Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/470cb8-eb6a-4934-9d47-968d0c7f22bb/1/1-wlfiXoSdkAKCk1xIrdnexdD-3w.roa
File: 1-wlfiXoSdkAKCk1xIrdnexdD-3w.roa (raw, json)
Hash identifier: h2ANJ4/U3GZQfUX2mPC+6WtzE67bMOL4Zt06Ck35WuY=
Subject key identifier: FB:09:5F:89:7A:12:76:40:0A:0A:4D:71:22:B7:67:7B:17:43:FB:7C
Certificate issuer: /CN=72e5b57bb398d5e1839a3fe4254df70d712ce14a
Certificate serial: 0189989EBCD12DA3F71D178FD8F8E197351F
Authority key identifier: 72:E5:B5:7B:B3:98:D5:E1:83:9A:3F:E4:25:4D:F7:0D:71:2C:E1:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuW1e7OY1eGDmj_kJU33DXEs4Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/470cb8-eb6a-4934-9d47-968d0c7f22bb/1/1-wlfiXoSdkAKCk1xIrdnexdD-3w.roa
Signing time: Thu 27 Jul 2023 18:31:27 +0000
ROA not before: Thu 27 Jul 2023 18:31:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211686
IP address blocks: 185.95.1.0/24 maxlen: 24
185.15.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:98:9e:bc:d1:2d:a3:f7:1d:17:8f:d8:f8:e1:97:35:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e5b57bb398d5e1839a3fe4254df70d712ce14a
Validity
Not Before: Jul 27 18:31:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb095f897a1276400a0a4d7122b7677b1743fb7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c2:0a:48:06:77:94:bb:16:ab:7c:a9:ec:48:
fa:e2:2e:f8:53:6f:b0:8f:88:b2:9f:d7:1e:b3:5d:
ce:db:48:7d:b4:ff:b1:75:5e:30:e2:dc:7d:82:80:
2b:f2:62:c9:45:e5:6e:28:d2:54:63:a6:ed:8c:28:
e1:d4:23:3c:0d:64:62:98:bf:ab:4f:bc:da:2a:12:
a9:83:46:2a:f2:d3:9b:22:15:2f:f6:82:30:2d:73:
f8:b3:75:4e:ef:eb:df:f4:da:2f:fb:ae:b5:bb:37:
3c:46:0d:32:61:28:54:58:23:40:8d:6f:34:dc:d5:
05:cc:29:a4:7d:c9:79:b4:ac:6f:84:09:f0:35:44:
40:a9:fb:59:d8:89:68:39:64:db:63:b9:8f:97:88:
78:aa:c9:55:86:e1:b9:7a:8d:f2:b8:5a:6b:b2:0a:
d1:88:20:13:e4:24:27:9b:d5:2d:a4:8a:1c:01:80:
c6:40:21:18:3a:e3:96:6c:31:0b:d8:28:6f:bc:0d:
da:a8:69:07:a4:a6:26:97:23:f7:de:69:cd:5b:d1:
0b:6c:0c:0d:5c:90:9c:5b:e0:71:a8:84:0c:bc:8d:
0c:c5:0b:1e:48:95:3c:cb:da:f3:3f:17:05:35:d4:
9e:88:19:03:19:31:0d:6d:37:bb:87:fb:0c:09:36:
a0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:09:5F:89:7A:12:76:40:0A:0A:4D:71:22:B7:67:7B:17:43:FB:7C
X509v3 Authority Key Identifier:
keyid:72:E5:B5:7B:B3:98:D5:E1:83:9A:3F:E4:25:4D:F7:0D:71:2C:E1:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuW1e7OY1eGDmj_kJU33DXEs4Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/470cb8-eb6a-4934-9d47-968d0c7f22bb/1/1-wlfiXoSdkAKCk1xIrdnexdD-3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/470cb8-eb6a-4934-9d47-968d0c7f22bb/1/cuW1e7OY1eGDmj_kJU33DXEs4Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.199.0/24
