Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/R6vPprH4VGPr8iJviP2zaWJqA_A.roa
File: R6vPprH4VGPr8iJviP2zaWJqA_A.roa (raw, json)
Hash identifier: jrVmMLzpOQhrLak+4VUW5HgJ3Ddhip3tlmgIJFI3CFU=
Subject key identifier: 47:AB:CF:A6:B1:F8:54:63:EB:F2:22:6F:88:FD:B3:69:62:6A:03:F0
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 018D7A07EAA220549A8FCAED0999C846F2E0
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/R6vPprH4VGPr8iJviP2zaWJqA_A.roa
Signing time: Mon 05 Feb 2024 16:09:15 +0000
ROA not before: Mon 05 Feb 2024 16:09:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200373
IP address blocks: 95.141.242.0/24 maxlen: 24
2a13:3f80::/32 maxlen: 32
2a13:3f83::/32 maxlen: 32
2a13:3f84::/32 maxlen: 32
2a13:3f85::/32 maxlen: 32
2a13:3f86::/32 maxlen: 32
2a13:3f87::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 17 Feb 2024 20:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:07:ea:a2:20:54:9a:8f:ca:ed:09:99:c8:46:f2:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Feb 5 16:09:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47abcfa6b1f85463ebf2226f88fdb369626a03f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:74:c6:34:5d:35:03:e3:76:8a:a9:72:19:2e:
38:de:ff:0b:3a:9d:da:a1:b1:a7:e1:bf:f3:ce:8d:
20:52:bc:38:c5:ad:09:3f:f4:4e:ae:51:0f:b2:32:
66:ac:66:0d:2e:e7:25:3c:b6:2e:10:ec:7e:96:1c:
ab:70:be:9b:d9:aa:ae:18:17:22:93:ff:d2:4d:cf:
28:b1:aa:cc:44:10:24:f2:71:d6:fb:ac:38:b6:0d:
c3:23:1e:fd:20:e3:e9:db:b8:20:6f:6f:fc:92:1c:
36:19:33:dc:a5:be:19:22:14:d8:cd:23:a2:c1:a0:
b3:8d:83:48:ed:2f:5d:45:74:30:05:bc:ea:ca:7e:
4e:37:94:91:4c:6b:36:5a:f0:21:e3:d5:2d:3c:06:
48:d5:8c:b5:6c:28:ba:6a:34:7c:14:be:fc:c8:3d:
f8:db:c0:4f:a7:7d:64:49:e7:d8:b3:79:43:17:69:
97:ee:b3:fa:c3:c8:a4:75:5c:4e:a9:de:7a:0b:b8:
c7:20:90:d6:f9:37:28:ff:d6:d9:36:b9:ad:04:58:
f9:5a:83:32:68:cb:ca:24:38:7b:62:b3:9d:9c:cb:
7e:f7:f8:0e:10:07:8e:10:6f:a3:60:f1:30:56:00:
67:1f:b0:d0:33:92:c2:86:fd:ff:bb:aa:07:8b:88:
70:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AB:CF:A6:B1:F8:54:63:EB:F2:22:6F:88:FD:B3:69:62:6A:03:F0
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/R6vPprH4VGPr8iJviP2zaWJqA_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.242.0/24
IPv6:
2a13:3f80::/32
2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0f:ab:5a:fc:12:e5:f6:db:3a:7b:e5:75:50:a6:7a:58:dc:0e:
bf:2a:ec:91:f5:9a:d5:26:a6:45:f7:c5:14:15:d4:1a:ce:f7:
99:ff:08:c8:0c:e1:a7:10:37:3f:3e:f6:c5:02:d9:fe:1e:0e:
3b:b2:57:dd:1d:94:6f:be:44:d8:75:5b:49:19:31:de:a3:95:
35:6b:33:2b:fa:cb:04:87:26:d1:ee:a1:d5:cd:c8:c1:af:97:
30:90:0f:3f:22:b8:7d:66:54:8c:2a:5a:00:c9:d8:0c:6b:47:
2b:5e:9c:8f:ae:46:d6:ca:7d:e5:7f:a1:d8:16:fa:da:d2:03:
99:84:2c:b6:9a:5c:a3:0a:0f:0e:f2:1a:c7:9e:43:76:a6:60:
6b:3c:ed:56:08:df:7b:53:94:e6:39:5b:7f:d3:5c:10:43:17:
24:d4:20:3c:95:2f:52:bd:c3:63:6c:98:2c:1d:69:de:f0:25:
13:f2:47:f3:6b:c9:03:90:b1:fc:08:6d:78:55:43:aa:79:9a:
b2:cd:b4:57:c1:db:38:bd:3c:73:d4:3b:f1:ea:16:f1:f6:56:
39:40:b8:c7:cd:64:6c:ee:a6:41:d2:34:dd:99:bd:1b:d5:42:
42:c5:da:17:09:17:57:76:d6:5c:14:48:07:14:64:3a:a7:25:
8b:1e:e9:b3
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY16B+qiIFSaj8rtCZnIRvLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjQwMjA1MTYwOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2FiY2ZhNmIxZjg1NDYzZWJmMjIyNmY4OGZkYjM2OTYyNmEwM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3TGNF01A+N2iqlyGS443v8LOp3a
obGn4b/zzo0gUrw4xa0JP/ROrlEPsjJmrGYNLuclPLYuEOx+lhyrcL6b2aquGBci
k//STc8osarMRBAk8nHW+6w4tg3DIx79IOPp27ggb2/8khw2GTPcpb4ZIhTYzSOi
waCzjYNI7S9dRXQwBbzqyn5ON5SRTGs2WvAh49UtPAZI1Yy1bCi6ajR8FL78yD34
28BPp31kSefYs3lDF2mX7rP6w8ikdVxOqd56C7jHIJDW+Tco/9bZNrmtBFj5WoMy
aMvKJDh7YrOdnMt+9/gOEAeOEG+jYPEwVgBnH7DQM5LChv3/u6oHi4hwuQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFEerz6ax+FRj6/Iib4j9s2liagPwMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvUjZ2UHBySDRWR1ByOGlKdmlQMnphV0pxQV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAX43yMB0E
AgACMBcDBQAqEz+AMA4DBQAqEz+DAwUDKhM/gDANBgkqhkiG9w0BAQsFAAOCAQEA
D6ta/BLl9ts6e+V1UKZ6WNwOvyrskfWa1SamRffFFBXUGs73mf8IyAzhpxA3Pz72
xQLZ/h4OO7JX3R2Ub75E2HVbSRkx3qOVNWszK/rLBIcm0e6h1c3Iwa+XMJAPPyK4
fWZUjCpaAMnYDGtHK16cj65G1sp95X+h2Bb62tIDmYQstppcowoPDvIax55DdqZg
azztVgjfe1OU5jlbf9NcEEMXJNQgPJUvUr3DY2yYLB1p3vAlE/JH82vJA5Cx/Aht
eFVDqnmass20V8HbOL08c9Q78eoW8fZWOUC4x81kbO6mQdI03Zm9G9VCQsXaFwkX
V3bWXBRIBxRkOqclix7psw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:11 2024 by rpki-client on console-ams.rpki-client.org