Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/mROMnM5m_N-O-9rtXqbROKFEJ-o.roa
File: mROMnM5m_N-O-9rtXqbROKFEJ-o.roa (raw, json)
Hash identifier: zMzBHJBmWc6CJhVDVGZAHngVvpfw5/RxON+ba/3mh/8=
Subject key identifier: 99:13:8C:9C:CE:66:FC:DF:8E:FB:DA:ED:5E:A6:D1:38:A1:44:27:EA
Certificate issuer: /CN=aa8fd05eeb6ea05a11d667abedd8ea1093d271b3
Certificate serial: 01856FD4EA1850D7B8D5205812F7B0A26712
Authority key identifier: AA:8F:D0:5E:EB:6E:A0:5A:11:D6:67:AB:ED:D8:EA:10:93:D2:71:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qo_QXutuoFoR1mer7djqEJPScbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/mROMnM5m_N-O-9rtXqbROKFEJ-o.roa
Signing time: Mon 02 Jan 2023 00:15:02 +0000
ROA not before: Mon 02 Jan 2023 00:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48757
IP address blocks: 95.128.176.0/22 maxlen: 22
95.128.180.0/22 maxlen: 22
95.128.181.0/24 maxlen: 24
95.128.183.0/24 maxlen: 24
95.128.180.0/24 maxlen: 24
185.17.140.0/22 maxlen: 22
95.128.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:ea:18:50:d7:b8:d5:20:58:12:f7:b0:a2:67:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa8fd05eeb6ea05a11d667abedd8ea1093d271b3
Validity
Not Before: Jan 2 00:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99138c9cce66fcdf8efbdaed5ea6d138a14427ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e2:54:78:11:ed:27:df:93:5b:a7:92:20:08:
30:b0:2f:ce:ac:3f:52:68:8d:91:07:69:66:4b:25:
16:ad:ca:c3:ef:3f:dd:aa:6c:0d:b6:8a:8a:ee:f3:
94:e8:fa:84:82:c6:0b:aa:43:86:04:24:0b:96:1a:
d7:fd:91:a0:31:13:fd:2b:f4:5b:6f:0f:9b:a1:5b:
f4:b9:e5:01:d1:a3:b6:6d:a8:83:ad:1e:e1:ef:59:
74:ff:99:c6:66:e4:89:a4:04:80:5b:a4:be:84:9c:
be:59:5f:b3:15:43:1d:23:3c:42:b3:f6:e5:2c:5e:
6b:b2:3d:91:8b:a3:47:d8:00:a2:cb:ee:a3:98:74:
95:d0:af:dd:8b:16:3e:50:27:69:9b:fc:82:42:3c:
65:01:53:d9:f1:73:1d:0a:e0:7c:6d:67:9e:a6:f5:
ac:10:ca:a8:c7:b0:f2:6a:e8:d2:05:51:4a:07:9e:
a3:c9:73:8e:cb:6e:19:db:fa:27:8d:75:ce:4e:7c:
9e:64:3e:03:35:c2:9f:0e:d9:aa:67:97:a3:a2:99:
09:a6:5c:68:3f:9b:bc:75:7e:3b:56:c9:d8:2a:54:
72:c9:c2:29:6a:ba:ed:d0:b0:e6:d4:23:5e:d3:86:
a0:cf:b4:20:f8:65:a9:fc:a2:66:19:01:12:a7:c6:
58:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:13:8C:9C:CE:66:FC:DF:8E:FB:DA:ED:5E:A6:D1:38:A1:44:27:EA
X509v3 Authority Key Identifier:
keyid:AA:8F:D0:5E:EB:6E:A0:5A:11:D6:67:AB:ED:D8:EA:10:93:D2:71:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qo_QXutuoFoR1mer7djqEJPScbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/mROMnM5m_N-O-9rtXqbROKFEJ-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/qo_QXutuoFoR1mer7djqEJPScbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.176.0/21
