Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/248588-1f8d-48d1-8bb2-971b0c065460/1/gVv9BJ8QOn12dteYc79a-4YpjmQ.roa
File: gVv9BJ8QOn12dteYc79a-4YpjmQ.roa (raw, json)
Hash identifier: 7LMzMPmEoj10KnPXgnwwkKfcmijyU2Y9cCea0JJts88=
Subject key identifier: 81:5B:FD:04:9F:10:3A:7D:76:76:D7:98:73:BF:5A:FB:86:29:8E:64
Certificate issuer: /CN=022e76e8994b66613748e021b5f4007f01b54d4f
Certificate serial: 018B4CDD57AEEFA4AB65FF7B94BD73C809A8
Authority key identifier: 02:2E:76:E8:99:4B:66:61:37:48:E0:21:B5:F4:00:7F:01:B5:4D:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ai526JlLZmE3SOAhtfQAfwG1TU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/248588-1f8d-48d1-8bb2-971b0c065460/1/gVv9BJ8QOn12dteYc79a-4YpjmQ.roa
Signing time: Fri 20 Oct 2023 11:34:16 +0000
ROA not before: Fri 20 Oct 2023 11:34:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15962
IP address blocks: 95.105.128.0/18 maxlen: 18
95.105.128.0/17 maxlen: 17
178.143.0.0/17 maxlen: 17
178.143.0.0/16 maxlen: 16
185.50.212.0/22 maxlen: 22
178.143.128.0/17 maxlen: 17
213.151.246.0/24 maxlen: 24
213.151.248.0/24 maxlen: 24
95.105.192.0/18 maxlen: 18
213.151.192.0/18 maxlen: 18
Validation: Failed, certificate revoked on Mon 23 Oct 2023 12:55:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:dd:57:ae:ef:a4:ab:65:ff:7b:94:bd:73:c8:09:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=022e76e8994b66613748e021b5f4007f01b54d4f
Validity
Not Before: Oct 20 11:34:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=815bfd049f103a7d7676d79873bf5afb86298e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e6:47:55:9c:ac:9a:80:de:83:37:7a:b5:f6:
be:8e:12:ab:22:13:02:ac:7e:d7:76:64:fe:cd:c4:
28:f1:76:91:7e:eb:18:4c:1f:bf:52:b8:d4:2d:cd:
a3:ce:60:df:6d:78:95:0c:a7:85:d0:0a:c1:5b:ff:
15:ce:67:61:ee:35:d1:99:5f:01:7f:11:b8:96:9c:
78:fe:0c:3c:c3:8d:ee:96:61:cb:27:c7:c4:77:30:
ff:e0:ff:89:56:a4:0b:04:e2:2e:67:c1:8a:e4:4f:
63:99:94:ca:dd:cb:13:28:79:c5:41:4b:b1:0c:9e:
e8:05:90:8a:48:08:26:51:db:12:db:d5:e0:8f:88:
c5:a9:64:13:75:cf:2c:9a:e2:56:b6:a5:03:14:f5:
15:74:fb:f9:94:50:1c:d4:49:42:81:c2:c7:b2:0d:
64:8b:70:c4:62:ee:7c:8f:5c:19:00:af:9d:42:24:
77:4b:02:35:2b:d0:a8:ab:59:79:57:1f:47:3e:55:
62:8e:55:3a:2d:c2:a0:dc:9b:7c:67:06:89:10:8f:
ce:a5:a6:c4:77:84:c0:26:bc:ca:7a:af:a7:f2:d6:
2a:92:5d:c0:2e:6b:f6:40:33:b2:44:eb:d0:e7:56:
23:69:97:d7:31:18:64:a2:78:39:05:3f:87:a1:4d:
ea:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:5B:FD:04:9F:10:3A:7D:76:76:D7:98:73:BF:5A:FB:86:29:8E:64
X509v3 Authority Key Identifier:
keyid:02:2E:76:E8:99:4B:66:61:37:48:E0:21:B5:F4:00:7F:01:B5:4D:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ai526JlLZmE3SOAhtfQAfwG1TU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/248588-1f8d-48d1-8bb2-971b0c065460/1/gVv9BJ8QOn12dteYc79a-4YpjmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/248588-1f8d-48d1-8bb2-971b0c065460/1/Ai526JlLZmE3SOAhtfQAfwG1TU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.105.128.0/17