185.95.1.0/24
Signature Algorithm: sha256WithRSAEncryption
23:7e:67:9e:ad:e6:cf:4b:60:cc:19:3b:fa:e0:af:71:bf:e0:
f3:7d:66:45:7d:88:97:e8:a8:a6:b0:dc:48:f2:37:16:fc:51:
88:7c:e9:95:d4:a4:12:22:62:e9:40:d9:43:3d:b4:a2:4b:8c:
43:de:e9:c2:4d:9f:04:13:31:b4:36:98:6b:4f:b5:85:cf:97:
c1:5d:a3:e2:72:f3:73:06:55:ae:1f:25:ac:5e:4d:c9:cc:f5:
0a:31:7b:0f:2a:66:2f:26:b7:a2:c5:25:d7:60:15:2b:34:58:
e6:25:a4:3a:3f:4d:2b:28:99:37:f5:72:56:fd:f7:6b:df:5f:
11:c4:91:f8:77:35:31:24:70:4d:44:f6:40:96:a7:37:30:72:
b4:d6:7f:9a:6b:1d:04:a8:02:0e:2c:4b:f2:e3:e2:69:c1:d8:
a4:6d:e5:a8:23:e7:dd:c4:7d:51:54:9f:42:af:fd:1b:ee:f1:
a1:35:76:00:70:ee:1e:95:7a:0f:84:39:09:f9:2f:3c:ac:64:
f4:4e:83:5d:aa:9f:64:15:f0:c6:fa:71:f6:2d:98:ca:a5:69:
b8:54:d6:94:52:ba:f3:8c:f5:7d:1f:84:af:e2:23:5b:ae:1a:
a8:90:e8:61:8e:08:1b:a1:27:6f:9d:4e:a6:b4:7c:02:01:e9:
ed:e5:47:65
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYmYnrzRLaP3HReP2PjhlzUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTViNTdiYjM5OGQ1ZTE4MzlhM2ZlNDI1NGRmNzBkNzEy
Y2UxNGEwHhcNMjMwNzI3MTgzMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjA5NWY4OTdhMTI3NjQwMGEwYTRkNzEyMmI3Njc3YjE3NDNmYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcIKSAZ3lLsWq3yp7Ej64i74U2+w
j4iyn9ces13O20h9tP+xdV4w4tx9goAr8mLJReVuKNJUY6btjCjh1CM8DWRimL+r
T7zaKhKpg0Yq8tObIhUv9oIwLXP4s3VO7+vf9Nov+661uzc8Rg0yYShUWCNAjW80
3NUFzCmkfcl5tKxvhAnwNURAqftZ2IloOWTbY7mPl4h4qslVhuG5eo3yuFprsgrR
iCAT5CQnm9UtpIocAYDGQCEYOuOWbDEL2ChvvA3aqGkHpKYmlyP33mnNW9ELbAwN
XJCcW+BxqIQMvI0MxQseSJU8y9rzPxcFNdSeiBkDGTENbTe7h/sMCTagjwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPsJX4l6EnZACgpNcSK3Z3sXQ/t8MB8GA1UdIwQY
MBaAFHLltXuzmNXhg5o/5CVN9w1xLOFKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VXMWU3T1kxZUdEbWpfa0pVMzNEWEVzNFVvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80NzBjYjgtZWI2YS00OTM0LTlkNDct
OTY4ZDBjN2YyMmJiLzEvMS13bGZpWG9TZGtBS0NrMXhJcmRuZXhkRC0zdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTkvNDcwY2I4LWViNmEtNDkzNC05ZDQ3LTk2OGQwYzdmMjJi
Yi8xL2N1VzFlN09ZMWVHRG1qX2tKVTMzRFhFczRVby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALkPxwME
ALlfATANBgkqhkiG9w0BAQsFAAOCAQEAI35nnq3mz0tgzBk7+uCvcb/g831mRX2I
l+ioprDcSPI3FvxRiHzpldSkEiJi6UDZQz20okuMQ97pwk2fBBMxtDaYa0+1hc+X
wV2j4nLzcwZVrh8lrF5Nycz1CjF7DypmLya3osUl12AVKzRY5iWkOj9NKyiZN/Vy
Vv33a99fEcSR+Hc1MSRwTUT2QJanNzBytNZ/mmsdBKgCDixL8uPiacHYpG3lqCPn
3cR9UVSfQq/9G+7xoTV2AHDuHpV6D4Q5CfkvPKxk9E6DXaqfZBXwxvpx9i2YyqVp
uFTWlFK684z1fR+Er+IjW64aqJDoYY4IG6Enb51OprR8AgHp7eVHZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:25 2024 by rpki-client on console-ams.rpki-client.org