Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/rmOvfccSRY4lt_4wSnZfsypfGr4.roa
File: rmOvfccSRY4lt_4wSnZfsypfGr4.roa (raw, json)
Hash identifier: SvzxkdqjoaculfLWqpJb77FHt1y4mrhA7RDHDd80xos=
Subject key identifier: AE:63:AF:7D:C7:12:45:8E:25:B7:FE:30:4A:76:5F:B3:2A:5F:1A:BE
Certificate issuer: /CN=448ca39537597cfae60ae0421db8e098b4e26130
Certificate serial: 018572B4351FB994F3C5E89D43D4973F3F5A
Authority key identifier: 44:8C:A3:95:37:59:7C:FA:E6:0A:E0:42:1D:B8:E0:98:B4:E2:61:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RIyjlTdZfPrmCuBCHbjgmLTiYTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/rmOvfccSRY4lt_4wSnZfsypfGr4.roa
Signing time: Mon 02 Jan 2023 13:38:10 +0000
ROA not before: Mon 02 Jan 2023 13:38:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51758
IP address blocks: 95.215.184.0/21 maxlen: 24
185.206.232.0/22 maxlen: 24
2a00:51c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:35:1f:b9:94:f3:c5:e8:9d:43:d4:97:3f:3f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=448ca39537597cfae60ae0421db8e098b4e26130
Validity
Not Before: Jan 2 13:38:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae63af7dc712458e25b7fe304a765fb32a5f1abe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c2:1a:15:4f:7e:bc:09:26:c6:fa:f3:32:99:
3d:06:62:2d:40:b0:74:c4:ea:a2:b5:ae:e0:51:dc:
a4:92:b7:de:9c:ee:e0:9f:72:b0:4f:c7:eb:62:16:
91:10:b8:3a:e6:83:60:e6:ce:fc:b4:9c:06:f9:71:
4e:94:82:3e:67:6b:7a:24:02:c7:92:8c:6a:19:cd:
b7:25:b9:0e:06:26:46:2a:b7:94:e7:aa:08:a0:db:
b3:18:d6:c6:3f:0b:19:77:c8:37:9b:28:2c:7e:fa:
f4:78:fd:e9:3a:86:77:b8:3d:08:bf:4f:81:10:2e:
9e:69:86:93:bc:f4:8a:94:34:b1:83:2a:af:b5:ce:
e4:cc:6d:12:50:1d:ff:93:27:f3:97:d7:cb:a2:3f:
24:f6:5f:36:e3:1a:ff:e3:67:f1:9f:6d:60:c2:cd:
ac:0b:72:86:11:1a:a6:4d:02:bb:bf:c4:fd:39:a5:
c4:56:5d:ab:16:ea:25:60:40:63:f7:ed:b2:cf:89:
42:80:84:8c:4a:60:10:c3:ef:58:75:f8:17:4a:77:
04:ff:ca:74:d2:5b:c9:7d:0b:1e:fe:c4:74:ca:9c:
03:14:00:fb:02:aa:8a:90:8f:6f:bc:4f:7c:4b:ef:
c8:19:41:ee:12:1f:53:5a:9d:ce:59:20:be:e4:7e:
2b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:63:AF:7D:C7:12:45:8E:25:B7:FE:30:4A:76:5F:B3:2A:5F:1A:BE
X509v3 Authority Key Identifier:
keyid:44:8C:A3:95:37:59:7C:FA:E6:0A:E0:42:1D:B8:E0:98:B4:E2:61:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RIyjlTdZfPrmCuBCHbjgmLTiYTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/rmOvfccSRY4lt_4wSnZfsypfGr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/RIyjlTdZfPrmCuBCHbjgmLTiYTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.184.0/21
185.206.232.0/22
IPv6:
