Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/6asJL2Sh0rkclXLCZz8D--xLwNU.roa
File: 6asJL2Sh0rkclXLCZz8D--xLwNU.roa (raw, json)
Hash identifier: 8HNJ+LZnasDj4JKwUZGCGjX6+5SRFjP5yBqiHbU1NuU=
Subject key identifier: E9:AB:09:2F:64:A1:D2:B9:1C:95:72:C2:67:3F:03:FB:EC:4B:C0:D5
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 018E063E94C6F28F715F9FC2C980ED7D1B20
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/6asJL2Sh0rkclXLCZz8D--xLwNU.roa
Signing time: Sun 03 Mar 2024 21:35:48 +0000
ROA not before: Sun 03 Mar 2024 21:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200373
IP address blocks: 95.141.242.0/24 maxlen: 24
2a0a:1f40::/32 maxlen: 32
2a0a:1f41::/32 maxlen: 32
2a13:3f80::/32 maxlen: 32
2a13:3f83::/32 maxlen: 32
2a13:3f84::/32 maxlen: 32
2a13:3f85::/32 maxlen: 32
2a13:3f86::/32 maxlen: 32
2a13:3f87::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Apr 2024 23:20:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:06:3e:94:c6:f2:8f:71:5f:9f:c2:c9:80:ed:7d:1b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Mar 3 21:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9ab092f64a1d2b91c9572c2673f03fbec4bc0d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e7:97:94:13:85:3e:87:54:07:40:c5:f2:84:
b6:cd:01:d9:d4:d6:72:b5:f1:ca:c0:1e:36:f7:62:
e0:c3:c5:8b:3a:6e:35:45:40:af:1e:46:be:8e:f9:
36:74:87:54:da:04:c9:e9:7d:cc:4a:91:de:7b:91:
2e:93:d3:63:79:3d:01:bd:8f:cf:32:31:d4:de:27:
f0:b1:04:21:ae:7b:57:c4:f2:a5:1a:bf:58:67:1f:
51:08:a8:8e:35:81:da:c8:1c:bd:34:58:b9:10:1c:
9a:a0:74:cf:e9:35:e5:c1:e0:f6:cd:a6:91:cd:28:
51:d0:43:74:e1:8d:6c:02:42:72:c3:4b:a4:79:51:
69:61:0f:93:73:8c:16:e3:f1:76:8e:4c:07:cc:5b:
b7:58:1e:f1:72:48:10:1c:95:f4:04:b4:09:e5:ee:
e7:aa:74:bf:96:e1:dc:66:06:66:d1:41:09:ba:e0:
f2:9e:78:a0:5b:24:77:b2:03:1c:f9:26:84:90:03:
7e:ac:d7:68:b8:cd:7a:ae:87:e5:ba:1d:12:53:b1:
b9:0b:ab:43:b1:e1:a4:22:48:e3:e6:df:05:15:c5:
76:80:d2:9b:0d:d0:c6:02:c5:55:d8:5e:bb:ba:af:
f4:b6:83:2b:08:86:a0:f5:0f:47:64:0f:1b:0d:37:
ba:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:AB:09:2F:64:A1:D2:B9:1C:95:72:C2:67:3F:03:FB:EC:4B:C0:D5
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/6asJL2Sh0rkclXLCZz8D--xLwNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.242.0/24
IPv6:
2a0a:1f40::/31
2a13:3f80::/32
2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3c:11:27:27:7b:1e:d7:a4:73:3c:68:01:ed:07:81:5a:33:e5:
6f:f9:2e:ba:60:fa:4c:5d:f6:21:8f:83:70:c3:ae:22:77:46:
b4:53:2f:42:cb:4d:c5:3d:de:8f:05:83:94:29:b9:13:b7:45:
f3:59:fc:40:d9:e2:66:de:7e:8f:55:69:60:31:69:8a:5e:b1:
b5:b6:5b:3c:99:d2:70:02:7d:3b:d2:4b:8c:15:2f:9b:2b:15:
4c:97:bd:fe:2d:c7:24:16:99:69:f5:ed:d2:3b:8a:ae:57:ad:
59:e1:4a:2b:0d:57:e8:0d:a9:af:80:85:71:b1:03:a6:5c:d2:
3d:e8:82:54:3d:3c:71:35:73:33:d3:73:a7:eb:ac:71:83:25:
d2:4f:d9:7f:64:1f:a8:40:31:38:23:1a:35:1f:4c:b9:73:a4:
1c:91:39:3b:8f:3c:06:de:01:c2:61:88:97:e0:2b:0b:2b:2c:
8f:4e:bf:a8:16:ba:a0:2f:bc:52:2d:32:22:5b:e0:25:d3:51:
d9:a8:4c:80:f5:66:1d:e5:da:e8:a6:59:84:0d:ae:75:4a:e1:
e4:99:ba:02:e9:d4:d3:82:49:48:cb:c2:0a:c8:09:bb:1f:51:
6e:34:a5:e3:28:6d:40:33:e8:95:ba:7d:c6:fd:68:ea:4e:26:
ee:3b:3e:5b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY4GPpTG8o9xX5/CyYDtfRsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjQwMzAzMjEzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWFiMDkyZjY0YTFkMmI5MWM5NTcyYzI2NzNmMDNmYmVjNGJjMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOeXlBOFPodUB0DF8oS2zQHZ1NZy
tfHKwB4292Lgw8WLOm41RUCvHka+jvk2dIdU2gTJ6X3MSpHee5Euk9NjeT0BvY/P
MjHU3ifwsQQhrntXxPKlGr9YZx9RCKiONYHayBy9NFi5EByaoHTP6TXlweD2zaaR
zShR0EN04Y1sAkJyw0ukeVFpYQ+Tc4wW4/F2jkwHzFu3WB7xckgQHJX0BLQJ5e7n
qnS/luHcZgZm0UEJuuDynnigWyR3sgMc+SaEkAN+rNdouM16rofluh0SU7G5C6tD
seGkIkjj5t8FFcV2gNKbDdDGAsVV2F67uq/0toMrCIag9Q9HZA8bDTe6fQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOmrCS9kodK5HJVywmc/A/vsS8DVMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvNmFzSkwyU2gwcmtjbFhMQ1p6OEQtLXhMd05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAMBAIAATAGAwQAX43yMCQE
AgACMB4DBQEqCh9AAwUAKhM/gDAOAwUAKhM/gwMFAyoTP4AwDQYJKoZIhvcNAQEL
BQADggEBADwRJyd7HtekczxoAe0HgVoz5W/5Lrpg+kxd9iGPg3DDriJ3RrRTL0LL
TcU93o8Fg5QpuRO3RfNZ/EDZ4mbefo9VaWAxaYpesbW2WzyZ0nACfTvSS4wVL5sr
FUyXvf4txyQWmWn17dI7iq5XrVnhSisNV+gNqa+AhXGxA6Zc0j3oglQ9PHE1czPT
c6frrHGDJdJP2X9kH6hAMTgjGjUfTLlzpByROTuPPAbeAcJhiJfgKwsrLI9Ov6gW
uqAvvFItMiJb4CXTUdmoTID1Zh3l2uimWYQNrnVK4eSZugLp1NOCSUjLwgrICbsf
UW40peMobUAz6JW6fcb9aOpOJu47Pls=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:19 2024 by rpki-client on console-fra.rpki-client.org