Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/blnkxjOaq1D0cAJn525hOE-RTDY.roa
File: blnkxjOaq1D0cAJn525hOE-RTDY.roa (raw, json)
Hash identifier: 3ZbIbfkIaJKA0p6ypo79s1GWI41AbU//+nZEitCUHUY=
Subject key identifier: 6E:59:E4:C6:33:9A:AB:50:F4:70:02:67:E7:6E:61:38:4F:91:4C:36
Certificate issuer: /CN=1cbd5746e300091ded1a11a13b16807b4fd0f1fc
Certificate serial: 018CC2DAC3A7C2F616A2C3C361429B6F622C
Authority key identifier: 1C:BD:57:46:E3:00:09:1D:ED:1A:11:A1:3B:16:80:7B:4F:D0:F1:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HL1XRuMACR3tGhGhOxaAe0_Q8fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/blnkxjOaq1D0cAJn525hOE-RTDY.roa
Signing time: Mon 01 Jan 2024 02:29:25 +0000
ROA not before: Mon 01 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16278
IP address blocks: 195.95.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 21:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c3:a7:c2:f6:16:a2:c3:c3:61:42:9b:6f:62:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cbd5746e300091ded1a11a13b16807b4fd0f1fc
Validity
Not Before: Jan 1 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e59e4c6339aab50f4700267e76e61384f914c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:44:69:a2:4f:50:d1:2d:9f:c4:ad:ee:33:7a:
6d:38:b1:82:16:17:f5:e9:19:23:da:28:ca:59:e5:
ef:b7:66:c5:e6:25:17:9c:f5:57:78:02:56:18:12:
25:67:f3:bc:16:69:5a:1c:ef:c8:23:35:17:65:60:
dc:20:f0:84:3e:90:cc:66:4b:ea:22:16:c2:82:32:
03:3d:b9:b3:c6:bd:c0:6c:d6:9a:77:cd:54:e7:9e:
64:36:c8:47:55:c1:37:56:f5:09:c8:4a:00:2e:0a:
5a:9e:31:52:66:55:8e:3b:68:63:cc:fd:96:f7:45:
7f:59:50:36:60:8a:6b:04:44:95:b4:6c:1f:3b:45:
82:a4:d8:5e:0d:34:32:ba:d6:91:bd:a5:09:12:08:
76:8a:06:37:1b:6e:c1:8a:26:b9:79:5a:45:86:4e:
f5:37:5d:c9:3d:e0:95:e4:9a:7d:11:b5:64:e6:18:
cf:ae:05:a8:b4:ef:75:bd:e0:36:21:bc:be:ae:67:
e0:e5:fe:56:a7:03:07:af:6e:2d:74:fb:7e:9a:e9:
64:e5:7b:42:e1:44:a5:96:fb:88:99:fa:31:ff:fe:
d6:85:b0:e1:15:36:30:e9:fe:e5:2f:d1:75:99:69:
62:4a:64:05:e3:63:4f:19:b0:90:f3:7e:75:1d:da:
e7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:59:E4:C6:33:9A:AB:50:F4:70:02:67:E7:6E:61:38:4F:91:4C:36
X509v3 Authority Key Identifier:
keyid:1C:BD:57:46:E3:00:09:1D:ED:1A:11:A1:3B:16:80:7B:4F:D0:F1:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HL1XRuMACR3tGhGhOxaAe0_Q8fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/blnkxjOaq1D0cAJn525hOE-RTDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/HL1XRuMACR3tGhGhOxaAe0_Q8fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.177.0/24
