Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/8RQxGD53WF-EZbyCxYoB67ILC08.roa
File: 8RQxGD53WF-EZbyCxYoB67ILC08.roa (raw, json)
Hash identifier: 4x/daXQXL8eC1ZtXsLlxV9RRWN+QC02oBUVvpJUcDlo=
Subject key identifier: F1:14:31:18:3E:77:58:5F:84:65:BC:82:C5:8A:01:EB:B2:0B:0B:4F
Certificate issuer: /CN=3ce7566bb5b19e700f48e25e07506c2f222df384
Certificate serial: 0187AAC134C196262DBCFE0DF5F813964BEF
Authority key identifier: 3C:E7:56:6B:B5:B1:9E:70:0F:48:E2:5E:07:50:6C:2F:22:2D:F3:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/8RQxGD53WF-EZbyCxYoB67ILC08.roa
Signing time: Sat 22 Apr 2023 20:56:41 +0000
ROA not before: Sat 22 Apr 2023 20:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43019
IP address blocks: 95.214.212.0/24 maxlen: 24
95.214.213.0/24 maxlen: 24
95.214.215.0/24 maxlen: 24
95.214.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:aa:c1:34:c1:96:26:2d:bc:fe:0d:f5:f8:13:96:4b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ce7566bb5b19e700f48e25e07506c2f222df384
Validity
Not Before: Apr 22 20:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f11431183e77585f8465bc82c58a01ebb20b0b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:71:52:89:53:67:3e:81:10:23:11:8a:8d:ca:
6a:bf:08:e2:00:0b:b3:f0:ce:f9:8d:52:63:77:93:
53:3d:4c:a4:fc:ad:8f:9f:1b:01:6c:a8:f0:40:71:
03:5d:10:57:a2:09:36:95:0c:79:fb:f0:93:88:bc:
4f:20:91:21:a0:2d:c5:0a:e4:4c:3f:b0:a8:15:20:
9e:ca:34:48:f0:0c:d9:7b:20:4f:80:48:c2:00:2e:
6f:54:d9:15:17:29:7e:6d:be:5b:75:27:fa:62:15:
6c:90:b8:fc:79:5e:a4:65:14:fe:bc:e0:82:68:f7:
6b:60:27:2e:13:5f:91:00:54:01:f8:e7:7a:5d:67:
63:c7:50:11:f7:76:b3:04:b2:b3:f4:c6:75:cc:bc:
0b:55:ed:06:46:be:58:cc:e6:78:b4:9c:49:12:a6:
cb:e3:11:01:49:f7:23:3a:aa:87:d8:ee:7a:56:1d:
ab:5d:e7:fb:77:8a:79:0b:c1:2a:de:e3:34:fc:39:
59:5f:b0:43:25:4b:d7:72:1e:98:ad:a8:b8:f8:5a:
ec:33:59:65:97:f4:95:68:f7:5a:07:59:e7:a7:c4:
06:c7:b7:f7:e9:c2:c4:17:84:95:eb:16:fd:7b:16:
37:ac:33:ec:23:bb:af:c0:2d:7e:e9:30:0f:43:fc:
fe:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:14:31:18:3E:77:58:5F:84:65:BC:82:C5:8A:01:EB:B2:0B:0B:4F
X509v3 Authority Key Identifier:
keyid:3C:E7:56:6B:B5:B1:9E:70:0F:48:E2:5E:07:50:6C:2F:22:2D:F3:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/8RQxGD53WF-EZbyCxYoB67ILC08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/POdWa7WxnnAPSOJeB1BsLyIt84Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.212.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:cd:98:7f:96:de:dc:20:b0:1f:78:eb:a1:55:72:da:b9:d3:
