Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/ce113d-c923-43f4-9708-bb417ec649ab/1/rsb9m0IHp8aGvmfgPDSKOrEZAxk.roa
File: rsb9m0IHp8aGvmfgPDSKOrEZAxk.roa (raw, json)
Hash identifier: 5pVs1w6WzH7SZNst5jnMRXNg94z13yghOMQECu28s9A=
Subject key identifier: AE:C6:FD:9B:42:07:A7:C6:86:BE:67:E0:3C:34:8A:3A:B1:19:03:19
Certificate issuer: /CN=711280b1338f12fc6f621c4c90560c7bc5908961
Certificate serial: 019330CBEA0A86A9BB2A4C181AA340C1E4AA
Authority key identifier: 71:12:80:B1:33:8F:12:FC:6F:62:1C:4C:90:56:0C:7B:C5:90:89:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cRKAsTOPEvxvYhxMkFYMe8WQiWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/ce113d-c923-43f4-9708-bb417ec649ab/1/rsb9m0IHp8aGvmfgPDSKOrEZAxk.roa
Signing time: Fri 15 Nov 2024 17:08:10 +0000
ROA not before: Fri 15 Nov 2024 17:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215706
IP address blocks: 95.131.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 14:29:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:cb:ea:0a:86:a9:bb:2a:4c:18:1a:a3:40:c1:e4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=711280b1338f12fc6f621c4c90560c7bc5908961
Validity
Not Before: Nov 15 17:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aec6fd9b4207a7c686be67e03c348a3ab1190319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:89:16:8f:69:6e:ee:d5:4e:2d:22:bb:e8:
f7:3d:6c:74:bf:0e:86:bc:56:a2:b9:1d:9c:d7:3c:
d2:6c:d7:17:46:aa:ac:82:11:0b:63:b4:e9:75:71:
9e:3d:2e:92:a8:20:a4:b5:d0:c9:0a:e2:8f:27:24:
28:99:fd:b4:00:35:03:86:1b:f5:6e:6c:45:9b:60:
82:88:c6:52:e3:80:ff:30:17:38:53:5c:94:de:9b:
cf:3a:bd:66:be:6e:fc:c0:ce:5e:2f:0f:c0:fc:d7:
c3:e5:8c:b3:a6:51:1d:0b:cd:d9:fd:87:2b:1f:c6:
9a:3b:a2:9d:e9:a8:73:ae:b8:e6:52:bb:7a:2c:73:
94:68:1a:00:f4:5f:22:48:e5:5a:b1:f7:21:45:48:
32:b4:6a:5f:c2:e3:b5:70:c8:66:1a:45:cd:bb:6d:
05:67:59:bb:29:60:f1:cd:97:82:a1:c0:e7:be:b6:
33:8e:dc:95:52:b2:8d:60:7f:1d:88:26:1e:9e:7f:
0f:03:36:64:6d:90:b9:ec:07:97:f5:5b:aa:fd:6b:
dd:ca:46:b2:4d:37:1d:b1:fd:c9:03:a8:de:6b:71:
7e:aa:00:3a:cf:5f:cc:54:be:5b:84:62:86:bf:11:
b9:68:af:b1:ad:84:bd:f1:e1:96:d2:ee:61:34:0c:
79:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C6:FD:9B:42:07:A7:C6:86:BE:67:E0:3C:34:8A:3A:B1:19:03:19
X509v3 Authority Key Identifier:
keyid:71:12:80:B1:33:8F:12:FC:6F:62:1C:4C:90:56:0C:7B:C5:90:89:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cRKAsTOPEvxvYhxMkFYMe8WQiWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/ce113d-c923-43f4-9708-bb417ec649ab/1/rsb9m0IHp8aGvmfgPDSKOrEZAxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/ce113d-c923-43f4-9708-bb417ec649ab/1/cRKAsTOPEvxvYhxMkFYMe8WQiWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.203.0/24