185.17.140.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:49:5c:f6:05:8f:3b:57:d8:39:a8:fc:f2:bd:4b:90:32:5d:
af:16:9a:28:98:5f:bc:fc:5c:e8:21:6e:01:e2:c5:7e:d4:1f:
83:3a:90:df:6f:46:d5:d5:e2:e9:10:90:58:1e:eb:4e:6b:bb:
73:8e:d0:8c:8c:8e:de:73:cf:76:9c:57:b8:52:6f:5a:54:b7:
8d:28:61:b5:e2:5f:2e:29:eb:f8:38:2c:4f:83:53:e9:0b:03:
9e:a9:7a:ee:98:39:4a:d8:75:8d:d4:2d:2d:87:82:30:ff:c1:
30:26:53:b6:39:a6:88:a6:b3:c9:db:0f:59:f0:9b:07:63:61:
81:45:87:1f:c8:08:ba:ce:0f:a0:eb:26:14:bf:0c:22:9c:57:
e0:82:28:f8:bb:e4:5c:e6:48:50:bd:5f:a8:75:f9:71:b4:fa:
2d:a2:c7:f8:5d:93:1c:74:06:72:52:84:71:47:b5:5d:14:52:
dd:3c:4c:a3:1e:83:f5:69:23:8a:70:83:f6:e0:32:f2:7c:13:
d6:c8:1c:dd:5c:b6:84:21:19:d8:de:22:a7:87:c4:18:63:b9:
04:b8:68:63:9b:41:92:4c:2e:d5:bf:c6:8e:7d:e5:46:57:6e:
8e:bb:d7:a2:c9:89:37:7e:b9:59:bf:0b:a3:2e:60:46:ec:37:
12:a0:90:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv1OoYUNe41SBYEvewomcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOGZkMDVlZWI2ZWEwNWExMWQ2NjdhYmVkZDhlYTEwOTNk
MjcxYjMwHhcNMjMwMTAyMDAxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTEzOGM5Y2NlNjZmY2RmOGVmYmRhZWQ1ZWE2ZDEzOGExNDQyN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+JUeBHtJ9+TW6eSIAgwsC/OrD9S
aI2RB2lmSyUWrcrD7z/dqmwNtoqK7vOU6PqEgsYLqkOGBCQLlhrX/ZGgMRP9K/Rb
bw+boVv0ueUB0aO2baiDrR7h71l0/5nGZuSJpASAW6S+hJy+WV+zFUMdIzxCs/bl
LF5rsj2Ri6NH2ACiy+6jmHSV0K/dixY+UCdpm/yCQjxlAVPZ8XMdCuB8bWeepvWs
EMqox7DyaujSBVFKB56jyXOOy24Z2/onjXXOTnyeZD4DNcKfDtmqZ5ejopkJplxo
P5u8dX47VsnYKlRyycIparrt0LDm1CNe04agz7Qg+GWp/KJmGQESp8ZYJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJkTjJzOZvzfjvva7V6m0TihRCfqMB8GA1UdIwQY
MBaAFKqP0F7rbqBaEdZnq+3Y6hCT0nGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9fUVh1dHVvRm9SMW1lcjdkanFFSlBTY2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8yYmI3MDYtNjZkNC00ZmFlLTkzYTEt
Yjk3YzJjNGFkNDM5LzEvbVJPTW5NNW1fTi1PLTlydFhxYlJPS0ZFSi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8yYmI3MDYtNjZkNC00ZmFlLTkzYTEtYjk3YzJjNGFkNDM5
LzEvcW9fUVh1dHVvRm9SMW1lcjdkanFFSlBTY2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX4CwAwQC
uRGMMA0GCSqGSIb3DQEBCwUAA4IBAQCNSVz2BY87V9g5qPzyvUuQMl2vFpoomF+8
/FzoIW4B4sV+1B+DOpDfb0bV1eLpEJBYHutOa7tzjtCMjI7ec892nFe4Um9aVLeN
KGG14l8uKev4OCxPg1PpCwOeqXrumDlK2HWN1C0th4Iw/8EwJlO2OaaIprPJ2w9Z
8JsHY2GBRYcfyAi6zg+g6yYUvwwinFfggij4u+Rc5khQvV+odflxtPotosf4XZMc
dAZyUoRxR7VdFFLdPEyjHoP1aSOKcIP24DLyfBPWyBzdXLaEIRnY3iKnh8QYY7kE
uGhjm0GSTC7Vv8aOfeVGV26Ou9eiyYk3frlZvwujLmBG7DcSoJB/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:58 2024 by rpki-client on console-ams.rpki-client.org