:a2:c7:37:e3:a7:20:e3:50:dd:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=332293d0399160788b31e438760dc3bd1ed882eb
Validity
Not Before: Jun 7 07:28:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae0e5440c24682398969fa5c05c41c32b9bcbf49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:11:70:53:3b:f8:9a:13:be:ea:f0:ea:73:58:
ba:88:cb:2e:94:0c:b4:95:09:fb:8c:39:e5:cd:90:
87:bb:88:93:aa:f1:25:f7:c4:52:4f:2c:a2:fe:71:
fe:0c:c9:df:a4:27:e3:6e:85:e7:42:96:44:c0:6c:
c5:8d:bf:20:bb:e7:b0:2f:b6:3c:f0:4f:32:14:46:
f8:79:3a:08:e0:1e:1b:9e:5b:71:69:42:01:98:fe:
7a:6c:1a:e4:7a:75:ed:36:82:13:00:52:a4:9b:96:
13:27:e6:0f:39:0d:bb:a1:49:98:9b:69:58:36:14:
dc:12:b7:95:72:97:50:f1:30:60:92:6d:f3:b1:aa:
8e:d7:e1:ff:92:8e:19:20:ad:f5:e9:60:37:e8:0c:
3c:53:f9:1d:42:6c:0b:23:fc:25:e4:40:c4:f9:d8:
08:be:51:64:91:20:fe:e1:82:80:40:0a:c8:9f:70:
3b:60:62:03:00:34:72:e3:89:67:d5:fa:ed:8a:46:
9c:2c:02:86:88:63:cd:1c:33:8c:c1:8f:af:37:5a:
62:83:7d:21:90:78:64:66:46:08:e4:d1:0f:e1:35:
e2:62:b5:c9:77:be:20:ff:12:78:15:a1:f6:83:d3:
5b:f2:15:a8:09:74:93:80:b0:4f:f7:03:c0:45:53:
cf:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:0E:54:40:C2:46:82:39:89:69:FA:5C:05:C4:1C:32:B9:BC:BF:49
X509v3 Authority Key Identifier:
keyid:33:22:93:D0:39:91:60:78:8B:31:E4:38:76:0D:C3:BD:1E:D8:82:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MyKT0DmRYHiLMeQ4dg3DvR7Ygus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/rg5UQMJGgjmJafpcBcQcMrm8v0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c8b1e5-7b95-4ca7-b2ba-222fe348268a/1/MyKT0DmRYHiLMeQ4dg3DvR7Ygus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.194.0/24
95.215.196.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:e6:b3:16:b8:12:6f:ea:38:bb:21:9f:95:c7:88:eb:bb:47:
5e:aa:8d:bb:4a:80:6f:39:5c:00:05:f9:4b:69:a9:5b:b7:27:
a5:9f:82:d2:df:ec:19:46:d4:73:7b:ad:58:09:e7:13:4e:40:
79:0f:ce:3a:29:b3:c9:66:9d:7e:39:3c:49:59:6c:78:be:55:
4c:7c:7c:07:47:c4:93:b6:dc:6e:25:3f:22:71:1f:d5:ce:c1:
09:65:37:98:8c:96:a4:be:e3:82:03:37:f5:1c:cd:24:4f:95:
2a:1a:11:1f:13:d9:5a:4f:80:29:44:a2:36:b9:5c:60:cf:d2:
b7:17:fa:30:4c:cf:cc:83:ae:4b:ce:82:51:73:62:9b:43:e1:
90:96:b7:3a:97:8c:15:82:2e:6f:c5:43:a0:89:be:eb:2e:a4:
e7:11:42:59:57:07:ed:ac:99:0f:f4:e8:99:20:f1:c9:e1:c2:
bc:85:6c:07:8a:7e:e2:83:57:25:11:ee:8a:23:a5:9b:3e:34:
3d:b4:dc:fb:8a:27:f7:78:8e:a0:91:63:4e:04:ed:0d:39:28:
db:b4:18:9a:15:e5:1f:f4:9d:c7:09:0b:4e:6c:34:c7:29:c3:
75:bd:cd:e4:36:64:4f:96:9d:62:68:96:b7:6b:d7:d6:51:c4:
54:34:07:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/xmVCA2vWixzfjpyDjUN0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMjI5M2QwMzk5MTYwNzg4YjMxZTQzODc2MGRjM2JkMWVk
ODgyZWIwHhcNMjQwNjA3MDcyODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBlNTQ0MGMyNDY4MjM5ODk2OWZhNWMwNWM0MWMzMmI5YmNiZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBFwUzv4mhO+6vDqc1i6iMsulAy0
lQn7jDnlzZCHu4iTqvEl98RSTyyi/nH+DMnfpCfjboXnQpZEwGzFjb8gu+ewL7Y8
8E8yFEb4eToI4B4bnltxaUIBmP56bBrkenXtNoITAFKkm5YTJ+YPOQ27oUmYm2lY
NhTcEreVcpdQ8TBgkm3zsaqO1+H/ko4ZIK316WA36Aw8U/kdQmwLI/wl5EDE+dgI
vlFkkSD+4YKAQArIn3A7YGIDADRy44ln1frtikacLAKGiGPNHDOMwY+vN1pig30h
kHhkZkYI5NEP4TXiYrXJd74g/xJ4FaH2g9Nb8hWoCXSTgLBP9wPARVPPCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK4OVEDCRoI5iWn6XAXEHDK5vL9JMB8GA1UdIwQY
MBaAFDMik9A5kWB4izHkOHYNw70e2ILrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXlLVDBEbVJZSGlMTWVRNGRnM0R2UjdZZ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9jOGIxZTUtN2I5NS00Y2E3LWIyYmEt
MjIyZmUzNDgyNjhhLzEvcmc1VVFNSkdnam1KYWZwY0JjUWNNcm04djBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9jOGIxZTUtN2I5NS00Y2E3LWIyYmEtMjIyZmUzNDgyNjhh
LzEvTXlLVDBEbVJZSGlMTWVRNGRnM0R2UjdZZ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9fCAwQC
X9fEMA0GCSqGSIb3DQEBCwUAA4IBAQCb5rMWuBJv6ji7IZ+Vx4jru0deqo27SoBv
OVwABflLaalbtyeln4LS3+wZRtRze61YCecTTkB5D846KbPJZp1+OTxJWWx4vlVM
fHwHR8STttxuJT8icR/VzsEJZTeYjJakvuOCAzf1HM0kT5UqGhEfE9laT4ApRKI2
uVxgz9K3F/owTM/Mg65LzoJRc2KbQ+GQlrc6l4wVgi5vxUOgib7rLqTnEUJZVwft
rJkP9OiZIPHJ4cK8hWwHin7ig1clEe6KI6WbPjQ9tNz7iif3eI6gkWNOBO0NOSjb
tBiaFeUf9J3HCQtObDTHKcN1vc3kNmRPlp1iaJa3a9fWUcRUNAf9
-----END CERTIFICATE-----
Generated at Tue Jun 11 12:41:26 2024 by rpki-client on console-ams.rpki-client.org