Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/ss0sqZeC3ha-rvoxzHauYH_0xIM.roa
File: ss0sqZeC3ha-rvoxzHauYH_0xIM.roa (raw, json)
Hash identifier: bXGYTjrj+0BOp53WuwuHSblb7Ient9vDqtd4gNdkFeQ=
Subject key identifier: B2:CD:2C:A9:97:82:DE:16:BE:AE:FA:31:CC:76:AE:60:7F:F4:C4:83
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 01856FCB888904F995AF80EA66BCE47E54EA
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/ss0sqZeC3ha-rvoxzHauYH_0xIM.roa
Signing time: Mon 02 Jan 2023 00:04:47 +0000
ROA not before: Mon 02 Jan 2023 00:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44247
IP address blocks: 95.158.160.0/22 maxlen: 24
46.35.176.0/22 maxlen: 24
95.158.176.0/21 maxlen: 24
212.21.128.0/24 maxlen: 24
212.21.136.0/23 maxlen: 24
212.21.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:88:89:04:f9:95:af:80:ea:66:bc:e4:7e:54:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 00:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2cd2ca99782de16beaefa31cc76ae607ff4c483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a8:48:65:16:b5:55:90:ef:93:7a:74:27:29:
a7:81:69:3c:41:41:72:c5:dc:be:87:73:08:19:4d:
68:51:62:31:7c:47:b7:31:af:b2:10:c9:a3:5e:16:
c7:72:43:ff:30:30:c2:70:56:85:40:35:e8:d3:7c:
0a:d3:3d:35:d4:15:df:3f:b3:a5:7d:bf:53:d6:3f:
20:6b:de:22:a8:47:7a:fc:fc:6b:79:5d:34:b9:a5:
d1:ac:2b:28:ef:30:40:f4:91:c4:4f:90:c5:56:2b:
dd:fd:ab:6c:8c:eb:b6:16:fd:1e:b2:c0:98:d5:aa:
c7:77:c1:d7:5b:c4:05:48:45:99:81:9e:23:b0:1f:
20:4c:98:fa:74:6d:cb:b4:79:52:8b:b0:8e:4e:11:
35:e5:e4:37:72:2f:4b:e9:05:95:72:96:3a:9d:88:
13:a1:67:2c:19:94:a1:d3:11:f3:4a:3d:24:af:68:
a1:aa:a2:5f:03:07:bb:69:8a:5b:3c:b9:6c:7f:3f:
06:47:30:a4:a6:82:53:34:99:8f:d5:65:5c:44:16:
d6:2d:f6:b0:01:52:a6:68:bc:45:0a:8a:bc:a5:15:
3e:88:1d:47:9d:e8:89:e9:98:6f:a2:b3:37:3c:b0:
6c:ce:c5:00:36:ad:e7:23:13:8a:d4:2e:1c:7f:2e:
21:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CD:2C:A9:97:82:DE:16:BE:AE:FA:31:CC:76:AE:60:7F:F4:C4:83
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/ss0sqZeC3ha-rvoxzHauYH_0xIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.35.176.0/22
95.158.160.0/22
95.158.176.0/21
212.21.128.0/24
212.21.136.0-212.21.138.255
Signature Algorithm: sha256WithRSAEncryption
2e:78:69:d7:c4:31:e8:88:5f:af:a9:1c:e9:ec:62:fa:f4:94:
43:52:27:3f:6c:f6:13:f3:47:95:dc:06:7b:64:07:12:50:d7:
4c:71:62:53:d8:30:e8:72:20:87:64:96:5e:20:7c:0e:6d:61:
56:39:b4:47:7a:e7:03:f4:df:c4:ab:c9:76:17:6a:a8:40:03:
c8:12:86:e3:ed:44:a2:7e:52:c7:3a:3a:e1:d6:bd:c2:3c:a1:
93:02:ea:c2:49:3f:9d:07:84:a1:39:9e:39:d0:87:a7:ca:24:
98:23:a3:e3:ab:f1:63:43:50:38:8f:1a:88:4a:a8:27:b0:30:
bd:c1:86:d2:37:a2:00:c3:cb:e0:ae:40:23:3c:22:34:e4:e3:
d3:a2:c1:80:e3:3d:7a:0c:4b:77:2f:cb:c1:38:a3:b7:11:79:
e0:52:59:08:3b:71:dc:15:ae:7b:06:f4:83:aa:a8:94:16:83:
aa:35:d0:d7:c4:9d:5f:dc:6d:12:81:a6:1b:94:b9:fb:67:4c:
62:cd:f4:26:4c:ac:b8:a6:0b:94:d0:10:c3:44:1c:c7:e0:87:
a2:d1:e8:6d:20:69:88:2c:4c:06:7c:82:f6:fc:34:20:35:c5:
65:5f:92:ed:67:78:a9:0a:40:13:9f:7a:4d:33:90:89:cf:23:
67:49:12:77
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvy4iJBPmVr4DqZrzkflTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmNkMmNhOTk3ODJkZTE2YmVhZWZhMzFjYzc2YWU2MDdmZjRjNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KhIZRa1VZDvk3p0JymngWk8QUFy
xdy+h3MIGU1oUWIxfEe3Ma+yEMmjXhbHckP/MDDCcFaFQDXo03wK0z011BXfP7Ol
fb9T1j8ga94iqEd6/PxreV00uaXRrCso7zBA9JHET5DFVivd/atsjOu2Fv0essCY
1arHd8HXW8QFSEWZgZ4jsB8gTJj6dG3LtHlSi7COThE15eQ3ci9L6QWVcpY6nYgT
oWcsGZSh0xHzSj0kr2ihqqJfAwe7aYpbPLlsfz8GRzCkpoJTNJmP1WVcRBbWLfaw
AVKmaLxFCoq8pRU+iB1HneiJ6ZhvorM3PLBszsUANq3nIxOK1C4cfy4hhQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLLNLKmXgt4Wvq76Mcx2rmB/9MSDMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvc3Mwc3FaZUMzaGEtcnZveHpIYXVZSF8weElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCLiOwAwQC
X56gAwQDX56wAwQA1BWAMAwDBAPUFYgDBADUFYowDQYJKoZIhvcNAQELBQADggEB
AC54adfEMeiIX6+pHOnsYvr0lENSJz9s9hPzR5XcBntkBxJQ10xxYlPYMOhyIIdk
ll4gfA5tYVY5tEd65wP038SryXYXaqhAA8gShuPtRKJ+Usc6OuHWvcI8oZMC6sJJ
P50HhKE5njnQh6fKJJgjo+Or8WNDUDiPGohKqCewML3BhtI3ogDDy+CuQCM8IjTk
49OiwYDjPXoMS3cvy8E4o7cReeBSWQg7cdwVrnsG9IOqqJQWg6o10NfEnV/cbRKB
phuUuftnTGLN9CZMrLimC5TQEMNEHMfgh6LR6G0gaYgsTAZ8gvb8NCA1xWVfku1n
eKkKQBOfek0zkInPI2dJEnc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:29 2024 by rpki-client on console-ams.rpki-client.org