Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueA7-5dPHaeqTEG9IoAi0bpmQkE.roa
File: ueA7-5dPHaeqTEG9IoAi0bpmQkE.roa (raw, json)
Hash identifier: WiCqKX8FFyFfuTQhXR4l4OlTQHF9IGxyvZ5U9SII8jA=
Subject key identifier: B9:E0:3B:FB:97:4F:1D:A7:AA:4C:41:BD:22:80:22:D1:BA:66:42:41
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018795C5CFEA570040533BF2FB6949B8E8E9
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueA7-5dPHaeqTEG9IoAi0bpmQkE.roa
Signing time: Tue 18 Apr 2023 19:09:41 +0000
ROA not before: Tue 18 Apr 2023 19:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8915
IP address blocks: 95.140.144.0/23 maxlen: 24
95.140.148.0/24 maxlen: 24
95.140.150.0/24 maxlen: 24
80.90.178.0/24 maxlen: 24
80.90.176.0/23 maxlen: 24
2a00:1818::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 27 May 2023 12:26:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:c5:cf:ea:57:00:40:53:3b:f2:fb:69:49:b8:e8:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Apr 18 19:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9e03bfb974f1da7aa4c41bd228022d1ba664241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9b:61:fa:d9:4a:51:10:5a:78:42:9b:a5:57:
e6:43:c5:fc:fe:fa:0a:3b:a1:b0:3e:a4:27:73:81:
16:68:cb:86:3f:63:67:53:6e:61:23:5e:7e:24:ba:
cd:be:94:50:bb:02:ac:51:f4:b5:e8:a6:99:45:77:
77:af:52:3e:ef:4a:8b:eb:e1:6e:5d:56:d5:6b:25:
33:0d:cd:56:7a:04:05:71:c1:32:b1:24:95:ff:ed:
39:2a:87:e5:9a:0c:ae:f9:58:af:16:09:3c:f9:72:
c7:99:25:34:59:f2:fa:3b:8d:70:3b:89:e8:af:5a:
08:54:2e:c8:84:93:6f:92:c1:e6:ad:21:66:ba:49:
5e:16:c1:72:35:b3:99:09:65:4c:5a:df:f2:4c:2c:
17:3d:9c:ec:39:34:ad:54:6d:af:40:4c:c9:37:b3:
7e:b4:0a:b6:aa:54:04:62:4b:d7:09:f9:43:29:f6:
44:a7:15:ab:69:a2:0f:b9:fc:ad:39:e9:ab:e5:be:
e5:f5:4f:47:26:95:d2:e2:fb:b1:d9:8b:7a:23:52:
8f:7d:c1:68:d3:93:0f:d7:1d:dc:ec:33:1c:25:4a:
21:33:68:f6:d6:af:ca:86:6c:30:56:3b:92:54:0e:
8d:74:7e:a3:7c:92:33:b2:8e:35:2f:82:a3:c6:95:
27:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E0:3B:FB:97:4F:1D:A7:AA:4C:41:BD:22:80:22:D1:BA:66:42:41
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueA7-5dPHaeqTEG9IoAi0bpmQkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.176.0-80.90.178.255
95.140.144.0/23
95.140.148.0/24
95.140.150.0/24
IPv6:
2a00:1818::/32
Signature Algorithm: sha256WithRSAEncryption
7d:85:96:2b:20:f7:09:c3:eb:47:0d:83:80:17:5b:92:5b:71:
46:6a:41:33:94:f3:52:54:fe:47:29:5f:4f:f9:26:53:b6:76:
06:60:0b:63:f0:9a:ec:77:da:4d:e6:27:7a:87:73:00:b2:f3:
30:0f:2b:97:46:c8:53:07:e9:fa:46:84:cb:53:a8:d7:c4:44:
62:23:b1:9e:ef:37:a3:2a:5b:7c:ca:d0:76:3a:ea:ea:c2:f8:
f4:70:99:58:d4:e1:41:28:45:7a:62:08:75:c4:0a:3c:17:91:
9d:f6:9e:b4:44:d7:dd:45:f9:16:7e:08:2c:d1:f6:c0:88:3e:
c5:34:a0:c2:67:44:a6:ea:90:81:02:bd:75:c1:ac:a7:57:6f:
e0:16:e5:46:3a:93:25:f9:38:0d:9e:04:af:bc:86:44:f7:d1:
b2:11:40:02:df:7e:00:ef:96:2c:8e:5a:47:bd:25:a6:fe:02:
2a:2a:80:f8:8c:27:e2:24:07:2c:7a:fc:4c:f9:4b:ab:f7:00:
6c:75:df:7e:ba:e0:79:94:cb:e0:cf:04:cb:4a:c7:9f:45:e0:
74:b1:72:6e:97:35:1d:46:41:c5:5f:4d:cc:24:00:45:8f:ff:
b2:a3:ca:8b:3c:f6:e0:99:af:f9:f8:e7:1d:3f:17:4b:25:1e:
bb:e2:43:65
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYeVxc/qVwBAUzvy+2lJuOjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwNDE4MTkwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWUwM2JmYjk3NGYxZGE3YWE0YzQxYmQyMjgwMjJkMWJhNjY0MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZth+tlKURBaeEKbpVfmQ8X8/voK
O6GwPqQnc4EWaMuGP2NnU25hI15+JLrNvpRQuwKsUfS16KaZRXd3r1I+70qL6+Fu
XVbVayUzDc1WegQFccEysSSV/+05Koflmgyu+VivFgk8+XLHmSU0WfL6O41wO4no
r1oIVC7IhJNvksHmrSFmukleFsFyNbOZCWVMWt/yTCwXPZzsOTStVG2vQEzJN7N+
tAq2qlQEYkvXCflDKfZEpxWraaIPufytOemr5b7l9U9HJpXS4vux2Yt6I1KPfcFo
05MP1x3c7DMcJUohM2j21q/KhmwwVjuSVA6NdH6jfJIzso41L4KjxpUnIwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFLngO/uXTx2nqkxBvSKAItG6ZkJBMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvdWVBNy01ZFBIYWVxVEVHOUlvQWkwYnBtUWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBARQWrAD
BABQWrIDBAFfjJADBABfjJQDBABfjJYwDQQCAAIwBwMFACoAGBgwDQYJKoZIhvcN
AQELBQADggEBAH2Flisg9wnD60cNg4AXW5JbcUZqQTOU81JU/kcpX0/5JlO2dgZg
C2Pwmux32k3mJ3qHcwCy8zAPK5dGyFMH6fpGhMtTqNfERGIjsZ7vN6MqW3zK0HY6
6urC+PRwmVjU4UEoRXpiCHXECjwXkZ32nrRE191F+RZ+CCzR9sCIPsU0oMJnRKbq
kIECvXXBrKdXb+AW5UY6kyX5OA2eBK+8hkT30bIRQALffgDvliyOWke9Jab+Aioq
gPiMJ+IkByx6/Ez5S6v3AGx133664HmUy+DPBMtKx59F4HSxcm6XNR1GQcVfTcwk
AEWP/7Kjyos89uCZr/n45x0/F0slHrviQ2U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:23 2024 by rpki-client on console-ams.rpki-client.org