Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/crrPp2xqTzbavVY46BbLJqJ1eaA.roa
File: crrPp2xqTzbavVY46BbLJqJ1eaA.roa (raw, json)
Hash identifier: LYt1RyEmDw/bG51KanTayPAd2eCzgEmhHOx+uuHEcrg=
Subject key identifier: 72:BA:CF:A7:6C:6A:4F:36:DA:BD:56:38:E8:16:CB:26:A2:75:79:A0
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018795C5CF8D8843799C9053AC4A8875E7BC
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/crrPp2xqTzbavVY46BbLJqJ1eaA.roa
Signing time: Tue 18 Apr 2023 19:09:41 +0000
ROA not before: Tue 18 Apr 2023 19:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3285
IP address blocks: 95.140.144.0/23 maxlen: 24
95.140.150.0/24 maxlen: 24
95.140.148.0/24 maxlen: 24
80.90.176.0/23 maxlen: 24
80.90.178.0/24 maxlen: 24
2a00:1818::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 27 May 2023 12:26:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:c5:cf:8d:88:43:79:9c:90:53:ac:4a:88:75:e7:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Apr 18 19:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72bacfa76c6a4f36dabd5638e816cb26a27579a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:10:78:cd:d4:68:dd:3d:18:83:76:a4:77:48:
2b:3a:13:ca:03:79:f9:99:0a:fd:e8:9c:9c:1d:3b:
0d:af:79:7e:96:aa:08:e8:7d:a5:78:e4:25:65:4e:
fa:a9:7a:cb:70:b2:05:b1:91:99:fb:0f:00:6e:40:
5e:20:08:98:03:39:47:ca:57:6c:d1:ac:e1:fc:88:
39:43:97:6d:2e:95:be:31:6a:7a:5b:f6:f4:15:1c:
2e:bd:81:48:ce:92:49:bc:80:27:5e:ee:b1:f5:07:
41:38:8c:db:9d:28:62:53:8e:09:8a:b0:a9:a9:ee:
d5:33:45:93:5f:b0:91:d9:7b:ea:88:9c:21:83:7c:
56:9a:35:c1:0c:a4:5a:03:32:72:84:99:ba:28:31:
b0:d0:49:a4:be:00:26:e3:b3:46:17:8c:24:4b:cf:
26:24:1a:b3:4f:20:96:a1:ec:fa:c0:b0:88:9c:fe:
41:d6:d9:44:5b:ae:ab:ec:cc:46:25:92:0f:3d:84:
7b:d9:67:57:55:22:2c:d6:f4:8b:09:b1:4d:22:bd:
e3:4c:8f:da:92:7f:c3:f3:3f:b1:80:10:18:b7:2b:
d7:fa:46:c9:29:e8:83:69:68:9f:01:9c:f6:df:54:
3e:21:1b:8e:4b:be:2d:31:03:47:ac:90:f9:69:bd:
bc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BA:CF:A7:6C:6A:4F:36:DA:BD:56:38:E8:16:CB:26:A2:75:79:A0
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/crrPp2xqTzbavVY46BbLJqJ1eaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.176.0-80.90.178.255
95.140.144.0/23
95.140.148.0/24
95.140.150.0/24
IPv6:
2a00:1818::/32
Signature Algorithm: sha256WithRSAEncryption
d7:2e:64:39:6d:a0:92:ff:49:dd:2e:85:32:fe:dd:ef:76:90:
6b:f2:30:27:2d:7a:31:18:9d:61:a3:94:9e:1f:d1:f4:c1:98:
4a:0a:8f:d2:26:de:e5:9e:c0:6b:b9:29:93:f4:44:cc:cd:7e:
76:d6:1b:37:10:c7:aa:48:26:40:d2:64:2b:78:a5:e7:9e:b4:
43:e8:0f:fa:08:09:ab:e7:20:04:5c:cd:30:8d:81:11:84:5d:
b7:6b:57:53:0e:67:6c:b7:b5:7a:74:d1:c0:f3:e1:ca:4d:58:
1f:06:80:08:21:ea:68:be:ff:40:d5:cc:6c:79:a4:70:93:10:
fa:6e:b5:5f:66:a9:d3:1a:b0:08:e5:d5:e1:57:23:7a:f6:e3:
eb:4a:f6:ea:a1:76:94:14:80:70:57:bc:da:1d:99:de:33:40:
37:66:d5:61:da:03:4a:a6:39:ed:20:cf:5a:f2:83:d7:b5:58:
50:f4:b9:dd:57:7d:c4:07:3c:a4:c0:e8:20:db:6b:e0:06:9e:
86:c9:8e:0e:8d:42:5c:1b:24:d7:f9:42:0e:c6:a7:41:ea:98:
f4:d2:4c:a9:ec:ce:73:4a:f0:cf:50:cb:32:6d:b7:c2:58:a5:
5a:f6:65:1e:5f:08:99:53:cb:06:ab:88:88:33:35:69:96:4d:
4d:bc:43:0d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYeVxc+NiEN5nJBTrEqIdee8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwNDE4MTkwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmJhY2ZhNzZjNmE0ZjM2ZGFiZDU2MzhlODE2Y2IyNmEyNzU3OWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhB4zdRo3T0Yg3akd0grOhPKA3n5
mQr96JycHTsNr3l+lqoI6H2leOQlZU76qXrLcLIFsZGZ+w8AbkBeIAiYAzlHylds
0azh/Ig5Q5dtLpW+MWp6W/b0FRwuvYFIzpJJvIAnXu6x9QdBOIzbnShiU44JirCp
qe7VM0WTX7CR2XvqiJwhg3xWmjXBDKRaAzJyhJm6KDGw0EmkvgAm47NGF4wkS88m
JBqzTyCWoez6wLCInP5B1tlEW66r7MxGJZIPPYR72WdXVSIs1vSLCbFNIr3jTI/a
kn/D8z+xgBAYtyvX+kbJKeiDaWifAZz231Q+IRuOS74tMQNHrJD5ab28CQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHK6z6dsak822r1WOOgWyyaidXmgMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvY3JyUHAyeHFUemJhdlZZNDZCYkxKcUoxZWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBARQWrAD
BABQWrIDBAFfjJADBABfjJQDBABfjJYwDQQCAAIwBwMFACoAGBgwDQYJKoZIhvcN
AQELBQADggEBANcuZDltoJL/Sd0uhTL+3e92kGvyMCctejEYnWGjlJ4f0fTBmEoK
j9Im3uWewGu5KZP0RMzNfnbWGzcQx6pIJkDSZCt4peeetEPoD/oICavnIARczTCN
gRGEXbdrV1MOZ2y3tXp00cDz4cpNWB8GgAgh6mi+/0DVzGx5pHCTEPputV9mqdMa
sAjl1eFXI3r24+tK9uqhdpQUgHBXvNodmd4zQDdm1WHaA0qmOe0gz1ryg9e1WFD0
ud1XfcQHPKTA6CDba+AGnobJjg6NQlwbJNf5Qg7Gp0HqmPTSTKnsznNK8M9QyzJt
t8JYpVr2ZR5fCJlTywariIgzNWmWTU28Qw0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:23 2024 by rpki-client on console-ams.rpki-client.org