Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/e99Gh2G-fswk5xmOyyjVcpjwnHg.roa
File: e99Gh2G-fswk5xmOyyjVcpjwnHg.roa (raw, json)
Hash identifier: 3eMhF78tZ1XlinBNI+Sz4Oz1qFl2n1CWxwuwMO5c/vU=
Subject key identifier: 7B:DF:46:87:61:BE:7E:CC:24:E7:19:8E:CB:28:D5:72:98:F0:9C:78
Certificate issuer: /CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5
Certificate serial: 01856C414285299C8B9A56C387E75F6C3000
Authority key identifier: 3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/e99Gh2G-fswk5xmOyyjVcpjwnHg.roa
Signing time: Sun 01 Jan 2023 07:34:53 +0000
ROA not before: Sun 01 Jan 2023 07:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39839
IP address blocks: 185.153.252.0/22 maxlen: 24
95.130.208.0/21 maxlen: 24
193.163.102.0/24 maxlen: 24
2a01:630::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:42:85:29:9c:8b:9a:56:c3:87:e7:5f:6c:30:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5
Validity
Not Before: Jan 1 07:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bdf468761be7ecc24e7198ecb28d57298f09c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bb:8f:84:f4:d4:b9:31:2f:e1:70:ee:26:a2:
43:62:9e:fa:63:84:28:03:ac:9e:7f:3d:57:ca:5b:
9a:38:4c:ad:30:66:3e:ac:85:aa:cd:d8:6c:64:f1:
44:16:54:b1:9b:e2:3b:5d:cf:40:3e:c5:16:e4:74:
70:0c:85:65:5a:95:a5:88:51:e8:91:a9:63:9c:41:
2f:1e:af:4f:4b:e9:dc:50:c4:38:9e:70:ee:34:c9:
03:14:f6:df:2f:a1:8e:a2:7b:f8:43:aa:f6:2c:fd:
38:ad:7e:c9:1e:c3:48:bd:ca:cb:e3:08:c2:55:d9:
3a:d7:40:3d:91:d9:65:1f:17:95:03:ad:18:57:d3:
99:1c:b5:ae:77:f6:88:fd:53:84:d9:fc:33:92:09:
b7:80:b8:55:ec:a8:4e:7e:38:88:a1:fd:a6:e1:29:
d8:47:da:1c:5a:e0:ac:3d:99:74:44:f0:a7:6b:fc:
7f:7f:6b:e0:ff:ee:6f:9d:57:25:5c:5d:86:90:de:
aa:22:9a:07:68:27:2c:40:16:34:b6:5f:03:4a:76:
5c:99:8f:f6:00:13:9e:ec:43:54:c8:f9:b8:4a:a5:
74:7f:f0:46:dc:78:4b:74:de:64:14:78:ee:23:cc:
b0:cc:39:d0:5f:bc:d2:50:d7:c5:4f:56:7e:12:7e:
ed:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:DF:46:87:61:BE:7E:CC:24:E7:19:8E:CB:28:D5:72:98:F0:9C:78
X509v3 Authority Key Identifier:
keyid:3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/e99Gh2G-fswk5xmOyyjVcpjwnHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.208.0/21
185.153.252.0/22
193.163.102.0/24
IPv6:
2a01:630::/32
Signature Algorithm: sha256WithRSAEncryption
23:c2:5c:ae:9d:c4:26:7e:fa:1c:6f:31:1f:a8:fa:f8:fe:38:
ca:d2:6c:e0:3a:f4:75:60:6a:7e:a6:7a:fd:b0:8d:67:c5:ed:
