Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/x_xFQDD8Ae5Zz3Z12-hOOQa6V0Y.roa
File: x_xFQDD8Ae5Zz3Z12-hOOQa6V0Y.roa (raw, json)
Hash identifier: hScatbYRr26zn3+re0yf5Fxn55jNrEti5O9yCQ4x2WY=
Subject key identifier: C7:FC:45:40:30:FC:01:EE:59:CF:76:75:DB:E8:4E:39:06:BA:57:46
Certificate issuer: /CN=f2485875c8470e6aacdc94742105f30c597ac2bb
Certificate serial: 0189777A8B3D63414DADFBFAF0836795D6DF
Authority key identifier: F2:48:58:75:C8:47:0E:6A:AC:DC:94:74:21:05:F3:0C:59:7A:C2:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8khYdchHDmqs3JR0IQXzDFl6wrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/x_xFQDD8Ae5Zz3Z12-hOOQa6V0Y.roa
Signing time: Fri 21 Jul 2023 08:04:26 +0000
ROA not before: Fri 21 Jul 2023 08:04:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59480
IP address blocks: 95.215.220.0/23 maxlen: 24
2001:67c:1038::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:7a:8b:3d:63:41:4d:ad:fb:fa:f0:83:67:95:d6:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2485875c8470e6aacdc94742105f30c597ac2bb
Validity
Not Before: Jul 21 08:04:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7fc454030fc01ee59cf7675dbe84e3906ba5746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4b:be:e0:9f:0a:33:9a:2e:2c:fa:2c:c4:a6:
b6:8f:31:c8:bb:41:3b:9b:c1:ec:d2:94:86:94:52:
7c:c6:e4:07:0b:c3:92:10:3d:97:d6:41:59:81:f9:
7e:ed:60:87:c8:48:48:18:a4:dd:c6:5e:5c:88:da:
15:5f:25:6a:b4:16:79:4e:0c:57:52:84:64:42:5a:
d4:72:72:0f:a6:c8:72:a2:e1:7b:20:bb:6c:6a:e3:
ce:89:d4:82:df:eb:25:f3:80:3e:1e:32:07:20:8e:
f4:a6:77:1f:bc:91:ba:03:47:00:a4:af:66:1a:d9:
e2:fd:fb:2e:80:24:37:c2:52:fc:73:fe:43:44:21:
6d:1a:79:e3:66:03:e6:d2:b9:3b:f6:fb:2d:4f:5f:
4e:6d:0a:8d:3a:98:5d:ad:e4:68:62:37:54:4f:28:
f1:26:a7:06:08:19:40:22:f7:cb:6a:04:bb:4b:73:
f4:4a:4b:a8:d0:6b:2d:7a:a9:82:11:07:92:ae:1f:
10:de:a7:a8:48:12:cd:f6:e8:48:f4:0c:3b:12:dc:
d4:e7:29:30:73:22:3d:f8:cf:da:8f:fc:f3:d9:44:
a1:fc:f4:74:13:1a:20:9b:98:5b:60:6e:6c:3f:f0:
41:0d:e4:9c:c4:d2:4c:af:df:b2:85:25:21:1e:4e:
06:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FC:45:40:30:FC:01:EE:59:CF:76:75:DB:E8:4E:39:06:BA:57:46
X509v3 Authority Key Identifier:
keyid:F2:48:58:75:C8:47:0E:6A:AC:DC:94:74:21:05:F3:0C:59:7A:C2:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8khYdchHDmqs3JR0IQXzDFl6wrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/x_xFQDD8Ae5Zz3Z12-hOOQa6V0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5a3f0b-86f5-406e-91d5-8fd4c024488e/1/8khYdchHDmqs3JR0IQXzDFl6wrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.220.0/23
IPv6:
2001:67c:1038::/48
