Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/PN9w4KquN11LzYYB1gvcwF4ogVI.roa
File: PN9w4KquN11LzYYB1gvcwF4ogVI.roa (raw, json)
Hash identifier: TUr4mYTOBVFEorYJXBq8zbpO0SjoWZEIpGL0CTAQj1U=
Subject key identifier: 3C:DF:70:E0:AA:AE:37:5D:4B:CD:86:01:D6:0B:DC:C0:5E:28:81:52
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 01856C9CE5C5E89FE506087CE188CBD71B51
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/PN9w4KquN11LzYYB1gvcwF4ogVI.roa
Signing time: Sun 01 Jan 2023 09:14:59 +0000
ROA not before: Sun 01 Jan 2023 09:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49001
IP address blocks: 185.194.220.0/22 maxlen: 22
95.131.33.0/24 maxlen: 24
95.131.37.0/24 maxlen: 24
95.131.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:e5:c5:e8:9f:e5:06:08:7c:e1:88:cb:d7:1b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 09:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cdf70e0aaae375d4bcd8601d60bdcc05e288152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:19:8a:92:c2:b4:66:72:80:cb:d0:ac:93:9e:
fd:f6:cc:cd:dd:92:ca:0c:64:a6:0d:a2:01:14:f0:
f4:34:03:a6:37:28:71:e8:1d:dd:0b:1c:5c:a6:03:
79:63:99:c4:af:52:c9:18:a0:14:be:50:3e:76:c4:
d7:3e:5d:ca:38:5e:7b:1c:65:5a:03:c7:ef:7d:ef:
d2:0e:60:da:81:aa:0e:60:c6:a2:5a:6b:94:3b:26:
fe:b9:30:07:8e:42:56:b5:3e:41:85:33:40:80:4b:
20:b8:ac:15:33:c1:af:f2:4a:21:b8:2d:a1:e5:69:
e3:0c:6f:f3:71:5f:a1:8e:1f:f1:37:70:a8:ea:1f:
bb:85:cb:26:e5:89:20:86:fb:58:e2:a2:d3:ca:a2:
ae:cb:08:cb:22:d0:c9:c9:b9:f0:f9:67:1c:93:68:
08:05:d9:b9:d9:0f:db:b0:19:8d:6b:f2:0f:58:62:
7f:9f:ec:1d:ec:69:0f:71:6f:b4:aa:db:bf:af:58:
ba:2c:b7:27:a6:c9:47:4f:c8:51:f8:d7:fe:5f:ce:
f8:40:7f:2c:26:67:a8:5a:ba:d2:01:2b:c6:29:8b:
8e:de:f8:0f:22:19:ac:bb:34:36:68:37:d5:fe:3d:
52:b5:72:4f:fd:f9:e8:9a:19:97:fa:d7:92:d2:ea:
0e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DF:70:E0:AA:AE:37:5D:4B:CD:86:01:D6:0B:DC:C0:5E:28:81:52
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/PN9w4KquN11LzYYB1gvcwF4ogVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.33.0/24
95.131.35.0/24
95.131.37.0/24
185.194.220.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:0b:99:b2:4b:fe:d1:04:dc:7c:06:c5:37:62:b3:47:06:fa:
e6:f3:12:ef:00:0d:54:f1:a4:c0:9e:46:06:2d:32:74:00:84:
6e:7c:01:29:50:58:c9:fd:ec:48:e0:5d:70:5b:7a:ac:f3:33:
70:55:03:33:86:a6:ca:26:b7:e2:3e:ca:be:61:20:a8:bb:89:
ba:38:5d:4b:de:d6:d6:78:ef:3d:08:56:f7:ff:0b:df:04:82:
23:d1:6a:40:af:83:8c:63:da:85:f5:ad:19:40:87:63:11:4a:
94:ec:34:aa:a2:67:08:da:42:1e:da:41:81:3c:bd:c7:19:6f:
82:b4:07:1e:26:55:38:54:e8:d8:9d:15:ca:75:13:b4:6a:96:
18:05:d8:03:3e:cc:25:6c:1d:96:83:61:a8:9c:45:8f:b3:40:
1e:16:1f:77:ad:ac:f8:a8:d2:01:6e:fb:c2:bc:46:cb:d5:02:
d3:f8:46:ab:e1:25:61:8a:88:e0:c7:d8:3c:4f:22:0d:e0:48:
2f:52:93:af:da:02:d9:9b:c9:6d:53:01:a4:03:9f:c8:6d:30:
6c:fb:06:f7:0d:69:2f:5c:1a:84:39:ce:c3:ff:52:ae:79:10:
5e:97:fb:f8:06:8b:42:3f:65:cd:2a:08:0f:0c:29:9b:6d:22:
c1:da:d2:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsnOXF6J/lBgh84YjL1xtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjMwMTAxMDkxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RmNzBlMGFhYWUzNzVkNGJjZDg2MDFkNjBiZGNjMDVlMjg4MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRmKksK0ZnKAy9Csk5799szN3ZLK
DGSmDaIBFPD0NAOmNyhx6B3dCxxcpgN5Y5nEr1LJGKAUvlA+dsTXPl3KOF57HGVa
A8fvfe/SDmDagaoOYMaiWmuUOyb+uTAHjkJWtT5BhTNAgEsguKwVM8Gv8kohuC2h
5WnjDG/zcV+hjh/xN3Co6h+7hcsm5YkghvtY4qLTyqKuywjLItDJybnw+Wcck2gI
Bdm52Q/bsBmNa/IPWGJ/n+wd7GkPcW+0qtu/r1i6LLcnpslHT8hR+Nf+X874QH8s
JmeoWrrSASvGKYuO3vgPIhmsuzQ2aDfV/j1StXJP/fnomhmX+teS0uoOawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDzfcOCqrjddS82GAdYL3MBeKIFSMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvUE45dzRLcXVOMTFMellZQjFndmN3RjRvZ1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX4MhAwQA
X4MjAwQAX4MlAwQCucLcMA0GCSqGSIb3DQEBCwUAA4IBAQArC5myS/7RBNx8BsU3
YrNHBvrm8xLvAA1U8aTAnkYGLTJ0AIRufAEpUFjJ/exI4F1wW3qs8zNwVQMzhqbK
JrfiPsq+YSCou4m6OF1L3tbWeO89CFb3/wvfBIIj0WpAr4OMY9qF9a0ZQIdjEUqU
7DSqomcI2kIe2kGBPL3HGW+CtAceJlU4VOjYnRXKdRO0apYYBdgDPswlbB2Wg2Go
nEWPs0AeFh93raz4qNIBbvvCvEbL1QLT+Ear4SVhiojgx9g8TyIN4EgvUpOv2gLZ
m8ltUwGkA5/IbTBs+wb3DWkvXBqEOc7D/1KueRBel/v4BotCP2XNKggPDCmbbSLB
2tLk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:27 2024 by rpki-client on console-ams.rpki-client.org