Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/cTj2FpSj1nGDjUAronVZP6UCy2A.roa
File: cTj2FpSj1nGDjUAronVZP6UCy2A.roa (raw, json)
Hash identifier: ts0j9n7QMiQeVCPrfT8I6LyV8Ze7Rgr8imMUvBi1W5s=
Subject key identifier: 71:38:F6:16:94:A3:D6:71:83:8D:40:2B:A2:75:59:3F:A5:02:CB:60
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018C39CE5E6CF629A368F3F21AD2658F3DCC
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/cTj2FpSj1nGDjUAronVZP6UCy2A.roa
Signing time: Tue 05 Dec 2023 11:47:55 +0000
ROA not before: Tue 05 Dec 2023 11:47:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207429
IP address blocks: 95.173.182.0/24 maxlen: 24
89.252.151.0/24 maxlen: 24
89.252.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:ce:5e:6c:f6:29:a3:68:f3:f2:1a:d2:65:8f:3d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Dec 5 11:47:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7138f61694a3d671838d402ba275593fa502cb60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cd:ef:5e:56:b4:f9:a7:f8:d3:6b:f1:d0:cd:
9e:11:94:d8:03:68:d8:60:b9:1b:6f:e9:6d:b7:38:
98:94:ae:73:f8:3c:a3:f6:c5:be:df:95:5a:20:20:
f2:61:7f:31:93:fe:1f:9d:c7:ca:16:9b:cc:7e:09:
89:cf:73:f4:18:ed:30:e8:16:62:85:f0:0c:15:a4:
0d:b8:fe:b2:aa:05:dd:51:71:7b:f4:bd:34:a3:d2:
ea:fd:8a:b5:a0:c5:ba:80:9b:84:fe:ca:2d:13:86:
c1:e3:69:43:fb:a4:95:20:57:6b:e6:2e:5b:78:73:
4d:7a:3a:30:f7:71:26:fc:aa:b4:a2:9f:35:22:60:
a8:f7:a8:6b:91:e6:70:60:e6:c4:d9:2b:4b:84:2d:
6d:7a:5a:b6:e3:56:a2:e8:3a:93:66:1a:90:05:64:
0f:45:43:9f:b0:4d:93:4f:7f:84:6b:fa:7b:44:c6:
e1:e3:e2:ef:ef:65:52:5c:6a:87:69:3c:d4:9d:ba:
5d:c7:6c:87:83:a1:03:60:3f:de:5a:85:8b:c2:48:
1d:57:ea:6d:57:32:57:0b:b8:a1:95:e1:ec:8d:c0:
43:18:ac:18:a2:bd:6f:1b:20:51:8f:af:f7:02:b7:
09:f5:1b:0d:d2:a3:75:e8:f8:c3:34:35:90:72:1b:
fa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:38:F6:16:94:A3:D6:71:83:8D:40:2B:A2:75:59:3F:A5:02:CB:60
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/cTj2FpSj1nGDjUAronVZP6UCy2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.151.0/24
89.252.154.0/24
95.173.182.0/24
Signature Algorithm: sha256WithRSAEncryption
68:b3:c4:0c:f8:d4:16:d6:1f:f9:92:30:a3:27:7e:9e:20:f6:
8f:4b:3d:06:bc:9c:0c:ff:93:18:9a:12:3d:0e:dd:43:a5:46:
7e:d9:dd:8d:38:1c:50:4a:c8:8a:dc:f5:e5:ef:27:50:bc:c6:
31:6a:27:05:72:e2:e2:9a:b6:0f:ad:ee:5a:73:55:dd:fb:1b:
f7:1e:e5:02:d8:4b:63:6f:bc:b0:38:98:26:d1:6f:7e:53:62:
12:f8:c6:17:da:7b:fa:ac:1e:d0:f9:37:9e:80:f8:c4:5a:95:
ba:c9:cf:65:28:0b:09:37:d5:63:1f:a9:bd:ea:55:66:47:45:
73:b2:fd:8c:3b:d5:86:75:93:6c:48:9b:9b:29:d4:11:a3:ba:
cc:cb:40:89:91:4b:79:1e:16:97:80:20:c1:d6:ab:73:92:65:
e5:00:fb:df:57:35:29:f9:66:79:58:b9:40:f0:4a:e2:73:60:
95:67:0a:94:4d:ba:81:62:3a:0e:a0:25:85:27:69:86:63:e9:
29:51:1b:bd:82:07:85:d3:5c:1f:d7:5b:a2:ce:8b:49:00:34:
98:61:0c:f6:a7:01:3c:19:a8:34:99:70:a5:a3:79:51:f0:71:
1d:db:c6:5e:62:07:90:bb:f3:d7:09:bf:11:57:1c:db:ec:16:
ae:fc:ab:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYw5zl5s9imjaPPyGtJljz3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMxMjA1MTE0NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTM4ZjYxNjk0YTNkNjcxODM4ZDQwMmJhMjc1NTkzZmE1MDJjYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv83vXla0+af402vx0M2eEZTYA2jY
YLkbb+lttziYlK5z+Dyj9sW+35VaICDyYX8xk/4fncfKFpvMfgmJz3P0GO0w6BZi
hfAMFaQNuP6yqgXdUXF79L00o9Lq/Yq1oMW6gJuE/sotE4bB42lD+6SVIFdr5i5b
eHNNejow93Em/Kq0op81ImCo96hrkeZwYObE2StLhC1telq241ai6DqTZhqQBWQP
RUOfsE2TT3+Ea/p7RMbh4+Lv72VSXGqHaTzUnbpdx2yHg6EDYD/eWoWLwkgdV+pt
VzJXC7ihleHsjcBDGKwYor1vGyBRj6/3ArcJ9RsN0qN16PjDNDWQchv6iQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHE49haUo9Zxg41AK6J1WT+lAstgMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvY1RqMkZwU2oxbkdEalVBcm9uVlpQNlVDeTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfyXAwQA
WfyaAwQAX622MA0GCSqGSIb3DQEBCwUAA4IBAQBos8QM+NQW1h/5kjCjJ36eIPaP
Sz0GvJwM/5MYmhI9Dt1DpUZ+2d2NOBxQSsiK3PXl7ydQvMYxaicFcuLimrYPre5a
c1Xd+xv3HuUC2Etjb7ywOJgm0W9+U2IS+MYX2nv6rB7Q+TeegPjEWpW6yc9lKAsJ
N9VjH6m96lVmR0Vzsv2MO9WGdZNsSJubKdQRo7rMy0CJkUt5HhaXgCDB1qtzkmXl
APvfVzUp+WZ5WLlA8Eric2CVZwqUTbqBYjoOoCWFJ2mGY+kpURu9ggeF01wf11ui
zotJADSYYQz2pwE8Gag0mXClo3lR8HEd28ZeYgeQu/PXCb8RVxzb7Bau/KtT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org