Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/1-My8wRYp1vK52ALmR34BZ5lR9sM.roa
File: 1-My8wRYp1vK52ALmR34BZ5lR9sM.roa (raw, json)
Hash identifier: f24WkpizEKtsdP1ihCxiEoqeLeJSSBkwz1kX2lOAwaM=
Subject key identifier: F8:CC:BC:C1:16:29:D6:F2:B9:D8:02:E6:47:7E:01:67:99:51:F6:C3
Certificate issuer: /CN=3ce7566bb5b19e700f48e25e07506c2f222df384
Certificate serial: 01856BAEC97BC433E14621677C9B5C1ED7F1
Authority key identifier: 3C:E7:56:6B:B5:B1:9E:70:0F:48:E2:5E:07:50:6C:2F:22:2D:F3:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/1-My8wRYp1vK52ALmR34BZ5lR9sM.roa
Signing time: Sun 01 Jan 2023 04:54:54 +0000
ROA not before: Sun 01 Jan 2023 04:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43019
IP address blocks: 95.214.212.0/24 maxlen: 24
95.214.213.0/24 maxlen: 24
95.214.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Apr 2023 20:56:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:c9:7b:c4:33:e1:46:21:67:7c:9b:5c:1e:d7:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ce7566bb5b19e700f48e25e07506c2f222df384
Validity
Not Before: Jan 1 04:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8ccbcc11629d6f2b9d802e6477e01679951f6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f1:b2:e0:3d:02:e1:37:0a:98:ee:f4:a3:73:
7a:7c:c7:20:ec:a9:89:97:41:94:c7:a5:d3:cc:c3:
71:5f:c5:85:85:c4:2f:a3:f4:a2:e1:53:23:ca:9d:
6b:34:93:96:dd:a2:d1:b9:81:64:d7:08:94:ed:6f:
07:0f:84:9e:f1:8b:40:14:cb:24:34:ea:90:3e:5e:
f2:60:01:c6:9b:b1:b8:dc:a8:34:f8:25:ea:8f:d8:
e4:e8:53:60:24:9c:57:ae:1a:8f:d8:a5:e1:84:f1:
dd:9d:64:bd:bd:f8:b1:15:1f:a9:64:a0:1e:0d:d2:
a7:90:9e:7c:82:b2:ee:a1:44:22:41:17:be:35:b8:
cc:06:06:6c:4c:e0:e7:2a:73:37:9b:df:34:b3:ca:
b2:0d:06:6c:26:23:b2:26:38:1b:ba:83:8b:5f:4f:
f8:30:84:f4:81:1b:7f:98:6b:19:81:ce:d8:64:85:
2e:de:a5:02:a0:a3:0c:2f:12:35:bc:5e:ee:60:e9:
38:d9:ff:bc:c8:16:6e:7c:ac:45:03:e2:01:08:b4:
6d:73:65:9f:9b:d9:da:c5:3a:c1:75:fe:91:eb:36:
86:09:ed:c9:da:37:46:51:89:0a:f3:f1:01:b2:02:
f0:dd:70:a3:df:53:98:8a:8d:4c:b0:43:50:0b:47:
8d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:CC:BC:C1:16:29:D6:F2:B9:D8:02:E6:47:7E:01:67:99:51:F6:C3
X509v3 Authority Key Identifier:
keyid:3C:E7:56:6B:B5:B1:9E:70:0F:48:E2:5E:07:50:6C:2F:22:2D:F3:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/1-My8wRYp1vK52ALmR34BZ5lR9sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/POdWa7WxnnAPSOJeB1BsLyIt84Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.212.0-95.214.214.255
Signature Algorithm: sha256WithRSAEncryption