Signature Algorithm: sha256WithRSAEncryption
29:ca:93:59:e7:17:d1:05:ee:5a:d1:60:e6:67:e0:63:64:7e:
e5:e6:d6:49:55:93:0e:e8:e5:20:e3:8d:2d:e4:de:69:e9:12:
c1:7e:ea:24:1b:2f:5f:57:58:03:ac:92:e0:07:5d:49:2e:41:
f8:0d:6f:f9:3f:ee:41:44:29:1d:8e:3c:bc:5d:fb:9d:4d:bd:
23:c1:60:15:9a:7d:f5:59:c9:70:83:54:b5:c9:76:09:84:36:
8c:39:56:25:5e:4a:85:62:df:35:e9:ee:be:f4:f4:ee:2e:12:
31:80:57:8e:4f:1f:c8:0a:a7:18:c1:ef:09:bd:21:08:0a:97:
23:0d:f3:ce:6f:48:c0:8d:f9:41:01:75:d0:ff:21:1f:62:86:
40:a8:e1:c5:b6:3c:1f:38:02:df:e9:bb:46:e0:63:34:6c:78:
25:06:91:be:09:46:6a:b5:16:69:25:24:ef:08:10:88:83:9b:
8f:de:d8:aa:c3:ca:b3:67:c4:67:05:2d:b8:f7:5f:79:8b:0c:
c2:1c:dc:55:aa:00:68:33:d9:d7:2a:9c:c9:02:e5:4a:f1:18:
11:33:05:8e:ac:ae:b9:da:08:df:42:02:f5:2e:12:d3:4f:6e:
9b:91:d4:8a:f5:22:8c:96:40:ff:bf:9b:c6:ce:ff:a6:9e:e1:
fa:84:f1:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMwy+oKhqm7KkwYGqNAweSqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMTI4MGIxMzM4ZjEyZmM2ZjYyMWM0YzkwNTYwYzdiYzU5
MDg5NjEwHhcNMjQxMTE1MTcwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWM2ZmQ5YjQyMDdhN2M2ODZiZTY3ZTAzYzM0OGEzYWIxMTkwMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl16JFo9pbu7VTi0iu+j3PWx0vw6G
vFaiuR2c1zzSbNcXRqqsghELY7TpdXGePS6SqCCktdDJCuKPJyQomf20ADUDhhv1
bmxFm2CCiMZS44D/MBc4U1yU3pvPOr1mvm78wM5eLw/A/NfD5YyzplEdC83Z/Ycr
H8aaO6Kd6ahzrrjmUrt6LHOUaBoA9F8iSOVasfchRUgytGpfwuO1cMhmGkXNu20F
Z1m7KWDxzZeCocDnvrYzjtyVUrKNYH8diCYenn8PAzZkbZC57AeX9Vuq/Wvdykay
TTcdsf3JA6jea3F+qgA6z1/MVL5bhGKGvxG5aK+xrYS98eGW0u5hNAx5uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK7G/ZtCB6fGhr5n4Dw0ijqxGQMZMB8GA1UdIwQY
MBaAFHESgLEzjxL8b2IcTJBWDHvFkIlhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1JLQXNUT1BFdnh2WWh4TWtGWU1lOFdRaVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZTExM2QtYzkyMy00M2Y0LTk3MDgt
YmI0MTdlYzY0OWFiLzEvcnNiOW0wSUhwOGFHdm1mZ1BEU0tPckVaQXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jZTExM2QtYzkyMy00M2Y0LTk3MDgtYmI0MTdlYzY0OWFi
LzEvY1JLQXNUT1BFdnh2WWh4TWtGWU1lOFdRaVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4PLMA0G
CSqGSIb3DQEBCwUAA4IBAQApypNZ5xfRBe5a0WDmZ+BjZH7l5tZJVZMO6OUg440t
5N5p6RLBfuokGy9fV1gDrJLgB11JLkH4DW/5P+5BRCkdjjy8XfudTb0jwWAVmn31
Wclwg1S1yXYJhDaMOVYlXkqFYt816e6+9PTuLhIxgFeOTx/ICqcYwe8JvSEICpcj
DfPOb0jAjflBAXXQ/yEfYoZAqOHFtjwfOALf6btG4GM0bHglBpG+CUZqtRZpJSTv
CBCIg5uP3tiqw8qzZ8RnBS249195iwzCHNxVqgBoM9nXKpzJAuVK8RgRMwWOrK65
2gjfQgL1LhLTT26bkdSK9SKMlkD/v5vGzv+mnuH6hPGH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:18 2025 by rpki-client