Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/JE4zl4FN1Rkbz1-fuiGWvHHXaTw.roa
File: JE4zl4FN1Rkbz1-fuiGWvHHXaTw.roa (raw, json)
Hash identifier: odo+TglyThmDj8Fhj+dXeYgORdCrEWosSlni2KVcmz0=
Subject key identifier: 24:4E:33:97:81:4D:D5:19:1B:CF:5F:9F:BA:21:96:BC:71:D7:69:3C
Certificate issuer: /CN=191ee3af820563494647551a5206ef0c45cf95c9
Certificate serial: 01856F5DEF91D8A0E1BB1E6F54DEB49E28BD
Authority key identifier: 19:1E:E3:AF:82:05:63:49:46:47:55:1A:52:06:EF:0C:45:CF:95:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/JE4zl4FN1Rkbz1-fuiGWvHHXaTw.roa
Signing time: Sun 01 Jan 2023 22:05:05 +0000
ROA not before: Sun 01 Jan 2023 22:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12727
IP address blocks: 95.131.18.0/23 maxlen: 23
95.131.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 30 Jan 2023 13:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:ef:91:d8:a0:e1:bb:1e:6f:54:de:b4:9e:28:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=191ee3af820563494647551a5206ef0c45cf95c9
Validity
Not Before: Jan 1 22:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=244e3397814dd5191bcf5f9fba2196bc71d7693c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d3:17:27:69:aa:3a:ca:99:ac:74:39:eb:81:
63:c9:b5:04:a1:9a:75:97:12:d5:37:5b:2d:7b:00:
56:8e:1f:c6:f5:74:73:3f:0f:c2:27:12:77:3a:26:
6e:3f:6a:22:15:92:c7:e2:d6:5a:2e:81:44:c1:6c:
f1:e6:38:4d:de:09:f7:55:a0:34:ce:a6:f6:b9:66:
26:ce:5d:87:0c:5c:03:a6:8e:83:b7:72:e2:df:90:
ce:ca:d0:0d:d4:d0:d8:2f:56:f6:6a:98:9c:af:1b:
ab:b4:bd:92:d4:eb:4f:b1:5f:4f:fa:20:e8:af:ea:
c8:63:3f:5b:d3:0f:0e:65:56:a2:d4:5f:ac:2f:91:
03:37:ac:0c:54:d2:29:ee:11:25:aa:22:97:cb:b0:
03:ce:03:83:48:cb:2b:89:b6:88:08:a0:bc:12:8a:
f8:c5:b7:3f:16:c0:9c:ce:89:da:64:ba:7a:6c:2b:
31:90:65:0d:9c:a8:57:ee:7f:da:ce:4c:3d:e8:b1:
49:65:da:a7:70:d5:74:59:fb:30:29:01:46:79:46:
a7:ca:71:28:46:32:c0:13:fc:f7:ed:8f:f7:19:00:
72:ed:61:c6:96:5d:ee:8f:37:91:1a:14:26:42:03:
17:2e:e9:5d:b7:60:a6:51:c7:4d:47:ab:5a:09:93:
82:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:4E:33:97:81:4D:D5:19:1B:CF:5F:9F:BA:21:96:BC:71:D7:69:3C
X509v3 Authority Key Identifier:
keyid:19:1E:E3:AF:82:05:63:49:46:47:55:1A:52:06:EF:0C:45:CF:95:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/JE4zl4FN1Rkbz1-fuiGWvHHXaTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/GR7jr4IFY0lGR1UaUgbvDEXPlck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.18.0-95.131.23.255
Signature Algorithm: sha256WithRSAEncryption