178.143.0.0/16
185.50.212.0/22
213.151.192.0/18
Signature Algorithm: sha256WithRSAEncryption
4d:39:97:e4:90:ec:34:3b:49:86:1c:09:b0:86:f9:33:5f:a8:
fe:46:ea:e2:d1:b7:1e:60:3d:0e:fe:00:10:d4:b8:69:f4:ed:
f8:d6:cf:7d:0d:15:b3:ec:14:10:66:07:a7:43:60:33:da:f1:
c8:71:72:9b:d6:a1:b1:74:fe:ca:21:b8:73:f7:d9:78:9b:5a:
27:2e:b0:e8:0e:16:cc:bd:b7:dc:07:df:1c:6b:f5:5e:53:2b:
14:19:14:11:1e:d2:47:64:fc:15:79:54:6c:49:6e:ed:b9:6f:
c5:8a:07:96:f5:8e:af:4a:a6:bd:b7:40:4b:18:3b:67:7d:92:
42:06:f0:91:9e:71:73:23:0e:b2:f5:9d:5b:ee:e0:27:85:d1:
7f:fa:e9:da:67:85:3e:a2:05:2c:44:31:fe:b9:9f:b2:aa:67:
61:01:4f:5d:9b:99:b9:8d:c3:1b:63:e7:e1:cd:9f:89:b8:41:
4d:57:d7:5a:4d:d3:5b:ee:af:e2:9e:a6:d4:e9:66:3d:45:cc:
f5:b8:ce:96:b2:a3:67:15:95:39:76:15:74:83:43:2c:d9:eb:
bf:69:0e:ff:2f:e5:44:6b:59:a6:a1:34:7a:04:18:36:74:d7:
f2:94:f1:e7:8a:18:41:a1:3d:5a:e0:9a:69:6f:2f:cf:63:e9:
d8:79:4e:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtM3Veu76SrZf97lL1zyAmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMmU3NmU4OTk0YjY2NjEzNzQ4ZTAyMWI1ZjQwMDdmMDFi
NTRkNGYwHhcNMjMxMDIwMTEzNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTViZmQwNDlmMTAzYTdkNzY3NmQ3OTg3M2JmNWFmYjg2Mjk4ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOZHVZysmoDegzd6tfa+jhKrIhMC
rH7XdmT+zcQo8XaRfusYTB+/UrjULc2jzmDfbXiVDKeF0ArBW/8Vzmdh7jXRmV8B
fxG4lpx4/gw8w43ulmHLJ8fEdzD/4P+JVqQLBOIuZ8GK5E9jmZTK3csTKHnFQUux
DJ7oBZCKSAgmUdsS29Xgj4jFqWQTdc8smuJWtqUDFPUVdPv5lFAc1ElCgcLHsg1k
i3DEYu58j1wZAK+dQiR3SwI1K9Coq1l5Vx9HPlVijlU6LcKg3Jt8ZwaJEI/OpabE
d4TAJrzKeq+n8tYqkl3ALmv2QDOyROvQ51YjaZfXMRhkong5BT+HoU3qjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIFb/QSfEDp9dnbXmHO/WvuGKY5kMB8GA1UdIwQY
MBaAFAIuduiZS2ZhN0jgIbX0AH8BtU1PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWk1MjZKbExabUUzU09BaHRmUUFmd0cxVFU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8yNDg1ODgtMWY4ZC00OGQxLThiYjIt
OTcxYjBjMDY1NDYwLzEvZ1Z2OUJKOFFPbjEyZHRlWWM3OWEtNFlwam1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8yNDg1ODgtMWY4ZC00OGQxLThiYjItOTcxYjBjMDY1NDYw
LzEvQWk1MjZKbExabUUzU09BaHRmUUFmd0cxVFU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwQHX2mAAwMA
so8DBAK5MtQDBAbVl8AwDQYJKoZIhvcNAQELBQADggEBAE05l+SQ7DQ7SYYcCbCG
+TNfqP5G6uLRtx5gPQ7+ABDUuGn07fjWz30NFbPsFBBmB6dDYDPa8chxcpvWobF0
/sohuHP32XibWicusOgOFsy9t9wH3xxr9V5TKxQZFBEe0kdk/BV5VGxJbu25b8WK
B5b1jq9Kpr23QEsYO2d9kkIG8JGecXMjDrL1nVvu4CeF0X/66dpnhT6iBSxEMf65
n7KqZ2EBT12bmbmNwxtj5+HNn4m4QU1X11pN01vur+KeptTpZj1FzPW4zpayo2cV
lTl2FXSDQyzZ679pDv8v5URrWaahNHoEGDZ01/KU8eeKGEGhPVrgmmlvL89j6dh5
Tkk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:59 2024 by rpki-client on console-ams.rpki-client.org