Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/cLt9Xr8kvserEIX_iUpE2JwK5vw.roa
File: cLt9Xr8kvserEIX_iUpE2JwK5vw.roa (raw, json)
Hash identifier: ZFr44EQPGCWjvhfc8Ny2WpT3EWRnCxzV6UdjNbY5VHg=
Subject key identifier: 70:BB:7D:5E:BF:24:BE:C7:AB:10:85:FF:89:4A:44:D8:9C:0A:E6:FC
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01856CC178973387BDAC6134017E9525D9DE
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/cLt9Xr8kvserEIX_iUpE2JwK5vw.roa
Signing time: Sun 01 Jan 2023 09:54:56 +0000
ROA not before: Sun 01 Jan 2023 09:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 95.101.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:78:97:33:87:bd:ac:61:34:01:7e:95:25:d9:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 09:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70bb7d5ebf24bec7ab1085ff894a44d89c0ae6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ba:26:5f:68:a5:ca:28:e9:a1:75:52:4b:c5:
aa:2d:c7:48:c0:37:15:12:7e:01:04:fe:56:6d:d5:
ef:d7:6d:31:6f:f9:65:22:9e:7e:76:18:31:80:59:
f0:85:33:1b:0f:58:ad:e0:88:d6:47:03:5b:d4:82:
9c:7f:7a:55:7f:1e:61:cb:ec:ea:8b:3c:28:8e:75:
d0:87:db:4b:1f:da:e6:5d:72:66:c6:e6:a9:b1:09:
f8:46:9e:8d:a9:a4:0c:4b:8e:b8:ed:b2:20:5e:3a:
ce:56:d4:cb:17:73:eb:35:8a:2c:3c:83:c4:8e:06:
0d:7a:07:4b:e6:b3:0b:9c:b8:99:a5:e1:08:76:a2:
9c:ca:45:14:72:4e:a3:0d:f5:ba:7b:d9:de:de:53:
b7:d3:ac:ef:80:4e:a1:3c:e2:51:19:31:26:b5:b4:
f1:a9:20:51:3e:6e:c1:d6:4e:7f:ea:50:ee:6b:f8:
7a:c9:74:65:74:6d:14:7d:d4:11:27:86:d6:6e:2a:
93:6c:c3:32:3f:47:4a:71:2f:46:ec:da:8d:2a:ea:
33:95:80:87:08:e9:8c:47:71:0b:45:23:1d:59:f1:
14:4e:21:fe:9a:78:ad:bb:47:15:54:5c:ce:9f:f5:
8d:ac:68:0c:35:8d:e2:80:3b:ea:c9:5b:3b:10:de:
10:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:BB:7D:5E:BF:24:BE:C7:AB:10:85:FF:89:4A:44:D8:9C:0A:E6:FC
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/cLt9Xr8kvserEIX_iUpE2JwK5vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.101.235.0/24
Signature Algorithm: sha256WithRSAEncryption
17:fb:37:93:2a:2f:df:8e:de:39:94:5f:f7:b8:ab:75:15:50:
09:78:35:6a:22:93:da:75:c3:5b:ba:84:a0:64:e4:9c:35:cd:
bc:0f:98:b4:31:9c:42:a3:4b:04:b5:0f:be:cf:24:af:08:8b:
e5:63:f7:b8:77:a0:0a:45:ed:b9:34:9f:89:8b:55:c9:b3:e8:
77:7d:da:13:f8:b1:eb:b5:9b:22:a4:ce:a8:89:a2:5e:8b:11:
0a:37:dd:3f:71:5a:d2:27:82:59:b7:0a:95:8e:4d:6f:76:c0:
b9:cd:9e:16:6b:7b:7a:1a:00:2d:16:72:81:d3:42:8e:bb:c8:
f8:1f:df:0f:0a:7a:ef:8d:07:d2:14:43:13:b4:3c:d9:75:d7:
68:ed:12:f0:20:26:c9:b1:42:30:a7:c6:ab:8d:2d:67:1b:15:
99:b9:23:33:ad:b7:ec:c1:37:96:4c:12:4e:33:96:cd:11:b4:
d6:c2:e8:64:89:a0:dc:c6:d0:03:cf:7f:44:fa:81:7a:f5:4d:
0f:9a:95:e5:7d:4e:e8:7d:67:68:9a:41:62:24:d2:cb:a2:7a:
7d:60:02:71:d2:b8:17:67:c4:4b:04:da:46:14:08:ed:44:fc:
70:fd:86:19:99:2d:ff:e5:e5:3d:17:8e:a4:7a:11:c6:57:6e:
15:0f:83:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVswXiXM4e9rGE0AX6VJdneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwMTAxMDk1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGJiN2Q1ZWJmMjRiZWM3YWIxMDg1ZmY4OTRhNDRkODljMGFlNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLomX2ilyijpoXVSS8WqLcdIwDcV
En4BBP5WbdXv120xb/llIp5+dhgxgFnwhTMbD1it4IjWRwNb1IKcf3pVfx5hy+zq
izwojnXQh9tLH9rmXXJmxuapsQn4Rp6NqaQMS4647bIgXjrOVtTLF3PrNYosPIPE
jgYNegdL5rMLnLiZpeEIdqKcykUUck6jDfW6e9ne3lO306zvgE6hPOJRGTEmtbTx
qSBRPm7B1k5/6lDua/h6yXRldG0UfdQRJ4bWbiqTbMMyP0dKcS9G7NqNKuozlYCH
COmMR3ELRSMdWfEUTiH+mnitu0cVVFzOn/WNrGgMNY3igDvqyVs7EN4QzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHC7fV6/JL7HqxCF/4lKRNicCub8MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvY0x0OVhyOGt2c2VyRUlYX2lVcEUySndLNXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX2XrMA0G
CSqGSIb3DQEBCwUAA4IBAQAX+zeTKi/fjt45lF/3uKt1FVAJeDVqIpPadcNbuoSg
ZOScNc28D5i0MZxCo0sEtQ++zySvCIvlY/e4d6AKRe25NJ+Ji1XJs+h3fdoT+LHr
tZsipM6oiaJeixEKN90/cVrSJ4JZtwqVjk1vdsC5zZ4Wa3t6GgAtFnKB00KOu8j4
H98PCnrvjQfSFEMTtDzZdddo7RLwICbJsUIwp8arjS1nGxWZuSMzrbfswTeWTBJO
M5bNEbTWwuhkiaDcxtADz39E+oF69U0PmpXlfU7ofWdomkFiJNLLonp9YAJx0rgX
Z8RLBNpGFAjtRPxw/YYZmS3/5eU9F46kehHGV24VD4O4
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:22 2024 by rpki-client on console-ams.rpki-client.org