Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/nO7JxMzXRXl7yUIlBJvaBwt5zFs.roa
File: nO7JxMzXRXl7yUIlBJvaBwt5zFs.roa (raw, json)
Hash identifier: oHRXUNQLJT1D1YBC0qFwJQbGCoAf2CfTE7Dem8p9Oks=
Subject key identifier: 9C:EE:C9:C4:CC:D7:45:79:7B:C9:42:25:04:9B:DA:07:0B:79:CC:5B
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 0186A6CC44E4D19FD77FBBD6D2BF2A318289
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/nO7JxMzXRXl7yUIlBJvaBwt5zFs.roa
Signing time: Fri 03 Mar 2023 09:27:30 +0000
ROA not before: Fri 03 Mar 2023 09:27:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 95.140.152.0/22 maxlen: 24
95.140.156.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a6:cc:44:e4:d1:9f:d7:7f:bb:d6:d2:bf:2a:31:82:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Mar 3 09:27:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ceec9c4ccd745797bc94225049bda070b79cc5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b4:02:4c:d7:3c:3e:27:9b:8f:b9:2b:9d:c1:
ec:fe:93:d1:cb:1d:5f:70:e0:e2:4c:08:5d:ad:a6:
5c:5c:d5:0e:5a:92:3d:15:10:7a:94:44:ad:62:3b:
23:6c:62:63:11:2d:19:5b:e4:41:5c:cb:a2:e2:f3:
25:ed:7a:bf:76:0e:ab:a3:72:bc:d7:13:a0:6c:06:
52:b7:0c:52:94:e9:3d:c0:6b:55:58:b6:14:b7:af:
a9:d3:07:16:1f:16:4f:ef:cb:3a:48:8e:18:d7:34:
bf:bb:c6:57:24:26:09:6d:0a:bb:2a:28:e1:19:e1:
0e:95:35:47:06:7a:32:25:03:52:63:0d:65:a9:d4:
78:a4:c6:67:c0:ef:a7:7f:57:ca:cb:b6:23:ab:85:
84:39:de:5c:a4:e0:30:93:c0:f9:8d:c1:25:12:e9:
9b:27:21:d9:15:bf:91:e2:84:45:9c:76:a0:b1:c4:
c1:c3:11:1c:45:9b:1b:b8:3e:ef:2a:dc:1c:b2:08:
d9:f8:f1:41:ca:a9:65:5b:97:9d:dc:d0:9b:94:27:
a5:73:3f:33:2d:50:5c:af:ea:70:1a:97:b1:95:18:
77:2a:f0:aa:be:32:05:48:61:8a:47:87:a5:6a:1b:
df:6b:2e:ee:1a:72:0e:d2:12:4c:8c:a4:5e:4d:68:
7c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:EE:C9:C4:CC:D7:45:79:7B:C9:42:25:04:9B:DA:07:0B:79:CC:5B
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/nO7JxMzXRXl7yUIlBJvaBwt5zFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.152.0-95.140.157.255
Signature Algorithm: sha256WithRSAEncryption
10:4a:04:00:10:4a:f0:e9:3a:70:46:68:19:62:cf:4d:4d:88:
8b:33:4b:0c:d6:a7:92:3d:0c:de:ba:a9:5a:3a:49:a2:0b:5b:
25:e5:ec:64:40:69:eb:58:7f:aa:02:0b:2f:6b:b3:c5:29:4d:
7c:83:f0:74:d3:24:c1:fc:fa:78:c3:62:e9:50:76:4e:99:39:
60:cd:78:59:e4:bc:94:e4:ac:48:47:7c:0b:92:7d:d4:6b:91:
18:cc:85:bf:b2:4d:ea:1b:14:5e:a6:29:10:e6:a2:31:27:32:
b8:03:4c:ff:24:2d:36:22:79:d3:c8:d9:fd:15:84:bf:0b:1e:
c4:bc:52:20:ce:73:14:38:6e:7b:d3:ac:c6:15:0b:34:a6:af:
30:c4:85:7e:ad:12:c4:43:56:d4:c9:fa:7c:65:27:63:88:5d:
60:a8:42:64:14:00:5d:06:4a:6d:8c:7d:f1:3f:1c:fd:d6:74:
8a:83:4b:0c:b1:7e:24:1b:a1:fb:5f:b3:34:d5:00:62:f1:f5:
88:37:26:25:4b:d1:78:fd:fa:61:b5:b0:22:4a:a3:24:8e:22:
7d:65:81:8e:bf:42:65:33:a0:fc:11:06:ca:1a:08:65:b3:e4:
1a:5d:8b:a8:49:47:87:c7:22:eb:a0:e8:39:b4:07:b4:bd:db:
5a:18:ac:e6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYamzETk0Z/Xf7vW0r8qMYKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwMzAzMDkyNzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2VlYzljNGNjZDc0NTc5N2JjOTQyMjUwNDliZGEwNzBiNzljYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLQCTNc8Piebj7krncHs/pPRyx1f
cODiTAhdraZcXNUOWpI9FRB6lEStYjsjbGJjES0ZW+RBXMui4vMl7Xq/dg6ro3K8
1xOgbAZStwxSlOk9wGtVWLYUt6+p0wcWHxZP78s6SI4Y1zS/u8ZXJCYJbQq7Kijh
GeEOlTVHBnoyJQNSYw1lqdR4pMZnwO+nf1fKy7Yjq4WEOd5cpOAwk8D5jcElEumb
JyHZFb+R4oRFnHagscTBwxEcRZsbuD7vKtwcsgjZ+PFByqllW5ed3NCblCelcz8z
LVBcr+pwGpexlRh3KvCqvjIFSGGKR4elahvfay7uGnIO0hJMjKReTWh89QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJzuycTM10V5e8lCJQSb2gcLecxbMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvbk83SnhNelhSWGw3eVVJbEJKdmFCd3Q1ekZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANfjJgD
BAFfjJwwDQYJKoZIhvcNAQELBQADggEBABBKBAAQSvDpOnBGaBliz01NiIszSwzW
p5I9DN66qVo6SaILWyXl7GRAaetYf6oCCy9rs8UpTXyD8HTTJMH8+njDYulQdk6Z
OWDNeFnkvJTkrEhHfAuSfdRrkRjMhb+yTeobFF6mKRDmojEnMrgDTP8kLTYiedPI
2f0VhL8LHsS8UiDOcxQ4bnvTrMYVCzSmrzDEhX6tEsRDVtTJ+nxlJ2OIXWCoQmQU
AF0GSm2MffE/HP3WdIqDSwyxfiQboftfszTVAGLx9Yg3JiVL0Xj9+mG1sCJKoySO
In1lgY6/QmUzoPwRBsoaCGWz5Bpdi6hJR4fHIuug6Dm0B7S921oYrOY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:15 2024 by rpki-client on console-fra.rpki-client.org