Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/1-ZJ1y3OPXz4IJR7oLyc4OOa7pfE.roa
File: 1-ZJ1y3OPXz4IJR7oLyc4OOa7pfE.roa (raw, json)
Hash identifier: foQ/E8SVQ0tvpExxwlQK4IK0rBltjsiGflI56UDvKOs=
Subject key identifier: F9:92:75:CB:73:8F:5F:3E:08:25:1E:E8:2F:27:38:38:E6:BB:A5:F1
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01920706F33C97D1F96220F09543C704C6AF
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/1-ZJ1y3OPXz4IJR7oLyc4OOa7pfE.roa
Signing time: Wed 18 Sep 2024 21:25:48 +0000
ROA not before: Wed 18 Sep 2024 21:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39600
IP address blocks: 95.214.38.0/24 maxlen: 24
95.214.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 15:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:07:06:f3:3c:97:d1:f9:62:20:f0:95:43:c7:04:c6:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Sep 18 21:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f99275cb738f5f3e08251ee82f273838e6bba5f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ab:d2:3e:b5:83:62:c5:58:05:9a:0a:5a:2e:
39:fa:67:20:99:01:37:17:49:d4:7c:41:2a:e8:3b:
b7:9f:9f:d4:4c:05:e5:9b:db:3c:b0:be:6d:33:54:
c2:0d:4c:16:ee:2e:8c:39:db:9d:47:4e:56:56:e2:
00:00:de:a8:0a:e7:4c:bc:22:3b:d1:3e:70:db:cb:
24:92:37:4d:8f:8d:24:c9:8d:32:cd:d9:5f:d4:6f:
53:c3:a6:84:96:af:53:a0:c0:16:70:16:a8:96:d5:
35:fc:41:53:a9:ae:7f:3d:3e:86:04:6b:f7:e8:8d:
c9:6c:56:d0:5f:6b:67:67:bc:0a:49:ad:80:2e:42:
d2:01:9e:c3:56:29:00:a8:21:f2:00:a0:b4:42:bd:
11:82:98:19:bb:3d:f5:05:42:ca:30:b8:78:36:5c:
f8:e8:1b:a7:1d:4a:9f:c4:a0:9a:e7:e7:fd:78:c7:
53:4b:a4:96:1b:43:c6:c9:c5:9e:70:0e:8e:42:7a:
03:4f:8b:2d:09:f6:f5:7e:d2:57:70:88:b0:5b:8f:
5c:89:7f:b6:c7:e5:10:b8:4e:c2:57:ad:1e:18:4f:
8e:43:27:71:df:d9:8f:30:8d:bf:f4:95:f2:b9:df:
08:c2:cb:5f:db:40:4c:c0:75:91:16:78:0a:e2:ac:
c4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:92:75:CB:73:8F:5F:3E:08:25:1E:E8:2F:27:38:38:E6:BB:A5:F1
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/1-ZJ1y3OPXz4IJR7oLyc4OOa7pfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.38.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:13:b5:28:af:d0:8d:12:a6:93:25:99:03:85:fd:66:8e:ab:
aa:81:3d:4a:30:cf:ac:e4:f4:02:51:ec:f7:5d:8a:49:15:19:
4d:37:40:55:0d:44:b2:f0:1d:36:39:83:33:73:60:bc:8d:63:
de:47:f6:ed:83:48:cb:c8:3e:c6:84:7c:c7:f1:ed:c7:c7:99:
ae:c4:2b:9c:11:b7:a5:2b:9b:3d:08:02:9d:61:57:2b:5a:14:
6d:75:c9:2f:67:05:b9:74:cf:71:81:2d:39:8a:a1:e7:2b:be:
7b:ad:1b:53:aa:33:41:f6:5b:50:dd:fc:24:42:2d:89:4f:5d:
4d:4f:b1:6b:4e:74:47:bd:ef:f8:19:e7:c6:7f:99:9e:79:67:
54:4a:cc:be:6c:62:07:78:f9:82:4a:c4:dc:c3:fb:86:78:3b:
5e:66:1b:80:6d:f6:d6:5d:95:be:d0:10:f6:6f:81:16:66:21:
d5:ea:bb:a4:43:d4:40:90:da:ae:dd:91:c3:44:57:96:53:81:
59:99:3a:30:82:00:24:66:98:52:21:21:f4:17:53:8d:fe:23:
6b:6a:86:d5:fd:39:3d:f9:9e:e1:92:26:1b:6d:dc:8d:53:e2:
de:5c:45:f8:65:2a:78:22:0b:86:b4:34:ce:08:5d:e0:6b:8e:
da:8e:f7:ce
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZIHBvM8l9H5YiDwlUPHBMavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwOTE4MjEyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTkyNzVjYjczOGY1ZjNlMDgyNTFlZTgyZjI3MzgzOGU2YmJhNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6vSPrWDYsVYBZoKWi45+mcgmQE3
F0nUfEEq6Du3n5/UTAXlm9s8sL5tM1TCDUwW7i6MOdudR05WVuIAAN6oCudMvCI7
0T5w28skkjdNj40kyY0yzdlf1G9Tw6aElq9ToMAWcBaoltU1/EFTqa5/PT6GBGv3
6I3JbFbQX2tnZ7wKSa2ALkLSAZ7DVikAqCHyAKC0Qr0RgpgZuz31BULKMLh4Nlz4
6BunHUqfxKCa5+f9eMdTS6SWG0PGycWecA6OQnoDT4stCfb1ftJXcIiwW49ciX+2
x+UQuE7CV60eGE+OQydx39mPMI2/9JXyud8Iwstf20BMwHWRFngK4qzEKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmSdctzj18+CCUe6C8nODjmu6XxMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvMS1aSjF5M09QWHo0SUpSN29MeWM0T09hN3BmRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTgvOWZhODNkLWIyYTMtNDVlNC04NDk5LWY1MjU4MTY0MDJi
ZC8xL180SXdtbWdVWjRyWExqOHhwUDRDY3ZRTDJZWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAV/WJjAN
BgkqhkiG9w0BAQsFAAOCAQEAChO1KK/QjRKmkyWZA4X9Zo6rqoE9SjDPrOT0AlHs
912KSRUZTTdAVQ1EsvAdNjmDM3NgvI1j3kf27YNIy8g+xoR8x/Htx8eZrsQrnBG3
pSubPQgCnWFXK1oUbXXJL2cFuXTPcYEtOYqh5yu+e60bU6ozQfZbUN38JEItiU9d
TU+xa050R73v+Bnnxn+ZnnlnVErMvmxiB3j5gkrE3MP7hng7XmYbgG321l2VvtAQ
9m+BFmYh1eq7pEPUQJDart2Rw0RXllOBWZk6MIIAJGaYUiEh9BdTjf4ja2qG1f05
Pfme4ZImG23cjVPi3lxF+GUqeCILhrQ0zghd4GuO2o73zg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:59 2025 by rpki-client