Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/P8y7b5e8RFLckNGnnLWISPYKKNs.roa
File: P8y7b5e8RFLckNGnnLWISPYKKNs.roa (raw, json)
Hash identifier: a616to2Z169K2nFKuhGdDcGjvybm7MOAkEvdEk4Fmks=
Subject key identifier: 3F:CC:BB:6F:97:BC:44:52:DC:90:D1:A7:9C:B5:88:48:F6:0A:28:DB
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A2137599737A767E2B1EED2033314
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/P8y7b5e8RFLckNGnnLWISPYKKNs.roa
Signing time: Tue 02 Jan 2024 12:33:27 +0000
ROA not before: Tue 02 Jan 2024 12:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60108
IP address blocks: 95.47.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 15:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:21:37:59:97:37:a7:67:e2:b1:ee:d2:03:33:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fccbb6f97bc4452dc90d1a79cb58848f60a28db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:da:ee:54:12:46:da:ed:93:c5:81:e8:e2:4c:
96:e4:7c:e1:ed:81:79:4b:e5:c3:4b:6f:27:cd:07:
b4:fc:46:8d:e4:d2:9b:27:64:33:64:aa:6d:b2:c5:
e4:cb:ad:be:23:03:39:31:12:b1:b5:61:3a:13:cd:
2a:5b:0f:3d:6a:fe:94:d9:00:59:46:38:36:8b:72:
06:30:28:69:dd:81:a1:8c:47:5f:62:17:f8:cd:1a:
f5:44:05:0c:df:9c:4a:a8:07:94:3b:c7:2e:76:a4:
13:09:04:21:17:4e:a2:2a:24:89:19:85:32:7c:b7:
6a:a8:d6:c9:e6:7e:62:e6:cf:d5:3a:07:41:92:8c:
21:af:5b:42:ec:51:9c:8e:5e:91:69:60:dc:84:20:
20:46:9a:4e:36:72:13:53:6b:1b:e1:50:79:d5:4b:
3e:04:ae:6c:97:12:32:16:90:89:e6:71:94:8f:f3:
33:f6:12:16:b7:59:e2:40:20:c0:ee:d9:87:45:7c:
82:05:66:26:3e:95:36:9b:b8:8d:87:16:6a:8b:d6:
47:35:a0:37:2f:35:4d:d9:44:8b:73:9b:25:bb:f9:
19:17:65:9c:4c:7b:85:2b:cf:06:79:96:a0:06:4b:
10:80:17:69:c6:19:91:0e:25:21:58:f1:87:80:62:
08:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:CC:BB:6F:97:BC:44:52:DC:90:D1:A7:9C:B5:88:48:F6:0A:28:DB
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/P8y7b5e8RFLckNGnnLWISPYKKNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.140.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:71:43:4f:1d:68:c2:54:a7:6e:65:af:ee:29:51:cb:5a:1c:
72:fb:e2:6a:8a:bd:24:34:2b:17:b8:49:e1:02:dd:b4:27:59:
08:54:5f:b6:85:29:52:10:53:12:0c:d8:7f:a0:ed:48:ed:8c:
2a:50:10:d7:85:28:f8:35:90:bf:07:89:c4:8f:bb:02:54:7a:
15:39:ee:00:3a:b1:c0:e4:11:60:ed:13:79:41:d8:b6:24:85:
ed:1d:06:e7:5f:9c:0f:7f:90:ee:8a:43:29:2b:4e:16:69:95:
1c:44:e2:3e:20:5f:0b:06:61:0e:45:1b:e0:34:4f:d4:50:a3:
8b:21:d3:48:e0:08:f0:b0:51:7c:24:00:ec:5c:37:1f:b2:e0:
d1:46:7c:1b:28:05:aa:21:35:4b:24:3d:bc:a4:c6:73:6e:61:
cc:3e:64:c3:fd:58:38:92:71:a1:d6:3b:a0:d4:63:70:53:a6:
00:09:ec:ff:5f:52:28:eb:f9:90:b2:15:fd:9d:39:52:6f:f9:
e1:3a:ca:6e:7c:75:f2:c3:28:a3:6e:23:60:d2:7e:4a:6e:f2:
ce:f3:62:ef:bc:ef:0e:ef:ad:f9:d1:7c:f0:2e:06:db:d8:c4:
ff:b4:c9:95:0b:fe:8f:23:60:2f:51:c9:8a:70:ef:dd:52:22:
35:00:2d:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKiE3WZc3p2fise7SAzMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmNjYmI2Zjk3YmM0NDUyZGM5MGQxYTc5Y2I1ODg0OGY2MGEyOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7truVBJG2u2TxYHo4kyW5Hzh7YF5
S+XDS28nzQe0/EaN5NKbJ2QzZKptssXky62+IwM5MRKxtWE6E80qWw89av6U2QBZ
Rjg2i3IGMChp3YGhjEdfYhf4zRr1RAUM35xKqAeUO8cudqQTCQQhF06iKiSJGYUy
fLdqqNbJ5n5i5s/VOgdBkowhr1tC7FGcjl6RaWDchCAgRppONnITU2sb4VB51Us+
BK5slxIyFpCJ5nGUj/Mz9hIWt1niQCDA7tmHRXyCBWYmPpU2m7iNhxZqi9ZHNaA3
LzVN2USLc5slu/kZF2WcTHuFK88GeZagBksQgBdpxhmRDiUhWPGHgGIIqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/Mu2+XvERS3JDRp5y1iEj2CijbMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUDh5N2I1ZThSRkxja05Hbm5MV0lTUFlLS05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy+MMA0G
CSqGSIb3DQEBCwUAA4IBAQBbcUNPHWjCVKduZa/uKVHLWhxy++Jqir0kNCsXuEnh
At20J1kIVF+2hSlSEFMSDNh/oO1I7YwqUBDXhSj4NZC/B4nEj7sCVHoVOe4AOrHA
5BFg7RN5Qdi2JIXtHQbnX5wPf5DuikMpK04WaZUcROI+IF8LBmEORRvgNE/UUKOL
IdNI4AjwsFF8JADsXDcfsuDRRnwbKAWqITVLJD28pMZzbmHMPmTD/Vg4knGh1jug
1GNwU6YACez/X1Io6/mQshX9nTlSb/nhOspufHXywyijbiNg0n5KbvLO82LvvO8O
76350XzwLgbb2MT/tMmVC/6PI2AvUcmKcO/dUiI1AC1g
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:33 2025 by rpki-client