Signature Algorithm: sha256WithRSAEncryption
98:e9:53:bb:ae:bd:74:a5:a7:8a:68:67:da:d9:0a:8b:7f:1f:
71:a0:ff:84:ec:f5:62:8a:93:b0:b6:79:c4:e7:bf:17:de:a0:
9a:2a:db:0f:a5:d5:62:b2:f9:58:57:a8:42:fb:0a:7c:13:15:
ff:c7:ec:ab:b0:de:fc:f6:01:26:24:b6:a4:5e:61:19:ca:e5:
af:3d:3b:28:b4:e9:cf:59:ba:a1:db:41:35:14:74:7a:65:a1:
81:b1:87:af:bf:70:95:58:82:d9:24:a1:7b:93:c5:c5:55:b6:
0b:53:24:6d:70:8e:ce:4a:69:f8:01:53:06:1a:f1:24:f6:00:
12:4e:13:05:83:ad:6a:51:f5:8a:30:3d:14:a6:ea:90:7a:f4:
0b:37:2e:9a:01:19:27:3f:f5:a7:91:60:c2:af:3d:c8:52:e3:
f8:3c:ba:ed:ec:94:3b:51:e9:87:f3:bd:8f:10:10:d0:b3:cb:
3a:33:94:11:73:0f:f0:17:b9:d8:52:41:99:c2:75:de:04:17:
75:7d:91:86:9a:fb:e3:c8:f6:9c:63:4e:82:9b:8a:00:ef:b7:
7d:02:5c:0b:a7:45:7f:0b:8e:70:9c:ab:60:e9:a3:1e:ad:c1:
c4:69:fd:b2:18:05:71:4e:b8:20:bf:3f:f4:aa:b0:92:88:12:
cc:2e:fd:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYl3eos9Y0FNrfv68INnldbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNDg1ODc1Yzg0NzBlNmFhY2RjOTQ3NDIxMDVmMzBjNTk3
YWMyYmIwHhcNMjMwNzIxMDgwNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ZjNDU0MDMwZmMwMWVlNTljZjc2NzVkYmU4NGUzOTA2YmE1NzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyku+4J8KM5ouLPosxKa2jzHIu0E7
m8Hs0pSGlFJ8xuQHC8OSED2X1kFZgfl+7WCHyEhIGKTdxl5ciNoVXyVqtBZ5TgxX
UoRkQlrUcnIPpshyouF7ILtsauPOidSC3+sl84A+HjIHII70pncfvJG6A0cApK9m
Gtni/fsugCQ3wlL8c/5DRCFtGnnjZgPm0rk79vstT19ObQqNOphdreRoYjdUTyjx
JqcGCBlAIvfLagS7S3P0Skuo0GsteqmCEQeSrh8Q3qeoSBLN9uhI9Aw7EtzU5ykw
cyI9+M/aj/zz2USh/PR0Exogm5hbYG5sP/BBDeScxNJMr9+yhSUhHk4GbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMf8RUAw/AHuWc92ddvoTjkGuldGMB8GA1UdIwQY
MBaAFPJIWHXIRw5qrNyUdCEF8wxZesK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGtoWWRjaEhEbXFzM0pSMElRWHpERmw2d3JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81YTNmMGItODZmNS00MDZlLTkxZDUt
OGZkNGMwMjQ0ODhlLzEveF94RlFERDhBZTVaejNaMTItaE9PUWE2VjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81YTNmMGItODZmNS00MDZlLTkxZDUtOGZkNGMwMjQ0ODhl
LzEvOGtoWWRjaEhEbXFzM0pSMElRWHpERmw2d3JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBX9fcMA8E
AgACMAkDBwAgAQZ8EDgwDQYJKoZIhvcNAQELBQADggEBAJjpU7uuvXSlp4poZ9rZ
Cot/H3Gg/4Ts9WKKk7C2ecTnvxfeoJoq2w+l1WKy+VhXqEL7CnwTFf/H7Kuw3vz2
ASYktqReYRnK5a89Oyi06c9ZuqHbQTUUdHploYGxh6+/cJVYgtkkoXuTxcVVtgtT
JG1wjs5KafgBUwYa8ST2ABJOEwWDrWpR9YowPRSm6pB69As3LpoBGSc/9aeRYMKv
PchS4/g8uu3slDtR6YfzvY8QENCzyzozlBFzD/AXudhSQZnCdd4EF3V9kYaa++PI
9pxjToKbigDvt30CXAunRX8LjnCcq2Dpox6twcRp/bIYBXFOuCC/P/SqsJKIEswu
/dk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:59 2024 by rpki-client on console-fra.rpki-client.org