Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/qUK2TW0O_i1wtoVAp_0OcjCMbHQ.roa
File: qUK2TW0O_i1wtoVAp_0OcjCMbHQ.roa (raw, json)
Hash identifier: AaMQvIvNiG4Mlfnm9JHXtI8CwYbJepIGUGmzUS6XP9w=
Subject key identifier: A9:42:B6:4D:6D:0E:FE:2D:70:B6:85:40:A7:FD:0E:72:30:8C:6C:74
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 019162166E249964522D663DF0E9454D2083
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/qUK2TW0O_i1wtoVAp_0OcjCMbHQ.roa
Signing time: Sat 17 Aug 2024 20:45:22 +0000
ROA not before: Sat 17 Aug 2024 20:45:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207645
IP address blocks: 95.111.128.0/20 maxlen: 20
95.111.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 30 Aug 2024 12:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:62:16:6e:24:99:64:52:2d:66:3d:f0:e9:45:4d:20:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Aug 17 20:45:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a942b64d6d0efe2d70b68540a7fd0e72308c6c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:17:97:95:67:17:7a:84:24:61:1b:53:24:f1:
65:84:95:22:d2:4e:be:a6:27:89:89:c1:2a:8b:b6:
13:56:da:92:2a:f3:34:54:02:dd:15:5d:11:12:16:
04:ce:ae:9d:be:54:fe:09:c3:f4:e1:c7:6a:5c:42:
cf:71:15:a8:9e:73:40:2f:4d:da:ff:19:d8:57:d5:
75:67:fa:3f:41:cf:13:cc:41:20:20:95:f4:2e:ca:
ab:87:9f:7f:45:b3:d9:21:29:b0:ea:2b:19:ff:2e:
5d:23:c7:e8:45:81:1e:8b:59:24:14:7c:a4:c0:f7:
bf:2b:69:78:86:70:76:ff:f4:46:0f:06:9d:5b:51:
94:da:3f:ef:51:b9:46:94:68:65:6d:77:0b:e7:4f:
f9:98:d3:29:bb:bf:a4:dd:e7:06:b2:00:19:a9:6d:
b5:99:db:98:24:af:4b:42:6a:66:d3:04:39:ab:76:
88:6b:a2:64:a6:e8:b4:4b:3d:07:90:c8:86:ce:7e:
e4:df:7b:92:98:2a:f5:80:d3:06:91:36:5a:ca:c8:
97:e4:e6:74:27:01:36:e0:d0:56:34:2b:35:4d:fb:
7a:6f:2b:55:18:fc:a6:76:a9:29:59:61:1b:d8:68:
07:47:f8:cc:5b:61:e6:22:74:52:e5:77:d8:87:ac:
82:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:42:B6:4D:6D:0E:FE:2D:70:B6:85:40:A7:FD:0E:72:30:8C:6C:74
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/qUK2TW0O_i1wtoVAp_0OcjCMbHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.128.0/19
Signature Algorithm: sha256WithRSAEncryption
76:0a:08:bb:46:aa:26:a5:22:d3:d2:24:36:10:b4:9f:99:50:
b5:dc:25:30:5b:ef:49:82:72:e9:c5:c3:12:1b:27:af:82:94:
d4:1b:ea:4b:d3:0e:e1:9d:01:62:78:7f:4e:6c:b3:db:75:49:
1a:9b:82:c5:3b:f3:a9:4c:59:4e:ad:a0:a5:fa:57:91:ae:b5:
33:84:24:6e:5c:3a:c0:40:3d:7e:b6:3e:8e:b1:0a:f9:d7:97:
e1:85:55:ee:70:32:e1:d4:dc:81:e3:75:0f:4e:4d:eb:ef:91:
19:ca:86:54:6c:5a:61:fb:89:15:3a:d7:58:a4:35:91:fd:0b:
9f:ba:4b:33:c2:8f:03:fd:ac:23:38:b5:31:69:08:a4:7d:9e:
ca:6d:a2:a0:69:b5:21:ad:ac:62:3d:db:48:e9:17:3f:27:2f:
ab:8e:0c:a0:54:94:e0:ea:9e:56:b4:aa:23:2d:af:4a:30:cf:
9e:03:c6:4d:89:4e:f9:10:69:d9:a1:0a:2e:55:c7:c9:d2:00:
40:2c:60:22:c4:06:60:ad:e1:66:c5:11:da:55:fe:73:ad:35:
b7:74:f3:23:a9:27:a9:e0:af:d5:72:6b:88:c9:15:af:dc:30:
7d:e2:d3:ab:c4:2f:68:70:13:c2:6e:c6:83:0f:1c:8b:fd:b5:
da:66:47:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFiFm4kmWRSLWY98OlFTSCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjQwODE3MjA0NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQyYjY0ZDZkMGVmZTJkNzBiNjg1NDBhN2ZkMGU3MjMwOGM2Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xeXlWcXeoQkYRtTJPFlhJUi0k6+
pieJicEqi7YTVtqSKvM0VALdFV0REhYEzq6dvlT+CcP04cdqXELPcRWonnNAL03a
/xnYV9V1Z/o/Qc8TzEEgIJX0Lsqrh59/RbPZISmw6isZ/y5dI8foRYEei1kkFHyk
wPe/K2l4hnB2//RGDwadW1GU2j/vUblGlGhlbXcL50/5mNMpu7+k3ecGsgAZqW21
mduYJK9LQmpm0wQ5q3aIa6Jkpui0Sz0HkMiGzn7k33uSmCr1gNMGkTZaysiX5OZ0
JwE24NBWNCs1Tft6bytVGPymdqkpWWEb2GgHR/jMW2HmInRS5XfYh6yCFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKlCtk1tDv4tcLaFQKf9DnIwjGx0MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvcVVLMlRXME9faTF3dG9WQXBfME9jakNNYkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFX2+AMA0G
CSqGSIb3DQEBCwUAA4IBAQB2Cgi7RqompSLT0iQ2ELSfmVC13CUwW+9JgnLpxcMS
GyevgpTUG+pL0w7hnQFieH9ObLPbdUkam4LFO/OpTFlOraCl+leRrrUzhCRuXDrA
QD1+tj6OsQr515fhhVXucDLh1NyB43UPTk3r75EZyoZUbFph+4kVOtdYpDWR/Quf
ukszwo8D/awjOLUxaQikfZ7KbaKgabUhraxiPdtI6Rc/Jy+rjgygVJTg6p5WtKoj
La9KMM+eA8ZNiU75EGnZoQouVcfJ0gBALGAixAZgreFmxRHaVf5zrTW3dPMjqSep
4K/VcmuIyRWv3DB94tOrxC9ocBPCbsaDDxyL/bXaZkdZ
-----END CERTIFICATE-----
Generated at Fri Aug 30 13:52:13 2024 by rpki-client on console-fra.rpki-client.org