Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/u9GUbO-uEEzNsaklOs3GjH7W8t0.roa
File: u9GUbO-uEEzNsaklOs3GjH7W8t0.roa (raw, json)
Hash identifier: 2aK01eHuV+Uk7La9p6pHQLZKEr747YlCkYFRQvLhRAM=
Subject key identifier: BB:D1:94:6C:EF:AE:10:4C:CD:B1:A9:25:3A:CD:C6:8C:7E:D6:F2:DD
Certificate issuer: /CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
Certificate serial: 018FC4E748EE3CE45846DCE475117D46C473
Authority key identifier: D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/u9GUbO-uEEzNsaklOs3GjH7W8t0.roa
Signing time: Wed 29 May 2024 15:10:42 +0000
ROA not before: Wed 29 May 2024 15:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201670
IP address blocks: 95.128.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 13:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c4:e7:48:ee:3c:e4:58:46:dc:e4:75:11:7d:46:c4:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
Validity
Not Before: May 29 15:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbd1946cefae104ccdb1a9253acdc68c7ed6f2dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:67:66:58:39:1f:ef:a4:8e:59:ef:a3:9a:72:
54:5e:6f:d8:df:8f:b9:dc:1e:c5:bb:c7:f5:89:de:
f5:25:8e:c8:43:1f:a6:f6:e7:f2:c3:73:30:b2:7d:
c7:e1:da:20:a0:9e:db:06:2a:e7:10:c0:89:7c:20:
90:4c:25:9a:51:ea:13:93:6b:fa:b9:e7:c0:ab:0a:
6b:1f:e1:7b:de:0d:bf:ed:33:87:c7:80:ea:ee:0a:
8d:20:b2:97:31:b3:72:fd:08:32:ac:df:fc:cb:75:
8f:60:7e:24:26:5f:3b:42:d3:32:af:b3:3b:12:84:
21:02:26:d2:cf:10:72:88:0d:b7:9b:73:c4:8a:cc:
3f:5b:b7:8f:31:fd:df:02:ae:41:1c:e9:47:b9:b3:
30:22:63:8e:9d:8c:fb:76:fd:6b:e1:ef:40:11:11:
fa:30:60:3d:7d:b0:9f:e9:81:5d:b3:6f:7f:cd:8d:
4a:e3:b2:9d:22:b7:01:26:e6:ee:89:08:52:4a:c9:
a1:ed:de:ec:1e:6c:d0:24:34:4b:6f:6a:c0:e2:18:
ee:46:d3:24:d2:5b:02:01:88:a1:c8:32:9f:b4:2e:
10:2a:2e:10:62:e0:0d:42:aa:bc:a9:a0:b7:14:51:
00:58:fa:a8:4b:ec:36:ec:07:d6:de:6b:6c:e8:df:
4f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D1:94:6C:EF:AE:10:4C:CD:B1:A9:25:3A:CD:C6:8C:7E:D6:F2:DD
X509v3 Authority Key Identifier:
keyid:D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/u9GUbO-uEEzNsaklOs3GjH7W8t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/04zZRAVS59q5zVYx1KuHJFFTW3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.156.0/24
Signature Algorithm: sha256WithRSAEncryption
60:7b:53:94:26:13:db:9b:6f:9b:d4:7f:ce:f4:77:58:ef:ed:
d9:04:5e:60:d5:c0:8c:07:14:6d:a4:dc:8a:18:e1:e8:94:03:
6e:6c:81:67:95:6e:ac:94:f6:29:f4:f9:22:f5:de:27:a2:c9:
f6:2e:01:40:44:4e:46:06:ed:55:28:3c:4f:c2:1a:88:80:d6:
8e:8b:9b:fd:50:d1:b1:ad:e9:f3:27:0c:44:f2:55:3b:69:29:
53:98:31:6b:32:89:13:88:2c:76:22:11:c1:47:c7:6f:3a:97:
b8:d6:e8:28:ed:74:c9:4e:e4:96:79:43:e5:63:40:e2:9f:fe:
7e:1a:58:31:66:23:ae:f4:7a:14:ae:1c:a3:ec:66:d2:46:92:
4c:6d:14:ef:95:0a:72:53:e0:6a:69:49:f7:89:90:bf:2f:60:
c1:9d:7c:a6:e7:cd:58:5a:33:26:1f:93:5b:cf:90:f6:5b:9e:
2b:bf:c4:3e:7f:5d:19:83:9a:04:8f:da:ea:ca:01:c1:40:a9:
54:34:13:93:fc:94:cd:71:78:4e:66:c8:b1:6c:e8:7b:86:4f:
c3:59:6e:ca:d8:27:42:f4:37:b3:57:dd:83:19:b3:b4:47:20:
6e:e3:62:f1:2e:bc:83:59:87:3c:f6:5c:b9:32:15:f3:4c:a8:
9d:dc:9b:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/E50juPORYRtzkdRF9RsRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOGNkOTQ0MDU1MmU3ZGFiOWNkNTYzMWQ0YWI4NzI0NTE1
MzViN2EwHhcNMjQwNTI5MTUxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQxOTQ2Y2VmYWUxMDRjY2RiMWE5MjUzYWNkYzY4YzdlZDZmMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WdmWDkf76SOWe+jmnJUXm/Y34+5
3B7Fu8f1id71JY7IQx+m9ufyw3Mwsn3H4dogoJ7bBirnEMCJfCCQTCWaUeoTk2v6
uefAqwprH+F73g2/7TOHx4Dq7gqNILKXMbNy/QgyrN/8y3WPYH4kJl87QtMyr7M7
EoQhAibSzxByiA23m3PEisw/W7ePMf3fAq5BHOlHubMwImOOnYz7dv1r4e9AERH6
MGA9fbCf6YFds29/zY1K47KdIrcBJubuiQhSSsmh7d7sHmzQJDRLb2rA4hjuRtMk
0lsCAYihyDKftC4QKi4QYuANQqq8qaC3FFEAWPqoS+w27AfW3mts6N9P0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvRlGzvrhBMzbGpJTrNxox+1vLdMB8GA1UdIwQY
MBaAFNOM2UQFUufauc1WMdSrhyRRU1t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMt
N2M2NWE4NTJmMDkyLzEvdTlHVWJPLXVFRXpOc2FrbE9zM0dqSDdXOHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMtN2M2NWE4NTJmMDky
LzEvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4CcMA0G
CSqGSIb3DQEBCwUAA4IBAQBge1OUJhPbm2+b1H/O9HdY7+3ZBF5g1cCMBxRtpNyK
GOHolANubIFnlW6slPYp9Pki9d4nosn2LgFARE5GBu1VKDxPwhqIgNaOi5v9UNGx
renzJwxE8lU7aSlTmDFrMokTiCx2IhHBR8dvOpe41ugo7XTJTuSWeUPlY0Din/5+
GlgxZiOu9HoUrhyj7GbSRpJMbRTvlQpyU+BqaUn3iZC/L2DBnXym581YWjMmH5Nb
z5D2W54rv8Q+f10Zg5oEj9rqygHBQKlUNBOT/JTNcXhOZsixbOh7hk/DWW7K2CdC
9DezV92DGbO0RyBu42LxLryDWYc89ly5MhXzTKid3JvZ
-----END CERTIFICATE-----
Generated at Thu Aug 29 14:50:21 2024 by rpki-client on console-fra.rpki-client.org