07:99:f4:94:19:67:ab:73:07:ef:59:0e:f4:79:a1:fa:9f:df:
05:66:61:29:8d:e9:75:32:83:ca:f7:2c:76:eb:57:0b:25:4e:
77:d9:c0:93:9b:53:63:ae:b8:23:e1:ad:4b:24:ad:e6:8a:ad:
0b:e3:2f:14:1f:1f:d8:39:09:93:35:d8:54:d4:37:ad:d8:f4:
98:e8:c0:5b:1a:0c:ac:bc:e2:99:9b:2c:9c:df:8d:9a:57:43:
a1:bb:cb:2a:ae:f8:d5:33:65:fa:0d:83:8d:ef:95:51:65:c1:
66:b1:ca:e0:b9:da:9e:91:29:6f:f9:ec:6f:a4:94:51:04:c8:
06:2a:04:e6:0d:1e:76:53:dc:c3:6f:b4:5f:66:69:d1:2e:47:
1a:2d:ab:bd:31:db:46:70:f4:f9:02:31:23:e7:c2:86:09:cb:
5a:d4:be:3f:67:0a:7d:85:d8:be:e1:c3:36:01:75:b4:13:36:
aa:21:bc:dd:80:2f:bb:f4:a6:ad:6c:60:7c:b4:19:ef:de:38:
eb:44:92:37:dd:ff:ce:5d:6a:ac:70:7a:36:f1:d1:3c:18:09:
c1:e0:57:79:c3:95:93:2e:a9:3b:77:49:f3:d1:71:77:34:9d:
9c:0c:fa:4f:95:6a:a2:21:6a:34:96:e5:40:ad:70:67:bb:41:
77:5c:8c:c1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvXe+R2KDhux5vVN60nii9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MWVlM2FmODIwNTYzNDk0NjQ3NTUxYTUyMDZlZjBjNDVj
Zjk1YzkwHhcNMjMwMTAxMjIwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDRlMzM5NzgxNGRkNTE5MWJjZjVmOWZiYTIxOTZiYzcxZDc2OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNMXJ2mqOsqZrHQ564FjybUEoZp1
lxLVN1stewBWjh/G9XRzPw/CJxJ3OiZuP2oiFZLH4tZaLoFEwWzx5jhN3gn3VaA0
zqb2uWYmzl2HDFwDpo6Dt3Li35DOytAN1NDYL1b2apicrxurtL2S1OtPsV9P+iDo
r+rIYz9b0w8OZVai1F+sL5EDN6wMVNIp7hElqiKXy7ADzgODSMsribaICKC8Eor4
xbc/FsCczonaZLp6bCsxkGUNnKhX7n/azkw96LFJZdqncNV0WfswKQFGeUanynEo
RjLAE/z37Y/3GQBy7WHGll3ujzeRGhQmQgMXLuldt2CmUcdNR6taCZOCfwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCROM5eBTdUZG89fn7ohlrxx12k8MB8GA1UdIwQY
MBaAFBke46+CBWNJRkdVGlIG7wxFz5XJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1I3anI0SUZZMGxHUjFVYVVnYnZERVhQbGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hM2RmODEtMjA5Ni00OTNkLWIxMDYt
NDZkNmNlYTIwMzQyLzEvSkU0emw0Rk4xUmtiejEtZnVpR1d2SEhYYVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hM2RmODEtMjA5Ni00OTNkLWIxMDYtNDZkNmNlYTIwMzQy
LzEvR1I3anI0SUZZMGxHUjFVYVVnYnZERVhQbGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFfgxID
BANfgxAwDQYJKoZIhvcNAQELBQADggEBAAeZ9JQZZ6tzB+9ZDvR5ofqf3wVmYSmN
6XUyg8r3LHbrVwslTnfZwJObU2OuuCPhrUskreaKrQvjLxQfH9g5CZM12FTUN63Y
9JjowFsaDKy84pmbLJzfjZpXQ6G7yyqu+NUzZfoNg43vlVFlwWaxyuC52p6RKW/5
7G+klFEEyAYqBOYNHnZT3MNvtF9madEuRxotq70x20Zw9PkCMSPnwoYJy1rUvj9n
Cn2F2L7hwzYBdbQTNqohvN2AL7v0pq1sYHy0Ge/eOOtEkjfd/85daqxwejbx0TwY
CcHgV3nDlZMuqTt3SfPRcXc0nZwM+k+VaqIhajSW5UCtcGe7QXdcjME=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:19 2024 by rpki-client on console-fra.rpki-client.org