68:51:a5:ce:b7:65:a5:be:2d:1e:e8:53:ba:08:6f:8b:17:79:
70:8d:18:5d:a0:a9:85:27:a6:37:23:a6:99:dc:91:af:88:21:
2d:ff:ba:0f:90:d2:46:8e:26:62:90:70:6a:23:67:e8:15:bf:
e8:b9:2d:c4:36:88:f5:d0:65:70:63:96:8e:1d:9e:a3:97:c4:
88:57:8f:ef:c8:c1:16:4e:39:00:97:27:f5:62:5d:5c:54:1e:
5a:9e:9c:99:4e:ed:2a:d8:8a:3f:50:9a:a8:12:e6:43:ea:fb:
9a:35:d9:a4:06:90:02:76:49:c4:5e:18:b4:42:e3:4f:3a:01:
4a:66:68:fe:37:04:1d:03:22:ba:32:bb:06:20:1d:8f:05:eb:
97:6d:87:90:f2:c0:9b:05:47:9a:df:2a:37:f8:59:c3:3e:70:
55:a7:fa:5d:70:11:9b:6f:48:6c:be:6b:6b:96:df:96:cc:41:
8b:0e:2e:44:c3:39:d1:ba:f5:2b:95:64:9a:ec:f7:59:e0:f3:
9d:3b:a7:b2:52:96:64:b2:04:9b:b0:1c:f4:80:12:2c:1b:03:
93:64:7d:68:5d:a4:0a:4a:ed:1a:66:3d:fd:c3:57:07:fd:0d:
4d:b3:b0:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeqwTTBliYtvP4N9fgTlkvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZTc1NjZiYjViMTllNzAwZjQ4ZTI1ZTA3NTA2YzJmMjIy
ZGYzODQwHhcNMjMwNDIyMjA1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTE0MzExODNlNzc1ODVmODQ2NWJjODJjNThhMDFlYmIyMGIwYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7nFSiVNnPoEQIxGKjcpqvwjiAAuz
8M75jVJjd5NTPUyk/K2PnxsBbKjwQHEDXRBXogk2lQx5+/CTiLxPIJEhoC3FCuRM
P7CoFSCeyjRI8AzZeyBPgEjCAC5vVNkVFyl+bb5bdSf6YhVskLj8eV6kZRT+vOCC
aPdrYCcuE1+RAFQB+Od6XWdjx1AR93azBLKz9MZ1zLwLVe0GRr5YzOZ4tJxJEqbL
4xEBSfcjOqqH2O56Vh2rXef7d4p5C8Eq3uM0/DlZX7BDJUvXch6Yrai4+FrsM1ll
l/SVaPdaB1nnp8QGx7f36cLEF4SV6xb9exY3rDPsI7uvwC1+6TAPQ/z+3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPEUMRg+d1hfhGW8gsWKAeuyCwtPMB8GA1UdIwQY
MBaAFDznVmu1sZ5wD0jiXgdQbC8iLfOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE9kV2E3V3hubkFQU09KZUIxQnNMeUl0ODRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84NmZmNzctOTc3Mi00YjI4LWFhMTIt
ODlmZjA2Zjc5NjM1LzEvOFJReEdENTNXRi1FWmJ5Q3hZb0I2N0lMQzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84NmZmNzctOTc3Mi00YjI4LWFhMTItODlmZjA2Zjc5NjM1
LzEvUE9kV2E3V3hubkFQU09KZUIxQnNMeUl0ODRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9bUMA0G
CSqGSIb3DQEBCwUAA4IBAQBvzZh/lt7cILAfeOuhVXLaudNoUaXOt2Wlvi0e6FO6
CG+LF3lwjRhdoKmFJ6Y3I6aZ3JGviCEt/7oPkNJGjiZikHBqI2foFb/ouS3ENoj1
0GVwY5aOHZ6jl8SIV4/vyMEWTjkAlyf1Yl1cVB5anpyZTu0q2Io/UJqoEuZD6vua
NdmkBpACdknEXhi0QuNPOgFKZmj+NwQdAyK6MrsGIB2PBeuXbYeQ8sCbBUea3yo3
+FnDPnBVp/pdcBGbb0hsvmtrlt+WzEGLDi5EwznRuvUrlWSa7PdZ4POdO6eyUpZk
sgSbsBz0gBIsGwOTZH1oXaQKSu0aZj39w1cH/Q1Ns7Dr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:15 2024 by rpki-client on console-fra.rpki-client.org