Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/AbsIj3uTDlk7-QJVlV1qNPloEwA.roa
File: AbsIj3uTDlk7-QJVlV1qNPloEwA.roa (raw, json)
Hash identifier: HGPVm3W8U11CW8VFY9W1asDoCfzXqmIPRxDUPs04a/E=
Subject key identifier: 01:BB:08:8F:7B:93:0E:59:3B:F9:02:55:95:5D:6A:34:F9:68:13:00
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018CC64A06B100564CD1F9DF007B06BF6691
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/AbsIj3uTDlk7-QJVlV1qNPloEwA.roa
Signing time: Mon 01 Jan 2024 18:29:49 +0000
ROA not before: Mon 01 Jan 2024 18:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200088
IP address blocks: 95.140.152.0/22 maxlen: 24
95.140.156.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 12:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:06:b1:00:56:4c:d1:f9:df:00:7b:06:bf:66:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 18:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01bb088f7b930e593bf90255955d6a34f9681300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:08:50:0f:85:c6:51:ff:2b:e1:f4:09:06:05:
10:cc:99:a8:a5:10:58:74:49:85:20:ce:2f:41:c6:
d0:76:3b:67:50:e8:27:37:78:f5:dc:44:77:70:c4:
40:83:65:96:0f:f6:af:86:4f:27:5d:be:d4:35:b0:
50:84:c5:6b:68:64:43:b3:5c:1d:a7:cb:59:be:37:
7c:80:d2:7b:cd:ac:66:5f:59:90:b9:83:30:0e:4a:
b7:c7:7c:2d:31:73:70:c4:24:b1:aa:9c:d0:95:55:
66:ff:b5:96:fe:89:d2:c4:bd:30:14:18:50:d8:d2:
ef:98:e8:23:89:aa:a4:50:78:dc:31:75:19:02:ad:
a7:0c:af:ef:ce:ed:0f:5f:4d:11:38:6b:03:ae:62:
6d:2c:9e:9f:46:43:f3:7e:16:1f:83:27:b6:9a:05:
c1:a0:83:15:1a:8f:df:80:b3:58:cf:bf:55:ca:58:
7c:43:9b:be:32:a4:5b:32:b3:94:3e:a7:a3:ee:b5:
48:51:50:5f:7d:a7:20:b7:7c:33:8a:4f:48:b6:05:
c0:34:a1:6b:29:48:be:4f:b7:83:06:43:98:c4:a2:
fe:b4:f2:fd:14:6c:39:73:73:0c:84:77:8c:ca:47:
c1:75:cb:7f:5c:c9:64:a2:30:91:04:ed:11:be:22:
04:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BB:08:8F:7B:93:0E:59:3B:F9:02:55:95:5D:6A:34:F9:68:13:00
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/AbsIj3uTDlk7-QJVlV1qNPloEwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.152.0-95.140.157.255
Signature Algorithm: sha256WithRSAEncryption
79:5f:7d:12:d5:e4:6e:5f:3d:ec:86:b0:c1:df:75:eb:5e:73:
11:72:f2:71:f1:d9:29:5f:26:eb:a2:02:cc:66:ef:a7:9f:75:
2e:3d:c4:7c:7a:95:12:e8:35:8a:57:5b:4f:af:df:b7:23:3c:
19:06:bc:67:71:83:75:81:fc:e9:38:df:81:d0:06:72:3e:39:
0d:4d:1b:f9:7b:f2:dc:3d:dc:7b:50:87:91:f3:49:f9:3d:24:
30:dc:fa:c5:ea:d9:6e:10:10:ca:0c:98:2e:d1:74:2b:4d:fd:
02:88:64:ec:7c:13:4f:32:9b:90:e2:d7:57:5a:c4:e5:a2:01:
ae:98:52:00:ed:47:9b:03:d0:68:97:03:4b:d0:c6:31:66:11:
e7:8c:e9:3a:e8:ad:c8:21:53:da:73:90:f4:26:f4:a8:60:ed:
f5:6d:7a:86:e8:fb:ea:ac:78:b7:0a:37:22:22:98:8a:03:03:
5a:a8:77:eb:68:79:f4:51:6f:26:2d:8b:9b:8f:73:45:43:39:
69:ee:36:23:79:07:62:bb:48:8a:a8:95:3e:84:7f:82:36:f4:
09:4e:ff:ae:a6:2a:4f:83:70:b1:0d:ec:fc:60:29:68:35:9e:
87:a5:ae:a5:e2:1c:c2:17:28:03:a2:a2:f5:1f:d8:75:05:4c:
cf:58:19:2e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGSgaxAFZM0fnfAHsGv2aRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjQwMTAxMTgyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWJiMDg4ZjdiOTMwZTU5M2JmOTAyNTU5NTVkNmEzNGY5NjgxMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQhQD4XGUf8r4fQJBgUQzJmopRBY
dEmFIM4vQcbQdjtnUOgnN3j13ER3cMRAg2WWD/avhk8nXb7UNbBQhMVraGRDs1wd
p8tZvjd8gNJ7zaxmX1mQuYMwDkq3x3wtMXNwxCSxqpzQlVVm/7WW/onSxL0wFBhQ
2NLvmOgjiaqkUHjcMXUZAq2nDK/vzu0PX00ROGsDrmJtLJ6fRkPzfhYfgye2mgXB
oIMVGo/fgLNYz79Vylh8Q5u+MqRbMrOUPqej7rVIUVBffacgt3wzik9ItgXANKFr
KUi+T7eDBkOYxKL+tPL9FGw5c3MMhHeMykfBdct/XMlkojCRBO0RviIEbQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAG7CI97kw5ZO/kCVZVdajT5aBMAMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvQWJzSWozdVREbGs3LVFKVmxWMXFOUGxvRXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANfjJgD
BAFfjJwwDQYJKoZIhvcNAQELBQADggEBAHlffRLV5G5fPeyGsMHfdetecxFy8nHx
2SlfJuuiAsxm76efdS49xHx6lRLoNYpXW0+v37cjPBkGvGdxg3WB/Ok434HQBnI+
OQ1NG/l78tw93HtQh5HzSfk9JDDc+sXq2W4QEMoMmC7RdCtN/QKIZOx8E08ym5Di
11daxOWiAa6YUgDtR5sD0GiXA0vQxjFmEeeM6TrorcghU9pzkPQm9Khg7fVteobo
++qseLcKNyIimIoDA1qod+toefRRbyYti5uPc0VDOWnuNiN5B2K7SIqolT6Ef4I2
9AlO/66mKk+DcLEN7PxgKWg1noelrqXiHMIXKAOiovUf2HUFTM9YGS4=
-----END CERTIFICATE-----
Generated at Tue Apr 30 18:14:24 2024 by rpki-client on console-fra.rpki-client.org