Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/1-TKq1lCGLmTny1r0CNFccaWCPrY.roa
File: 1-TKq1lCGLmTny1r0CNFccaWCPrY.roa (raw, json)
Hash identifier: xdsRafqRVBqcHpVQFso+Kq0wRWuKhy4oTWA/YkpR6MM=
Subject key identifier: F9:32:AA:D6:50:86:2E:64:E7:CB:5A:F4:08:D1:5C:71:A5:82:3E:B6
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 01856DC1CAE2C76622227C47BE8D5B99700D
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/1-TKq1lCGLmTny1r0CNFccaWCPrY.roa
Signing time: Sun 01 Jan 2023 14:34:54 +0000
ROA not before: Sun 01 Jan 2023 14:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47713
IP address blocks: 95.140.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ca:e2:c7:66:22:22:7c:47:be:8d:5b:99:70:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 14:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f932aad650862e64e7cb5af408d15c71a5823eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6b:20:94:8c:df:49:eb:bd:f2:d7:08:eb:24:
15:0a:31:bc:b6:49:c8:64:bc:de:b1:8c:c1:fd:67:
46:d3:fb:17:1c:95:0d:93:8f:67:77:17:d1:5a:e2:
d8:fe:2a:b2:24:fc:a4:f8:17:fe:e7:20:14:06:a2:
91:82:5b:0a:fb:dd:3f:fc:5b:80:19:c1:b9:60:08:
4e:c9:c2:71:de:50:a4:d3:b9:d6:9c:6d:57:80:23:
e3:76:a1:68:6f:28:12:f7:47:28:26:bd:7d:69:ec:
00:15:f2:73:87:aa:51:cf:b3:f9:3c:f7:70:45:2a:
79:b6:77:71:96:61:46:3e:c7:b9:2d:59:33:f0:65:
33:c2:d5:35:c0:6b:7e:82:a0:62:5d:d7:83:e2:27:
58:43:de:43:03:1f:fe:5a:49:99:e9:79:0c:41:6b:
41:f0:99:11:71:c4:2e:ef:69:2c:f6:c6:fe:02:5b:
61:f1:8d:cd:96:79:e7:24:61:6f:b7:35:64:16:97:
3b:92:36:1b:1d:d3:aa:f5:27:a1:2d:e8:ea:e8:fb:
e7:8b:a6:96:d8:1b:3e:bf:0d:8f:79:8b:e7:9f:9d:
be:a3:57:0f:57:4d:38:84:97:34:9c:45:ad:32:b5:
61:62:fa:3e:54:a2:15:e3:46:36:c4:47:0f:a7:f2:
6f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:32:AA:D6:50:86:2E:64:E7:CB:5A:F4:08:D1:5C:71:A5:82:3E:B6
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/1-TKq1lCGLmTny1r0CNFccaWCPrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.149.0/24
Signature Algorithm: sha256WithRSAEncryption
31:bd:ff:3a:d4:3b:61:4e:61:de:8d:8f:77:1a:e0:c5:bb:6c:
4b:54:11:33:94:84:b9:56:08:79:97:f9:a1:bb:bf:f5:32:ef:
e3:ee:98:e3:d0:76:6f:50:2a:b3:40:ba:84:76:dc:a6:7a:b5:
19:1a:e4:30:48:82:5d:dc:69:72:c9:c6:a9:dc:ad:7a:bb:ac:
24:2f:9f:3a:57:c9:4b:64:42:1b:a5:e0:bc:d2:4e:5f:91:ca:
2c:0d:91:64:b1:26:d1:fc:e0:e9:3d:66:bd:0e:4e:6c:21:cc:
c5:0b:30:59:3f:e9:e8:2f:04:3d:4a:00:f9:e5:6d:87:cc:2d:
1e:4d:d8:87:d3:e8:bd:4b:62:5d:84:e2:a1:fc:b5:b3:49:2e:
ce:e2:e5:82:27:53:c3:03:6c:b1:e3:02:45:98:e0:20:74:64:
34:7b:f3:41:fd:05:89:22:0c:1b:fe:60:3e:d6:da:2d:c1:d6:
ea:e1:b5:7c:aa:7e:36:71:a7:0b:84:27:3f:63:7c:27:8e:3e:
d1:3f:44:42:23:e8:88:69:7d:b0:d5:9b:4c:bf:c2:3d:32:f4:
15:ba:ca:a0:73:65:50:f8:d7:08:14:5d:d3:78:2f:d2:f0:66:
16:ea:f6:84:6e:23:01:1e:d8:c3:b6:46:27:35:b2:83:f5:eb:
5b:70:73:64
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtwcrix2YiInxHvo1bmXANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwMTAxMTQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTMyYWFkNjUwODYyZTY0ZTdjYjVhZjQwOGQxNWM3MWE1ODIzZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGsglIzfSeu98tcI6yQVCjG8tknI
ZLzesYzB/WdG0/sXHJUNk49ndxfRWuLY/iqyJPyk+Bf+5yAUBqKRglsK+90//FuA
GcG5YAhOycJx3lCk07nWnG1XgCPjdqFobygS90coJr19aewAFfJzh6pRz7P5PPdw
RSp5tndxlmFGPse5LVkz8GUzwtU1wGt+gqBiXdeD4idYQ95DAx/+WkmZ6XkMQWtB
8JkRccQu72ks9sb+Alth8Y3NlnnnJGFvtzVkFpc7kjYbHdOq9SehLejq6Pvni6aW
2Bs+vw2PeYvnn52+o1cPV004hJc0nEWtMrVhYvo+VKIV40Y2xEcPp/Jv1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkyqtZQhi5k58ta9AjRXHGlgj62MB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvMS1US3ExbENHTG1UbnkxcjBDTkZjY2FXQ1ByWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTMvZWMyOWUyLTM0NDAtNDA5YS05ODZhLWIyNTA5OTdmYzc1
ZC8xL3VlcUpOdmpsTUdPMHM3M3c4N0ZiS3Vabjd4TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF+MlTAN
BgkqhkiG9w0BAQsFAAOCAQEAMb3/OtQ7YU5h3o2PdxrgxbtsS1QRM5SEuVYIeZf5
obu/9TLv4+6Y49B2b1Aqs0C6hHbcpnq1GRrkMEiCXdxpcsnGqdyterusJC+fOlfJ
S2RCG6XgvNJOX5HKLA2RZLEm0fzg6T1mvQ5ObCHMxQswWT/p6C8EPUoA+eVth8wt
Hk3Yh9PovUtiXYTiofy1s0kuzuLlgidTwwNsseMCRZjgIHRkNHvzQf0FiSIMG/5g
PtbaLcHW6uG1fKp+NnGnC4QnP2N8J44+0T9EQiPoiGl9sNWbTL/CPTL0FbrKoHNl
UPjXCBRd03gv0vBmFur2hG4jAR7Yw7ZGJzWyg/XrW3BzZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:23 2024 by rpki-client on console-ams.rpki-client.org