18:ae:3a:80:e5:76:74:f7:c2:af:d3:31:49:c1:53:c7:ad:68:
d0:40:eb:84:86:1a:f6:5b:83:88:8a:78:6d:90:90:a1:1e:40:
38:4b:95:ef:24:26:a2:66:0b:06:cd:1e:5d:5d:95:43:11:a8:
2e:ad:f1:ef:15:ad:d1:c3:43:ab:a1:36:45:06:da:f9:22:36:
b2:12:05:ba:a2:4a:53:52:69:44:b0:09:ab:b2:29:0d:40:26:
2c:31:3b:74:73:44:94:b6:5c:f5:80:23:4a:22:c5:26:33:36:
97:dd:b5:6a:ef:10:81:b5:be:a8:81:15:36:64:1f:e1:41:81:
19:91:96:35:5a:3b:fd:7d:e6:28:73:4f:51:6a:8d:51:59:74:
00:3a:29:b5:84:57:2d:a9:9d:31:d6:1d:47:a0:d2:d7:59:47:
d9:03:5e:d6:37:94:88:9f:20:a0:28:01:d2:df:e9:3e:96:aa:
87:27:c9:1f:36:b8:e3:91:05:3c:82:9e:af:d3:76:97:3f:43:
bb:3f:b7:a6:45:69:fe:b5:70:af:1f:2e:23:46:7e:ec:ef:9f:
c5:8e:e6:bf:8c:2b:cc:20:99:99:48:1e:48:3a:8b:0b:e5:34:
a9:f5:2a:a2:99:fc:b3:a0:03:bd:89:c8:3c:a6:1b:5d:74:7d:
0a:d0:58:08
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYVrrsl7xDPhRiFnfJtcHtfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZTc1NjZiYjViMTllNzAwZjQ4ZTI1ZTA3NTA2YzJmMjIy
ZGYzODQwHhcNMjMwMTAxMDQ1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGNjYmNjMTE2MjlkNmYyYjlkODAyZTY0NzdlMDE2Nzk5NTFmNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfGy4D0C4TcKmO70o3N6fMcg7KmJ
l0GUx6XTzMNxX8WFhcQvo/Si4VMjyp1rNJOW3aLRuYFk1wiU7W8HD4Se8YtAFMsk
NOqQPl7yYAHGm7G43Kg0+CXqj9jk6FNgJJxXrhqP2KXhhPHdnWS9vfixFR+pZKAe
DdKnkJ58grLuoUQiQRe+NbjMBgZsTODnKnM3m980s8qyDQZsJiOyJjgbuoOLX0/4
MIT0gRt/mGsZgc7YZIUu3qUCoKMMLxI1vF7uYOk42f+8yBZufKxFA+IBCLRtc2Wf
m9naxTrBdf6R6zaGCe3J2jdGUYkK8/EBsgLw3XCj31OYio1MsENQC0eNpwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPjMvMEWKdbyudgC5kd+AWeZUfbDMB8GA1UdIwQY
MBaAFDznVmu1sZ5wD0jiXgdQbC8iLfOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE9kV2E3V3hubkFQU09KZUIxQnNMeUl0ODRRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84NmZmNzctOTc3Mi00YjI4LWFhMTIt
ODlmZjA2Zjc5NjM1LzEvMS1NeTh3UllwMXZLNTJBTG1SMzRCWjVsUjlzTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTAvODZmZjc3LTk3NzItNGIyOC1hYTEyLTg5ZmYwNmY3OTYz
NS8xL1BPZFdhN1d4bm5BUFNPSmVCMUJzTHlJdDg0US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCX9bU
AwQAX9bWMA0GCSqGSIb3DQEBCwUAA4IBAQAYrjqA5XZ098Kv0zFJwVPHrWjQQOuE
hhr2W4OIinhtkJChHkA4S5XvJCaiZgsGzR5dXZVDEagurfHvFa3Rw0OroTZFBtr5
IjayEgW6okpTUmlEsAmrsikNQCYsMTt0c0SUtlz1gCNKIsUmMzaX3bVq7xCBtb6o
gRU2ZB/hQYEZkZY1Wjv9feYoc09Rao1RWXQAOim1hFctqZ0x1h1HoNLXWUfZA17W
N5SInyCgKAHS3+k+lqqHJ8kfNrjjkQU8gp6v03aXP0O7P7emRWn+tXCvHy4jRn7s
75/Fjua/jCvMIJmZSB5IOosL5TSp9SqimfyzoAO9icg8phtddH0K0FgI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:49 2024 by rpki-client on console-ams.rpki-client.org