Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/kveyG8465IkF1RIRaNIgG9fiDYQ.roa
File: kveyG8465IkF1RIRaNIgG9fiDYQ.roa (raw, json)
Hash identifier: 3GEc7JkUqJKgslAIfKDsc7dvk0fDWd3WzYbozsf4/tE=
Subject key identifier: 92:F7:B2:1B:CE:3A:E4:89:05:D5:12:11:68:D2:20:1B:D7:E2:0D:84
Certificate issuer: /CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
Certificate serial: 018F0FCB8ADAD1F7D2C2D32E1511B49FA846
Authority key identifier: D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/kveyG8465IkF1RIRaNIgG9fiDYQ.roa
Signing time: Wed 24 Apr 2024 11:09:08 +0000
ROA not before: Wed 24 Apr 2024 11:09:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 95.128.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 May 2024 05:54:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0f:cb:8a:da:d1:f7:d2:c2:d3:2e:15:11:b4:9f:a8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
Validity
Not Before: Apr 24 11:09:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92f7b21bce3ae48905d5121168d2201bd7e20d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e2:26:56:eb:3b:a0:7a:40:24:85:3f:5c:41:
5d:03:1a:1e:1c:77:f8:0e:3f:02:80:43:29:c7:05:
22:66:11:f0:25:c7:9a:ae:f8:fe:a6:95:45:43:ad:
d9:6d:a6:50:fc:32:3c:a9:ed:21:30:c4:31:d9:95:
b9:d1:b9:41:ac:81:4f:aa:05:99:04:e0:a9:0e:24:
64:dd:60:8b:a0:46:cf:9c:91:41:e6:c5:df:18:59:
46:7d:d5:0f:91:7a:09:ca:66:20:d1:12:2b:67:6e:
08:ae:16:6f:06:3e:83:dd:82:49:3d:c6:29:8f:46:
74:11:14:be:3b:a6:2a:bd:9e:eb:ad:da:bf:6e:1a:
dd:9a:73:6b:ec:9f:27:8d:87:dc:a7:21:5e:49:52:
c5:ce:59:b3:66:c0:2d:f6:c2:e8:84:84:66:03:d6:
1b:eb:fe:ce:76:75:ec:40:16:3f:a3:7e:ae:0b:6d:
75:5f:94:9a:04:63:60:85:71:6b:25:9d:f8:cd:fc:
75:9d:c0:00:19:2e:85:7f:09:30:75:b0:d6:57:7a:
67:90:fc:eb:c4:b4:bd:e9:d9:09:02:f5:4c:8e:9a:
ae:84:44:e3:9d:6e:1f:d6:23:01:0e:36:62:f8:00:
bd:25:cb:cc:f9:94:99:8a:53:73:8f:5d:27:a5:f4:
02:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F7:B2:1B:CE:3A:E4:89:05:D5:12:11:68:D2:20:1B:D7:E2:0D:84
X509v3 Authority Key Identifier:
keyid:D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/kveyG8465IkF1RIRaNIgG9fiDYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/04zZRAVS59q5zVYx1KuHJFFTW3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.156.0/24
Signature Algorithm: sha256WithRSAEncryption
53:b3:b0:36:1b:e5:d8:c8:f7:fd:5c:bc:de:ac:1e:4d:54:7e:
8f:73:47:24:9d:e8:e0:2b:0f:3d:c9:ea:ea:90:00:ab:3d:66:
35:a2:39:1f:31:e5:af:69:e9:e9:2f:5d:90:0a:e6:54:84:9e:
90:02:71:66:be:b8:f5:c9:31:a4:c9:df:9f:02:0d:ed:09:87:
6e:14:36:d8:b6:51:a1:f2:48:e5:19:77:8c:b0:9e:bb:3c:09:
61:4d:d7:31:c5:53:50:2e:82:20:a7:0f:db:af:1a:aa:82:bc:
1e:24:60:fb:eb:82:ee:05:7f:c1:b4:8a:94:d7:54:4d:75:6a:
4d:64:8f:89:d0:df:10:91:ea:3d:93:60:46:15:2e:22:a5:a7:
cd:50:ed:c0:17:5f:a7:19:13:96:75:8f:2b:f0:6b:1e:e8:e5:
ad:b2:9b:4c:2a:69:5a:6a:93:c2:e9:e2:d7:b3:55:d7:3f:9a:
cd:9f:b6:7f:a0:c8:71:ce:e1:47:d6:83:14:c1:62:18:5e:7d:
8d:5a:31:0b:6a:e6:49:bf:8f:b7:47:12:d9:7c:bc:d6:1c:5a:
13:7e:12:c1:56:03:a9:4c:5e:4e:86:65:e1:ae:50:52:06:5a:
82:9f:f8:93:56:8d:0c:ea:0d:c2:10:c3:16:57:fd:8f:24:0a:
35:0c:29:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8Py4ra0ffSwtMuFRG0n6hGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOGNkOTQ0MDU1MmU3ZGFiOWNkNTYzMWQ0YWI4NzI0NTE1
MzViN2EwHhcNMjQwNDI0MTEwOTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY3YjIxYmNlM2FlNDg5MDVkNTEyMTE2OGQyMjAxYmQ3ZTIwZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+ImVus7oHpAJIU/XEFdAxoeHHf4
Dj8CgEMpxwUiZhHwJcearvj+ppVFQ63ZbaZQ/DI8qe0hMMQx2ZW50blBrIFPqgWZ
BOCpDiRk3WCLoEbPnJFB5sXfGFlGfdUPkXoJymYg0RIrZ24IrhZvBj6D3YJJPcYp
j0Z0ERS+O6YqvZ7rrdq/bhrdmnNr7J8njYfcpyFeSVLFzlmzZsAt9sLohIRmA9Yb
6/7OdnXsQBY/o36uC211X5SaBGNghXFrJZ34zfx1ncAAGS6FfwkwdbDWV3pnkPzr
xLS96dkJAvVMjpquhETjnW4f1iMBDjZi+AC9JcvM+ZSZilNzj10npfQCiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJL3shvOOuSJBdUSEWjSIBvX4g2EMB8GA1UdIwQY
MBaAFNOM2UQFUufauc1WMdSrhyRRU1t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMt
N2M2NWE4NTJmMDkyLzEva3ZleUc4NDY1SWtGMVJJUmFOSWdHOWZpRFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMtN2M2NWE4NTJmMDky
LzEvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4CcMA0G
CSqGSIb3DQEBCwUAA4IBAQBTs7A2G+XYyPf9XLzerB5NVH6Pc0cknejgKw89yerq
kACrPWY1ojkfMeWvaenpL12QCuZUhJ6QAnFmvrj1yTGkyd+fAg3tCYduFDbYtlGh
8kjlGXeMsJ67PAlhTdcxxVNQLoIgpw/brxqqgrweJGD764LuBX/BtIqU11RNdWpN
ZI+J0N8Qkeo9k2BGFS4ipafNUO3AF1+nGROWdY8r8Gse6OWtsptMKmlaapPC6eLX
s1XXP5rNn7Z/oMhxzuFH1oMUwWIYXn2NWjELauZJv4+3RxLZfLzWHFoTfhLBVgOp
TF5OhmXhrlBSBlqCn/iTVo0M6g3CEMMWV/2PJAo1DClK
Generated at Sun May 12 07:05:46 2024 by rpki-client on console-fra.rpki-client.org