5c:f2:4b:57:77:06:5d:cd:c0:fa:f0:fb:cb:4d:71:4f:27:8c:
f5:71:33:fd:1e:47:9c:a7:4b:35:c2:36:ff:16:58:5c:19:86:
01:3c:49:0c:67:41:f5:76:94:24:72:1e:06:f2:3a:ee:2e:21:
96:77:d3:c8:2c:cf:20:92:69:c1:6e:f5:aa:a2:59:78:51:c1:
b5:7b:68:d8:f3:d2:67:11:ea:96:b9:f9:11:04:b1:87:9c:d5:
88:61:2f:b8:9e:03:17:56:43:a0:74:45:a1:7f:1f:b8:c2:6b:
a0:a8:d0:3a:dc:d5:0d:1f:4e:16:a0:af:5a:00:5b:0e:e9:b6:
6e:89:f1:a7:33:9c:62:fd:04:8f:5b:bd:d5:84:c9:18:e3:bf:
a5:ef:9f:19:f4:01:64:8f:b2:da:80:13:fe:2c:41:78:c4:37:
fc:e7:d3:3f:11:38:57:b0:c2:2e:65:83:c1:f6:c6:01:f9:88:
c2:2e:15:3d:88:d9:4b:88:38:f2:c1:89:a3:a8:7c:4d:76:1c:
aa:43:f4:96:b2:90:ce:fa:df:14:0e:f7:52:0f:bc:29:05:fd:
70:22:68:11
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsQUKFKZyLmlbDh+dfbDAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNjg1Y2Y4OGE3ZmM0M2ZlMWM3ZmUzNGE2ZmYzZGRiYjQx
NGYwYjUwHhcNMjMwMTAxMDczNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmRmNDY4NzYxYmU3ZWNjMjRlNzE5OGVjYjI4ZDU3Mjk4ZjA5Yzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7uPhPTUuTEv4XDuJqJDYp76Y4Qo
A6yefz1XyluaOEytMGY+rIWqzdhsZPFEFlSxm+I7Xc9APsUW5HRwDIVlWpWliFHo
kaljnEEvHq9PS+ncUMQ4nnDuNMkDFPbfL6GOonv4Q6r2LP04rX7JHsNIvcrL4wjC
Vdk610A9kdllHxeVA60YV9OZHLWud/aI/VOE2fwzkgm3gLhV7KhOfjiIof2m4SnY
R9ocWuCsPZl0RPCna/x/f2vg/+5vnVclXF2GkN6qIpoHaCcsQBY0tl8DSnZcmY/2
ABOe7ENUyPm4SqV0f/BG3HhLdN5kFHjuI8ywzDnQX7zSUNfFT1Z+En7tiQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHvfRodhvn7MJOcZjsso1XKY8Jx4MB8GA1UdIwQY
MBaAFDpoXPiKf8Q/4cf+NKb/Pdu0FPC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21oYy1JcF94RF9oeF80MHB2ODkyN1FVOExVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNjVjMjctYWVmNS00ODZkLWI1ZDct
NTlkNmNhNjVjY2JjLzEvZTk5R2gyRy1mc3drNXhtT3l5alZjcGp3bkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lNjVjMjctYWVmNS00ODZkLWI1ZDctNTlkNmNhNjVjY2Jj
LzEvT21oYy1JcF94RF9oeF80MHB2ODkyN1FVOExVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDX4LQAwQC
uZn8AwQAwaNmMA0EAgACMAcDBQAqAQYwMA0GCSqGSIb3DQEBCwUAA4IBAQAjwlyu
ncQmfvocbzEfqPr4/jjK0mzgOvR1YGp+pnr9sI1nxe1c8ktXdwZdzcD68PvLTXFP
J4z1cTP9Hkecp0s1wjb/FlhcGYYBPEkMZ0H1dpQkch4G8jruLiGWd9PILM8gkmnB
bvWqoll4UcG1e2jY89JnEeqWufkRBLGHnNWIYS+4ngMXVkOgdEWhfx+4wmugqNA6
3NUNH04WoK9aAFsO6bZuifGnM5xi/QSPW73VhMkY47+l758Z9AFkj7LagBP+LEF4
xDf859M/EThXsMIuZYPB9sYB+YjCLhU9iNlLiDjywYmjqHxNdhyqQ/SWspDO+t8U
DvdSD7wpBf1wImgR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:54 2024 by rpki-client on console-ams.rpki-client.org