Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/otBVb0KDFx32rEj0MOxofz_Rf_8.roa
File: otBVb0KDFx32rEj0MOxofz_Rf_8.roa (raw, json)
Hash identifier: TSu856k9KR4uDlatcO6EF3/ERToDnTOEjsJ9uFTDISg=
Subject key identifier: A2:D0:55:6F:42:83:17:1D:F6:AC:48:F4:30:EC:68:7F:3F:D1:7F:FF
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018CC7933CB8C77C294F8F7C3A2B4C6008E5
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/otBVb0KDFx32rEj0MOxofz_Rf_8.roa
Signing time: Tue 02 Jan 2024 00:29:24 +0000
ROA not before: Tue 02 Jan 2024 00:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207645
IP address blocks: 95.111.128.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 16 Apr 2024 12:08:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3c:b8:c7:7c:29:4f:8f:7c:3a:2b:4c:60:08:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 2 00:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2d0556f4283171df6ac48f430ec687f3fd17fff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8e:d9:a3:66:2c:ff:ed:b6:59:91:6f:4e:0f:
3a:84:db:70:fb:0b:f3:52:74:1c:79:bd:aa:80:8c:
f8:19:0a:ff:f0:77:53:c9:7a:82:d1:fc:3a:c6:37:
58:24:05:8a:f7:62:80:e5:9d:03:1b:af:43:aa:44:
aa:83:b6:cf:dd:05:5c:4a:f7:ae:5d:fa:ce:9c:56:
20:8d:a2:e5:15:d2:e4:b8:1a:13:47:ec:59:81:5b:
c5:be:00:98:cf:78:25:4a:15:cb:5a:bd:d5:b6:a4:
b7:6a:dc:29:11:66:db:f7:ca:b3:b1:1b:93:87:79:
65:f1:5a:9c:de:e7:f2:0e:b7:ff:c2:6e:ed:58:9b:
23:78:76:17:91:b1:b0:24:21:67:c8:3a:5f:5f:d1:
76:80:74:83:47:3a:25:39:19:88:71:9a:19:1b:e2:
44:0d:a9:5a:b9:64:d6:d3:76:ff:da:ae:a4:6c:e4:
7b:94:5e:7b:4e:e3:ff:2e:0b:d9:34:b5:c1:45:d2:
15:79:7e:d4:a6:cb:d7:18:9d:19:43:23:65:36:27:
4e:14:55:39:e6:c7:e6:2c:77:66:ce:2c:e0:72:4d:
4c:d0:72:6b:ab:19:79:2b:9c:43:b4:31:94:57:fb:
01:f1:78:5a:4d:49:89:97:a1:54:7d:a3:79:8f:01:
05:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D0:55:6F:42:83:17:1D:F6:AC:48:F4:30:EC:68:7F:3F:D1:7F:FF
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/otBVb0KDFx32rEj0MOxofz_Rf_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.128.0/20
Signature Algorithm: sha256WithRSAEncryption
0e:82:b1:51:48:ec:ba:0f:e3:3c:89:8f:55:9f:89:1e:64:dc:
af:0e:36:6d:04:4f:40:eb:d5:fa:8e:b0:60:8f:b0:3c:c2:c2:
bd:de:f6:66:0b:a5:69:5f:f2:d0:09:e3:97:16:f3:12:e1:c9:
f9:2c:53:5f:f0:06:e1:9b:cb:ba:db:11:a5:ed:a6:fe:a7:55:
eb:52:55:c8:ca:23:61:42:0b:66:f9:de:09:3d:48:32:23:e8:
fe:7e:56:4c:53:7c:ac:27:a9:3b:3b:11:a3:5d:bc:b4:b5:4e:
03:bf:32:4b:6b:b9:be:16:57:ae:82:10:1a:c8:15:b8:68:89:
d4:95:77:0a:75:b8:8f:2b:0a:3c:1f:dd:70:27:d8:e1:b2:15:
17:a0:c3:c9:43:ea:49:01:97:2b:9f:68:5c:de:cf:27:e0:ec:
8d:3d:56:dc:ea:ca:20:45:6c:b2:79:08:4a:e2:12:f7:58:4a:
2d:1d:ff:e9:e4:96:00:29:1e:d1:fc:73:b9:c1:14:25:79:ec:
22:d7:58:06:ab:2a:04:83:2b:9d:36:fb:53:dc:73:1b:bc:7d:
5d:1a:65:67:58:05:e2:b8:ac:99:ef:2f:81:77:b8:2c:36:a1:
e4:4e:ce:38:15:b9:62:14:1a:8e:d0:a6:ec:36:e4:e2:a5:86:
dc:92:d7:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHkzy4x3wpT498OitMYAjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjQwMTAyMDAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQwNTU2ZjQyODMxNzFkZjZhYzQ4ZjQzMGVjNjg3ZjNmZDE3ZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI7Zo2Ys/+22WZFvTg86hNtw+wvz
UnQceb2qgIz4GQr/8HdTyXqC0fw6xjdYJAWK92KA5Z0DG69DqkSqg7bP3QVcSveu
XfrOnFYgjaLlFdLkuBoTR+xZgVvFvgCYz3glShXLWr3VtqS3atwpEWbb98qzsRuT
h3ll8Vqc3ufyDrf/wm7tWJsjeHYXkbGwJCFnyDpfX9F2gHSDRzolORmIcZoZG+JE
DalauWTW03b/2q6kbOR7lF57TuP/LgvZNLXBRdIVeX7UpsvXGJ0ZQyNlNidOFFU5
5sfmLHdmzizgck1M0HJrqxl5K5xDtDGUV/sB8XhaTUmJl6FUfaN5jwEFrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLQVW9Cgxcd9qxI9DDsaH8/0X//MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvb3RCVmIwS0RGeDMyckVqME1PeG9mel9SZl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEX2+AMA0G
CSqGSIb3DQEBCwUAA4IBAQAOgrFRSOy6D+M8iY9Vn4keZNyvDjZtBE9A69X6jrBg
j7A8wsK93vZmC6VpX/LQCeOXFvMS4cn5LFNf8Abhm8u62xGl7ab+p1XrUlXIyiNh
Qgtm+d4JPUgyI+j+flZMU3ysJ6k7OxGjXby0tU4DvzJLa7m+FleughAayBW4aInU
lXcKdbiPKwo8H91wJ9jhshUXoMPJQ+pJAZcrn2hc3s8n4OyNPVbc6sogRWyyeQhK
4hL3WEotHf/p5JYAKR7R/HO5wRQleewi11gGqyoEgyudNvtT3HMbvH1dGmVnWAXi
uKyZ7y+Bd7gsNqHkTs44FbliFBqO0KbsNuTipYbcktcY
-----END CERTIFICATE-----
Generated at Tue Apr 16 15:47:08 2024 by rpki-client on console-fra.rpki-client.org