Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/DY5d5q-0bvbouyM6SCPzZEectjk.roa
File: DY5d5q-0bvbouyM6SCPzZEectjk.roa (raw, json)
Hash identifier: QKXpN4cJgSW1UuwHoM7OHwf7BJfAg8vj7Rm3G6f2QUM=
Subject key identifier: 0D:8E:5D:E6:AF:B4:6E:F6:E8:BB:23:3A:48:23:F3:64:47:9C:B6:39
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018CC64A05A5258CC98071F983D1C3A5DD20
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/DY5d5q-0bvbouyM6SCPzZEectjk.roa
Signing time: Mon 01 Jan 2024 18:29:49 +0000
ROA not before: Mon 01 Jan 2024 18:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50053
IP address blocks: 95.140.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:05:a5:25:8c:c9:80:71:f9:83:d1:c3:a5:dd:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 18:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d8e5de6afb46ef6e8bb233a4823f364479cb639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a2:34:79:86:e8:70:a7:ad:09:ef:f6:99:93:
2a:56:50:e2:45:d4:1e:0f:44:37:fc:a5:58:dd:f5:
e0:bb:67:91:17:ca:9d:26:de:df:5f:d1:f4:a2:1a:
b4:33:13:cf:b6:08:4a:5e:d1:62:12:76:cc:81:f6:
08:d3:81:d4:83:6b:1c:ad:aa:4f:39:e8:8f:bd:a2:
0f:58:17:43:cd:de:b9:c7:50:30:06:eb:0e:ed:80:
57:b1:fc:9c:f4:1f:c9:9f:2f:66:66:a4:51:dc:b8:
39:8d:57:d6:97:2b:19:8d:8c:c3:ea:fa:cb:f5:ae:
c2:c0:6e:1d:45:99:12:4e:b3:ce:a9:65:a6:11:c3:
1e:b0:e8:c6:cb:cd:1a:3c:61:45:62:33:e1:78:97:
28:b4:5b:b2:98:17:49:81:bf:0e:f0:6d:35:fd:9a:
41:75:4f:5b:48:d9:ca:04:87:28:a6:2d:c7:85:dc:
e6:8d:75:b0:74:07:3b:4d:c4:f7:67:7d:be:4e:8b:
86:dc:c6:3b:f6:f6:97:3f:d4:13:1e:2a:0f:53:4f:
6d:78:23:18:aa:47:89:ab:99:d5:c4:5e:2f:49:c4:
d4:d5:ba:19:06:36:52:7d:53:b6:98:59:b7:a4:a2:
44:3b:90:77:85:0f:8a:55:9e:04:25:6b:07:c9:c8:
8b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8E:5D:E6:AF:B4:6E:F6:E8:BB:23:3A:48:23:F3:64:47:9C:B6:39
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/DY5d5q-0bvbouyM6SCPzZEectjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.148.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:7a:04:7e:67:1c:30:4e:0b:6c:1e:a7:1f:a7:b5:ad:55:2a:
c3:78:7a:40:87:91:43:14:89:1d:1d:aa:01:23:20:01:27:a7:
7f:cd:76:a5:a3:bf:95:65:bc:3d:94:59:12:d6:cd:52:88:ea:
12:e3:7f:b0:b6:ca:17:a5:5d:7c:eb:51:51:28:60:30:ba:8c:
59:88:4c:40:00:2e:eb:1f:9e:91:8f:0b:96:01:21:bd:1c:c0:
4e:a0:14:ad:27:8b:06:80:6d:c0:a2:93:52:f7:4b:77:27:61:
ce:78:26:22:0a:30:7f:e5:13:f1:98:f8:db:6c:2f:73:82:9f:
83:64:7d:9b:19:9c:a8:2b:84:ee:90:4c:cc:97:12:71:8d:b0:
a8:3e:7a:e8:70:87:e6:fe:75:ab:dc:15:2c:8e:ea:79:a2:11:
2b:cf:76:e7:79:17:3f:27:72:11:8b:98:d9:32:11:0c:42:ac:
c9:3f:73:9b:f1:f7:5e:ba:b3:8f:69:05:87:e2:c6:46:f7:cb:
8c:66:02:bb:f0:3e:43:a9:18:70:70:90:d2:8b:eb:27:fe:88:
e8:e2:ed:5a:1a:dc:a3:14:31:5f:17:25:98:9d:e6:aa:dc:ec:
0c:49:a5:e9:6e:56:17:a1:8e:51:18:ff:ed:35:4b:29:21:ae:
61:0b:fc:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSgWlJYzJgHH5g9HDpd0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjQwMTAxMTgyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhlNWRlNmFmYjQ2ZWY2ZThiYjIzM2E0ODIzZjM2NDQ3OWNiNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqI0eYbocKetCe/2mZMqVlDiRdQe
D0Q3/KVY3fXgu2eRF8qdJt7fX9H0ohq0MxPPtghKXtFiEnbMgfYI04HUg2scrapP
OeiPvaIPWBdDzd65x1AwBusO7YBXsfyc9B/Jny9mZqRR3Lg5jVfWlysZjYzD6vrL
9a7CwG4dRZkSTrPOqWWmEcMesOjGy80aPGFFYjPheJcotFuymBdJgb8O8G01/ZpB
dU9bSNnKBIcopi3HhdzmjXWwdAc7TcT3Z32+TouG3MY79vaXP9QTHioPU09teCMY
qkeJq5nVxF4vScTU1boZBjZSfVO2mFm3pKJEO5B3hQ+KVZ4EJWsHyciL1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA2OXeavtG726LsjOkgj82RHnLY5MB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvRFk1ZDVxLTBidmJvdXlNNlNDUHpaRWVjdGprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4yUMA0G
CSqGSIb3DQEBCwUAA4IBAQAeegR+ZxwwTgtsHqcfp7WtVSrDeHpAh5FDFIkdHaoB
IyABJ6d/zXalo7+VZbw9lFkS1s1SiOoS43+wtsoXpV1861FRKGAwuoxZiExAAC7r
H56RjwuWASG9HMBOoBStJ4sGgG3AopNS90t3J2HOeCYiCjB/5RPxmPjbbC9zgp+D
ZH2bGZyoK4TukEzMlxJxjbCoPnrocIfm/nWr3BUsjup5ohErz3bneRc/J3IRi5jZ
MhEMQqzJP3Ob8fdeurOPaQWH4sZG98uMZgK78D5DqRhwcJDSi+sn/ojo4u1aGtyj
FDFfFyWYneaq3OwMSaXpblYXoY5RGP/tNUspIa5hC/zf
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:48 2025 by rpki-client