Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-ofndv8XB00F5pza_O-y8DSfTaE.roa
File: 1-ofndv8XB00F5pza_O-y8DSfTaE.roa (raw, json)
Hash identifier: e5bxw34sTat9UAmhaynmH7b7PLHns54HIUi0Fx3WxJw=
Subject key identifier: FA:87:E7:76:FF:17:07:4D:05:E6:9C:DA:FC:EF:B2:F0:34:9F:4D:A1
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AD6BA7A209C3E846D8A6DD596F6E2
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-ofndv8XB00F5pza_O-y8DSfTaE.roa
Signing time: Mon 02 Jan 2023 17:15:08 +0000
ROA not before: Mon 02 Jan 2023 17:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206208
IP address blocks: 185.158.52.0/22 maxlen: 24
95.178.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:d6:ba:7a:20:9c:3e:84:6d:8a:6d:d5:96:f6:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa87e776ff17074d05e69cdafcefb2f0349f4da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d5:ce:1e:9e:c0:c6:0d:07:03:f9:b6:e4:49:
59:c4:06:39:cc:2f:10:3b:64:13:4f:14:8a:44:fc:
89:d3:39:bf:49:79:7f:6b:08:31:b6:3d:a8:a3:e5:
cd:83:9f:50:4c:66:3f:a8:15:d3:a1:86:b0:25:f5:
49:5e:67:8c:5b:54:97:82:f9:b4:d3:ce:15:dd:e1:
bd:96:48:89:9a:1b:8b:c8:80:51:a0:45:9b:47:08:
33:fa:7c:2d:1b:a3:37:e1:9c:21:05:15:78:4a:5f:
59:fa:3f:e9:b1:78:72:12:13:ad:52:39:a5:c0:fc:
98:08:bb:f4:3a:0b:44:1e:ab:25:3b:84:5e:97:f8:
3b:e8:5e:8b:3c:a4:13:87:1a:bf:5b:0f:10:5b:94:
e2:e1:0a:58:36:33:33:60:f8:33:5f:ce:96:37:45:
26:d4:78:79:f7:ec:6e:f7:93:43:22:17:d6:67:b9:
c9:c9:99:3e:6b:22:e2:6a:f5:3f:65:da:ee:d8:d6:
58:18:8f:30:4d:55:55:59:ad:c0:63:07:5b:8a:f6:
3f:36:ce:2a:59:7e:56:06:51:df:83:e7:f9:39:c1:
5f:b0:aa:66:f9:69:64:3a:80:17:cb:cf:ec:5f:70:
e8:1b:62:c6:e8:11:c4:c3:1b:c8:3c:35:6f:66:b3:
44:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:87:E7:76:FF:17:07:4D:05:E6:9C:DA:FC:EF:B2:F0:34:9F:4D:A1
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-ofndv8XB00F5pza_O-y8DSfTaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.178.39.0/24
185.158.52.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:9e:9b:b1:98:56:c8:0a:5c:b3:44:13:42:5b:77:07:7c:3f:
72:1d:14:6d:03:5f:a4:dd:ea:fc:1e:d9:9a:a0:03:8a:3e:b4:
9e:02:45:1e:20:b9:3f:93:a6:cf:ef:73:a8:f2:22:f4:30:00:
56:1c:48:2d:38:e3:33:06:d5:b8:96:13:3f:f4:e7:2e:e2:4c:
13:e5:92:9e:61:6b:86:70:7f:39:60:18:29:1e:5b:28:8a:15:
ea:83:7d:68:3a:00:19:35:ae:b7:03:8b:ce:d8:07:72:b5:ec:
4e:8e:19:de:41:56:2e:7f:de:e0:28:52:12:10:83:4e:ca:54:
c7:c7:da:e2:64:09:16:ba:b1:24:6b:e9:8f:4f:c5:aa:ba:88:
20:e2:1f:db:58:0f:5b:3f:80:f2:26:cb:a2:8f:f3:e0:f1:ea:
b6:9d:2a:53:82:cc:13:60:43:d0:85:2d:ac:ae:be:07:1c:f4:
38:fb:53:e0:2a:7b:4a:f4:22:eb:bb:7a:5f:2b:44:02:ea:f4:
8d:9a:39:c6:9f:fd:42:40:d2:47:7a:4c:8d:85:5f:e9:94:61:
35:84:2d:b5:48:42:50:0d:8b:4c:42:c0:03:11:0c:41:8f:b8:
61:06:2c:c9:e7:fd:48:29:36:97:08:8e:40:c3:91:a8:d9:6f:
8b:03:03:69
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVzeta6eiCcPoRtim3VlvbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTg3ZTc3NmZmMTcwNzRkMDVlNjljZGFmY2VmYjJmMDM0OWY0ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdXOHp7Axg0HA/m25ElZxAY5zC8Q
O2QTTxSKRPyJ0zm/SXl/awgxtj2oo+XNg59QTGY/qBXToYawJfVJXmeMW1SXgvm0
084V3eG9lkiJmhuLyIBRoEWbRwgz+nwtG6M34ZwhBRV4Sl9Z+j/psXhyEhOtUjml
wPyYCLv0OgtEHqslO4Rel/g76F6LPKQThxq/Ww8QW5Ti4QpYNjMzYPgzX86WN0Um
1Hh59+xu95NDIhfWZ7nJyZk+ayLiavU/Zdru2NZYGI8wTVVVWa3AYwdbivY/Ns4q
WX5WBlHfg+f5OcFfsKpm+WlkOoAXy8/sX3DoG2LG6BHEwxvIPDVvZrNEfwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqH53b/FwdNBeac2vzvsvA0n02hMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvMS1vZm5kdjhYQjAwRjVwemFfTy15OERTZlRhRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvYmZmNGFhLTRmMDctNDEyOS04YWQ2LWM3OTE0YWI2NDI3
My8xLzFIWDdDVFRQYWxqY3p2RVFoMTItWGo2TGEzVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF+yJwME
ArmeNDANBgkqhkiG9w0BAQsFAAOCAQEAmp6bsZhWyApcs0QTQlt3B3w/ch0UbQNf
pN3q/B7ZmqADij60ngJFHiC5P5Omz+9zqPIi9DAAVhxILTjjMwbVuJYTP/TnLuJM
E+WSnmFrhnB/OWAYKR5bKIoV6oN9aDoAGTWutwOLztgHcrXsTo4Z3kFWLn/e4ChS
EhCDTspUx8fa4mQJFrqxJGvpj0/FqrqIIOIf21gPWz+A8ibLoo/z4PHqtp0qU4LM
E2BD0IUtrK6+Bxz0OPtT4Cp7SvQi67t6XytEAur0jZo5xp/9QkDSR3pMjYVf6ZRh
NYQttUhCUA2LTELAAxEMQY+4YQYsyef9SCk2lwiOQMORqNlviwMDaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org