Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/r-f3giQ_0ExrpQhXoEvIPcHn4xw.roa
File: r-f3giQ_0ExrpQhXoEvIPcHn4xw.roa (raw, json)
Hash identifier: d8hHppAUt6CqcSx+ytdvLn8cZKayKGmnb1RIaAiXV74=
Subject key identifier: AF:E7:F7:82:24:3F:D0:4C:6B:A5:08:57:A0:4B:C8:3D:C1:E7:E3:1C
Certificate issuer: /CN=3ce7566bb5b19e700f48e25e07506c2f222df384
Certificate serial: 01856BAECA4230A0AC016D578E7D46BC90CD
Authority key identifier: 3C:E7:56:6B:B5:B1:9E:70:0F:48:E2:5E:07:50:6C:2F:22:2D:F3:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/r-f3giQ_0ExrpQhXoEvIPcHn4xw.roa
Signing time: Sun 01 Jan 2023 04:54:55 +0000
ROA not before: Sun 01 Jan 2023 04:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209654
IP address blocks: 95.214.213.0/24 maxlen: 24
95.214.212.0/24 maxlen: 24
95.214.215.0/24 maxlen: 24
95.214.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:ca:42:30:a0:ac:01:6d:57:8e:7d:46:bc:90:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ce7566bb5b19e700f48e25e07506c2f222df384
Validity
Not Before: Jan 1 04:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afe7f782243fd04c6ba50857a04bc83dc1e7e31c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:78:ca:0e:30:c1:e7:2a:7d:52:82:de:f3:77:
0c:c2:89:b9:cf:46:8f:84:fa:8f:a3:ec:2e:47:03:
76:b8:81:a0:af:fc:b7:ce:fa:64:79:4e:fc:29:f7:
61:82:8a:f4:f8:c9:33:38:7c:64:ff:ad:0d:ae:1a:
d3:74:ec:7f:f5:54:2e:ae:f0:a5:03:f6:ce:56:c4:
43:81:0b:89:17:bf:31:43:47:7e:a2:c2:02:f0:a3:
f7:fa:71:7c:50:55:1a:17:ec:54:b0:9f:0b:d7:77:
de:5c:85:42:37:ab:b5:9e:a5:a7:51:f9:ac:c4:77:
f6:7c:c9:b5:57:7a:7a:1e:05:4d:e9:ca:09:9d:dd:
b3:81:a1:c2:a5:cc:da:be:41:2f:c6:63:45:5c:0d:
17:38:81:41:f1:5d:ca:6d:18:60:84:ea:b9:d8:2c:
24:d5:94:b0:89:cf:f9:37:ad:fd:b9:ab:b4:be:24:
ac:f7:be:1e:b3:85:39:40:4b:08:9b:b3:ba:61:2e:
eb:da:60:3c:64:b3:0b:64:f7:25:80:56:a6:5c:83:
27:5a:66:3f:be:72:55:f0:9f:7a:31:61:16:ae:f0:
2b:52:13:eb:2d:fa:64:9c:43:63:f2:40:5c:69:ac:
a8:58:6e:b0:67:8a:4d:d1:61:1f:81:ef:b9:90:39:
33:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E7:F7:82:24:3F:D0:4C:6B:A5:08:57:A0:4B:C8:3D:C1:E7:E3:1C
X509v3 Authority Key Identifier:
keyid:3C:E7:56:6B:B5:B1:9E:70:0F:48:E2:5E:07:50:6C:2F:22:2D:F3:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/r-f3giQ_0ExrpQhXoEvIPcHn4xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/POdWa7WxnnAPSOJeB1BsLyIt84Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.212.0/22
Signature Algorithm: sha256WithRSAEncryption
39:35:3d:8b:05:c0:b9:94:65:f9:98:5d:99:b3:7b:a0:f1:49:
2b:97:65:9b:1b:9a:42:33:74:15:0f:c1:fa:40:ec:8f:7d:80:
91:d0:31:ae:f2:b0:7b:fd:16:01:92:f9:2f:19:82:d6:46:51:
fb:66:a6:71:8d:a0:71:5a:8b:31:9a:18:e3:c4:54:03:8d:26:
a7:4d:1b:52:af:c0:9e:04:be:1d:b1:ab:0b:6a:95:0a:56:88:
dd:81:06:c7:4b:02:e0:03:b4:6f:cf:cd:e9:ed:f0:ff:5b:40:
c0:36:d6:a9:50:d5:e4:3b:e7:17:4d:eb:92:4b:00:f5:a3:28:
09:5d:da:dc:3b:9a:e4:35:85:13:23:40:24:c6:50:4f:f4:cc:
90:c5:3d:13:0a:7f:14:34:71:01:e7:8b:25:08:72:fa:3f:82:
28:91:9c:01:ae:a5:f7:ec:df:1b:51:cc:d6:e6:ec:d3:b2:d7:
9e:40:71:35:c9:57:6e:1d:ef:1f:66:3e:d3:c4:42:59:f4:ad:
44:bf:6c:ba:6e:21:ee:df:d4:a6:94:56:d8:4f:7c:a8:bc:cb:
7a:49:b2:56:9f:95:d8:f3:81:9a:a0:1a:90:3f:83:3d:09:d7:
0c:88:13:f5:1d:27:9e:db:3e:11:f4:ea:f1:b0:23:1a:42:5d:
ae:fa:20:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrrspCMKCsAW1Xjn1GvJDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZTc1NjZiYjViMTllNzAwZjQ4ZTI1ZTA3NTA2YzJmMjIy
ZGYzODQwHhcNMjMwMTAxMDQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmU3Zjc4MjI0M2ZkMDRjNmJhNTA4NTdhMDRiYzgzZGMxZTdlMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHjKDjDB5yp9UoLe83cMwom5z0aP
hPqPo+wuRwN2uIGgr/y3zvpkeU78Kfdhgor0+MkzOHxk/60NrhrTdOx/9VQurvCl
A/bOVsRDgQuJF78xQ0d+osIC8KP3+nF8UFUaF+xUsJ8L13feXIVCN6u1nqWnUfms
xHf2fMm1V3p6HgVN6coJnd2zgaHCpczavkEvxmNFXA0XOIFB8V3KbRhghOq52Cwk
1ZSwic/5N639uau0viSs974es4U5QEsIm7O6YS7r2mA8ZLMLZPclgFamXIMnWmY/
vnJV8J96MWEWrvArUhPrLfpknENj8kBcaayoWG6wZ4pN0WEfge+5kDkzkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/n94IkP9BMa6UIV6BLyD3B5+McMB8GA1UdIwQY
MBaAFDznVmu1sZ5wD0jiXgdQbC8iLfOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE9kV2E3V3hubkFQU09KZUIxQnNMeUl0ODRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84NmZmNzctOTc3Mi00YjI4LWFhMTIt
ODlmZjA2Zjc5NjM1LzEvci1mM2dpUV8wRXhycFFoWG9FdklQY0huNHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84NmZmNzctOTc3Mi00YjI4LWFhMTItODlmZjA2Zjc5NjM1
LzEvUE9kV2E3V3hubkFQU09KZUIxQnNMeUl0ODRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9bUMA0G
CSqGSIb3DQEBCwUAA4IBAQA5NT2LBcC5lGX5mF2Zs3ug8Ukrl2WbG5pCM3QVD8H6
QOyPfYCR0DGu8rB7/RYBkvkvGYLWRlH7ZqZxjaBxWosxmhjjxFQDjSanTRtSr8Ce
BL4dsasLapUKVojdgQbHSwLgA7Rvz83p7fD/W0DANtapUNXkO+cXTeuSSwD1oygJ
XdrcO5rkNYUTI0AkxlBP9MyQxT0TCn8UNHEB54slCHL6P4IokZwBrqX37N8bUczW
5uzTsteeQHE1yVduHe8fZj7TxEJZ9K1Ev2y6biHu39SmlFbYT3yovMt6SbJWn5XY
84GaoBqQP4M9CdcMiBP1HSee2z4R9OrxsCMaQl2u+iDH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:49 2024 by rpki-client on console-ams.rpki-client.org