2a00:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
99:e2:c1:d1:9e:3e:94:73:ad:75:eb:08:9d:24:82:6f:47:34:
c5:cd:d0:ae:e6:bd:45:4c:7f:51:f5:d7:7e:26:8d:7c:ae:c3:
15:d8:b2:72:78:a4:e8:db:fe:d2:6a:3a:66:39:6d:e5:d0:1e:
9b:eb:52:60:0e:98:cd:56:4e:ad:60:c1:59:b7:4b:5f:5f:ff:
56:c5:54:f8:de:f3:f3:45:9d:1c:94:a5:ff:2e:80:2f:49:1d:
91:e1:0d:5f:e0:3a:18:aa:bd:0b:19:cc:81:30:a4:94:52:df:
b2:80:06:4d:bb:cc:f1:03:71:67:69:ba:5b:59:45:e1:cd:2e:
21:40:97:f6:e9:a1:0c:e5:92:9d:86:dd:62:ef:1a:3a:60:04:
32:31:a9:64:35:93:10:17:fe:1e:12:b4:90:8f:b6:91:de:3f:
48:f5:14:f3:7c:2c:6e:17:a7:56:b5:91:44:74:75:c4:92:9f:
71:7c:e2:98:45:9f:25:da:06:e9:4c:d1:6f:f6:fd:30:fe:f5:
73:cf:18:39:e4:45:ef:0d:46:78:5e:92:33:e3:c1:0f:61:73:
ef:ef:db:d7:4d:1c:2e:ae:72:6d:f3:16:e4:82:3d:c8:de:f3:
1a:85:c6:20:f6:5d:70:7a:ce:35:68:25:6c:ca:ac:a1:4b:62:
26:29:da:05
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVytDUfuZTzxeidQ9SXPz9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OGNhMzk1Mzc1OTdjZmFlNjBhZTA0MjFkYjhlMDk4YjRl
MjYxMzAwHhcNMjMwMTAyMTMzODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTYzYWY3ZGM3MTI0NThlMjViN2ZlMzA0YTc2NWZiMzJhNWYxYWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMIaFU9+vAkmxvrzMpk9BmItQLB0
xOqita7gUdykkrfenO7gn3KwT8frYhaRELg65oNg5s78tJwG+XFOlII+Z2t6JALH
koxqGc23JbkOBiZGKreU56oIoNuzGNbGPwsZd8g3mygsfvr0eP3pOoZ3uD0Iv0+B
EC6eaYaTvPSKlDSxgyqvtc7kzG0SUB3/kyfzl9fLoj8k9l824xr/42fxn21gws2s
C3KGERqmTQK7v8T9OaXEVl2rFuolYEBj9+2yz4lCgISMSmAQw+9YdfgXSncE/8p0
0lvJfQse/sR0ypwDFAD7AqqKkI9vvE98S+/IGUHuEh9TWp3OWSC+5H4r2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK5jr33HEkWOJbf+MEp2X7MqXxq+MB8GA1UdIwQY
MBaAFESMo5U3WXz65grgQh244Ji04mEwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkl5amxUZFpmUHJtQ3VCQ0hiamdtTFRpWVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kYjA1MTktNGU1YS00Yjc1LTg4ZmQt
YmJjMjM5ZTg5N2ViLzEvcm1PdmZjY1NSWTRsdF80d1NuWmZzeXBmR3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kYjA1MTktNGU1YS00Yjc1LTg4ZmQtYmJjMjM5ZTg5N2Vi
LzEvUkl5amxUZFpmUHJtQ3VCQ0hiamdtTFRpWVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX9e4AwQC
uc7oMA0EAgACMAcDBQAqAFHAMA0GCSqGSIb3DQEBCwUAA4IBAQCZ4sHRnj6Uc611
6widJIJvRzTFzdCu5r1FTH9R9dd+Jo18rsMV2LJyeKTo2/7SajpmOW3l0B6b61Jg
DpjNVk6tYMFZt0tfX/9WxVT43vPzRZ0clKX/LoAvSR2R4Q1f4DoYqr0LGcyBMKSU
Ut+ygAZNu8zxA3FnabpbWUXhzS4hQJf26aEM5ZKdht1i7xo6YAQyMalkNZMQF/4e
ErSQj7aR3j9I9RTzfCxuF6dWtZFEdHXEkp9xfOKYRZ8l2gbpTNFv9v0w/vVzzxg5
5EXvDUZ4XpIz48EPYXPv79vXTRwurnJt8xbkgj3I3vMahcYg9l1wes41aCVsyqyh
S2ImKdoF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:53 2024 by rpki-client on console-ams.rpki-client.org