Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/mChy1Q-yGYKAuBtCpwG2BrYpKK0.roa
File: mChy1Q-yGYKAuBtCpwG2BrYpKK0.roa (raw, json)
Hash identifier: opJqXCswnM8gk5M6btYT/annRn1VRJjytY8D+xBfiUs=
Subject key identifier: 98:28:72:D5:0F:B2:19:82:80:B8:1B:42:A7:01:B6:06:B6:29:28:AD
Certificate issuer: /CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
Certificate serial: 018E31E91FDC541493175A961D89EF8D9E8C
Authority key identifier: D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/mChy1Q-yGYKAuBtCpwG2BrYpKK0.roa
Signing time: Tue 12 Mar 2024 09:05:45 +0000
ROA not before: Tue 12 Mar 2024 09:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 95.128.156.0/24 maxlen: 24
185.180.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 14:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:e9:1f:dc:54:14:93:17:5a:96:1d:89:ef:8d:9e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
Validity
Not Before: Mar 12 09:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=982872d50fb2198280b81b42a701b606b62928ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:07:20:27:72:a7:e7:3a:d0:1c:55:b6:91:30:
8a:21:05:34:6b:27:3a:2f:89:e6:80:d0:46:09:a3:
ea:29:77:0a:2a:a0:94:e2:cd:28:fe:26:cd:ee:e6:
34:85:9d:9a:ff:32:23:8b:39:29:0a:bd:35:b0:af:
93:bb:d4:1a:58:d2:bc:db:17:c2:44:63:13:1c:29:
e9:a5:55:70:ab:22:6c:88:f0:79:ed:01:7d:69:ee:
a3:a1:cc:cf:c7:9c:7b:5d:85:63:c1:3a:95:0c:f9:
51:ee:82:4c:64:2c:6c:51:4f:0c:8e:be:16:db:2e:
5a:cd:19:7c:36:46:ac:ae:36:f1:6b:55:60:2f:f0:
24:d9:57:51:d2:0c:e9:e8:e7:f8:87:f6:7f:31:bd:
d0:d2:50:dc:5d:4a:85:b5:b0:94:0d:63:23:80:86:
8f:a2:b7:22:f2:c2:bc:b8:8a:9e:ec:a2:cd:df:33:
24:f9:7b:71:93:6a:98:3b:02:15:3a:d5:b1:ad:bc:
93:ca:52:76:15:89:a5:4d:be:26:7a:a1:91:bf:64:
8d:58:52:b2:aa:5e:a2:2c:5d:9c:37:d0:d7:dd:33:
98:cf:fa:5f:32:85:20:8f:e4:52:14:db:50:5e:e8:
60:f4:40:39:13:98:5b:61:06:79:b2:09:9f:70:c0:
83:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:28:72:D5:0F:B2:19:82:80:B8:1B:42:A7:01:B6:06:B6:29:28:AD
X509v3 Authority Key Identifier:
keyid:D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/mChy1Q-yGYKAuBtCpwG2BrYpKK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/04zZRAVS59q5zVYx1KuHJFFTW3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.156.0/24
185.180.144.0/24
Signature Algorithm: sha256WithRSAEncryption
07:0d:f1:de:1b:69:c5:80:59:c4:7e:95:8e:39:62:07:4c:30:
b9:fa:b0:ce:5b:62:83:1d:a7:8b:df:31:42:ab:f9:14:60:a6:
2d:e4:02:13:2b:75:32:8c:61:76:3d:d8:94:94:30:76:96:c2:
9b:7c:02:01:d5:69:2f:52:75:0c:8f:95:a1:eb:2d:43:72:58:
01:c9:85:cf:81:94:01:92:aa:20:41:68:b0:68:88:8e:bc:cc:
0a:49:ca:63:c8:35:8d:75:4a:f6:98:03:58:b7:e3:76:d2:c7:
ed:fe:c7:19:9b:73:a3:60:0e:2e:bd:75:fd:b1:39:41:a9:74:
d7:23:92:c1:72:ab:f9:f1:14:b8:cd:4f:65:46:41:30:79:e8:
8a:02:c9:ca:71:e8:7e:8d:a2:9d:eb:4a:fd:ce:79:d8:c6:c6:
52:2c:a7:07:1c:4c:55:2e:91:b0:64:bc:13:2d:bd:ff:ca:d0:
bd:b5:37:55:d1:ce:b5:5b:bc:c1:b2:74:9f:fc:ca:9f:58:e2:
a9:c9:40:7d:a0:62:5f:7b:a4:f2:c6:0a:1c:f1:45:74:2e:d2:
96:92:3b:8e:c8:e4:3c:b5:cc:47:36:22:d3:a4:3e:38:6f:fd:
09:a1:1f:4f:1f:7c:38:ae:0b:5f:d1:dd:2d:47:96:e5:84:2d:
17:4a:41:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4x6R/cVBSTF1qWHYnvjZ6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOGNkOTQ0MDU1MmU3ZGFiOWNkNTYzMWQ0YWI4NzI0NTE1
MzViN2EwHhcNMjQwMzEyMDkwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODI4NzJkNTBmYjIxOTgyODBiODFiNDJhNzAxYjYwNmI2MjkyOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAcgJ3Kn5zrQHFW2kTCKIQU0ayc6
L4nmgNBGCaPqKXcKKqCU4s0o/ibN7uY0hZ2a/zIjizkpCr01sK+Tu9QaWNK82xfC
RGMTHCnppVVwqyJsiPB57QF9ae6joczPx5x7XYVjwTqVDPlR7oJMZCxsUU8Mjr4W
2y5azRl8Nkasrjbxa1VgL/Ak2VdR0gzp6Of4h/Z/Mb3Q0lDcXUqFtbCUDWMjgIaP
orci8sK8uIqe7KLN3zMk+Xtxk2qYOwIVOtWxrbyTylJ2FYmlTb4meqGRv2SNWFKy
ql6iLF2cN9DX3TOYz/pfMoUgj+RSFNtQXuhg9EA5E5hbYQZ5sgmfcMCDPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJgoctUPshmCgLgbQqcBtga2KSitMB8GA1UdIwQY
MBaAFNOM2UQFUufauc1WMdSrhyRRU1t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMt
N2M2NWE4NTJmMDkyLzEvbUNoeTFRLXlHWUtBdUJ0Q3B3RzJCcllwS0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMtN2M2NWE4NTJmMDky
LzEvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX4CcAwQA
ubSQMA0GCSqGSIb3DQEBCwUAA4IBAQAHDfHeG2nFgFnEfpWOOWIHTDC5+rDOW2KD
HaeL3zFCq/kUYKYt5AITK3UyjGF2PdiUlDB2lsKbfAIB1WkvUnUMj5Wh6y1DclgB
yYXPgZQBkqogQWiwaIiOvMwKScpjyDWNdUr2mANYt+N20sft/scZm3OjYA4uvXX9
sTlBqXTXI5LBcqv58RS4zU9lRkEweeiKAsnKceh+jaKd60r9znnYxsZSLKcHHExV
LpGwZLwTLb3/ytC9tTdV0c61W7zBsnSf/MqfWOKpyUB9oGJfe6Tyxgoc8UV0LtKW
kjuOyOQ8tcxHNiLTpD44b/0JoR9PH3w4rgtf0d0tR5blhC0XSkHy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:10 2024 by rpki-client on console-fra.rpki-client.org