Signature Algorithm: sha256WithRSAEncryption
53:37:da:8c:ec:0f:8d:af:f8:ae:57:c1:db:31:f2:ac:13:3f:
63:d3:57:4c:a9:9c:c1:c8:8d:35:46:d2:11:0c:d0:ba:99:8c:
e4:e6:0d:3b:bf:47:de:31:a9:13:98:d9:2f:8e:1f:75:65:e2:
21:50:14:5b:d7:b7:e6:ee:1d:33:f2:d9:42:0e:5c:32:27:a0:
30:e9:c9:1b:5e:60:de:ee:33:ea:9e:24:d1:82:85:9b:0a:e6:
62:cc:c5:11:84:73:22:68:62:3b:c7:ff:dd:78:08:bd:f8:43:
69:71:4f:85:75:e7:77:47:ad:f3:e5:e9:2c:1e:d3:29:fc:9f:
9b:e0:84:bd:e1:bf:0f:e9:dc:eb:d7:11:0f:9b:19:dc:fa:b4:
eb:a2:4a:be:b2:da:36:2d:42:ee:99:05:0d:64:8b:b3:6d:1b:
7f:26:f6:09:cd:fb:13:c4:99:d6:e5:d8:ad:8f:c9:62:2c:86:
4d:0e:53:56:67:ee:3b:f3:cf:02:dc:1c:5e:15:e9:3c:7e:3d:
3f:49:6a:d4:23:6b:27:82:7d:ae:71:8c:b4:9b:15:cc:fc:9f:
a8:59:63:f3:16:49:84:b8:80:01:83:04:e2:9a:c1:67:69:21:
62:08:3c:60:cc:03:92:87:48:25:d0:eb:48:eb:7e:2d:9d:d4:
c4:1f:ea:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2sOnwvYWosPDYUKbb2IsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYmQ1NzQ2ZTMwMDA5MWRlZDFhMTFhMTNiMTY4MDdiNGZk
MGYxZmMwHhcNMjQwMTAxMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTU5ZTRjNjMzOWFhYjUwZjQ3MDAyNjdlNzZlNjEzODRmOTE0YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkRpok9Q0S2fxK3uM3ptOLGCFhf1
6Rkj2ijKWeXvt2bF5iUXnPVXeAJWGBIlZ/O8FmlaHO/IIzUXZWDcIPCEPpDMZkvq
IhbCgjIDPbmzxr3AbNaad81U555kNshHVcE3VvUJyEoALgpanjFSZlWOO2hjzP2W
90V/WVA2YIprBESVtGwfO0WCpNheDTQyutaRvaUJEgh2igY3G27Biia5eVpFhk71
N13JPeCV5Jp9EbVk5hjPrgWotO91veA2Iby+rmfg5f5WpwMHr24tdPt+mulk5XtC
4USllvuImfox//7WhbDhFTYw6f7lL9F1mWliSmQF42NPGbCQ8351HdrnFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5Z5MYzmqtQ9HACZ+duYThPkUw2MB8GA1UdIwQY
MBaAFBy9V0bjAAkd7RoRoTsWgHtP0PH8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEwxWFJ1TUFDUjN0R2hHaE94YUFlMF9ROGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9lMzA4NmMtZDcyZi00MWVhLTk0NDQt
YmRlYTYzZTVhN2M0LzEvYmxua3hqT2FxMUQwY0FKbjUyNWhPRS1SVERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9lMzA4NmMtZDcyZi00MWVhLTk0NDQtYmRlYTYzZTVhN2M0
LzEvSEwxWFJ1TUFDUjN0R2hHaE94YUFlMF9ROGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1+xMA0G
CSqGSIb3DQEBCwUAA4IBAQBTN9qM7A+Nr/iuV8HbMfKsEz9j01dMqZzByI01RtIR
DNC6mYzk5g07v0feMakTmNkvjh91ZeIhUBRb17fm7h0z8tlCDlwyJ6Aw6ckbXmDe
7jPqniTRgoWbCuZizMURhHMiaGI7x//deAi9+ENpcU+Fded3R63z5eksHtMp/J+b
4IS94b8P6dzr1xEPmxnc+rTrokq+sto2LULumQUNZIuzbRt/JvYJzfsTxJnW5dit
j8liLIZNDlNWZ+47888C3BxeFek8fj0/SWrUI2sngn2ucYy0mxXM/J+oWWPzFkmE
uIABgwTimsFnaSFiCDxgzAOSh0gl0OtI634tndTEH+qu
-----END CERTIFICATE-----
Generated at Fri Mar 1 02:46:30 2024 by rpki-client on console-ams.rpki-client.org