Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/y_caaXzUdbv59gX1uhfwkGKHM7I.roa
File: y_caaXzUdbv59gX1uhfwkGKHM7I.roa (raw, json)
Hash identifier: yUQZGcC0se778tycM4oX2L4FlcL4PpgF5EvlYFUyPZU=
Subject key identifier: CB:F7:1A:69:7C:D4:75:BB:F9:F6:05:F5:BA:17:F0:90:62:87:33:B2
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 018DB8AF22F7FA0E02F968DDAB0167CED560
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/y_caaXzUdbv59gX1uhfwkGKHM7I.roa
Signing time: Sat 17 Feb 2024 20:08:21 +0000
ROA not before: Sat 17 Feb 2024 20:08:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200373
IP address blocks: 95.141.242.0/24 maxlen: 24
2a0a:1f41::/32 maxlen: 32
2a13:3f80::/32 maxlen: 32
2a13:3f83::/32 maxlen: 32
2a13:3f84::/32 maxlen: 32
2a13:3f85::/32 maxlen: 32
2a13:3f86::/32 maxlen: 32
2a13:3f87::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 03 Mar 2024 21:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b8:af:22:f7:fa:0e:02:f9:68:dd:ab:01:67:ce:d5:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Feb 17 20:08:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbf71a697cd475bbf9f605f5ba17f090628733b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:78:79:9d:da:67:42:bf:2f:79:a1:46:61:81:
4e:16:b4:43:ad:0b:4b:ab:78:f9:1e:01:6a:df:71:
84:98:f0:af:10:e7:26:c2:63:bb:7f:cd:f7:01:e3:
d6:80:2a:c3:ce:a9:06:f0:ce:21:a0:89:e0:8f:9d:
e0:e2:88:e5:7a:d2:36:86:f0:d8:2e:a1:ce:42:c7:
3d:b4:d1:d9:89:6c:41:62:c8:b2:f8:82:34:fc:f5:
dc:7d:12:fc:b2:81:5a:f7:77:f3:1d:d6:50:f6:4d:
71:8e:fa:7a:71:da:78:44:83:dd:9a:80:fa:11:51:
6c:00:3f:c1:58:ff:f7:0a:bf:96:ef:ab:76:4c:7f:
d9:8d:3b:36:04:f9:37:a5:d7:e8:5c:49:55:08:4a:
4a:20:18:98:f2:b6:99:4b:63:67:94:ac:2b:66:1e:
7c:eb:05:96:11:cc:ba:54:52:1e:37:df:be:5e:00:
d3:e0:46:f1:a9:55:b4:cb:a3:1c:19:a4:6d:6f:c4:
c1:a5:e7:15:7e:30:a3:c1:04:16:00:f0:f3:dc:08:
19:24:40:b6:65:29:0e:68:d9:47:3f:d2:dd:46:28:
4e:99:fb:57:a2:8d:bf:2b:97:cf:85:97:79:f5:9c:
ae:a7:87:44:ca:76:5b:82:a6:8b:07:43:ae:d6:5c:
db:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F7:1A:69:7C:D4:75:BB:F9:F6:05:F5:BA:17:F0:90:62:87:33:B2
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/y_caaXzUdbv59gX1uhfwkGKHM7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.242.0/24
IPv6:
2a0a:1f41::/32
2a13:3f80::/32
2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
48:c9:7d:25:2b:9b:39:32:bc:72:8c:e8:fe:e8:6e:b8:6c:6c:
7c:9a:3d:66:f9:a8:2d:da:0f:fb:dd:c3:35:e9:d4:44:f7:3d:
75:c2:8e:ea:4b:2f:9b:c7:2d:66:64:21:95:a9:bd:80:de:a6:
b9:b7:7e:09:c9:ac:df:b8:75:d5:e0:cd:c7:56:e6:10:ed:ab:
26:37:b2:f2:0f:89:2e:51:e7:1e:c3:ab:51:50:b3:92:bc:1c:
d8:9e:5b:02:14:34:3f:ae:62:5c:08:62:fa:27:89:97:c5:28:
72:08:79:8d:f9:23:8c:11:a5:71:df:0e:f3:32:db:25:c0:60:
f5:68:98:b3:4e:5d:c4:8e:57:e1:67:58:e8:8e:99:1d:ce:86:
3e:ef:30:a9:cf:a7:c5:a4:f7:2b:92:7a:19:f5:da:a4:74:6e:
67:db:38:8d:96:3d:ff:da:26:17:77:d9:74:b9:26:54:b9:24:
5f:69:1a:20:c6:7f:3a:83:b1:51:14:b6:3b:3b:77:50:0b:15:
b5:6b:c1:7d:a6:ce:1a:c8:0b:96:63:29:a6:b2:bf:2e:09:79:
2e:1b:61:f1:9d:1c:d1:41:9b:e1:88:87:48:7f:e0:b3:da:86:
dc:cc:4d:18:ae:2d:97:c1:06:fe:87:a8:46:f2:82:b6:fe:0e:
75:89:fb:e8
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY24ryL3+g4C+WjdqwFnztVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjQwMjE3MjAwODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY3MWE2OTdjZDQ3NWJiZjlmNjA1ZjViYTE3ZjA5MDYyODczM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Hh5ndpnQr8veaFGYYFOFrRDrQtL
q3j5HgFq33GEmPCvEOcmwmO7f833AePWgCrDzqkG8M4hoIngj53g4ojletI2hvDY
LqHOQsc9tNHZiWxBYsiy+II0/PXcfRL8soFa93fzHdZQ9k1xjvp6cdp4RIPdmoD6
EVFsAD/BWP/3Cr+W76t2TH/ZjTs2BPk3pdfoXElVCEpKIBiY8raZS2NnlKwrZh58
6wWWEcy6VFIeN9++XgDT4EbxqVW0y6McGaRtb8TBpecVfjCjwQQWAPDz3AgZJEC2
ZSkOaNlHP9LdRihOmftXoo2/K5fPhZd59Zyup4dEynZbgqaLB0Ou1lzb0QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMv3Gml81HW7+fYF9boX8JBihzOyMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEveV9jYWFYelVkYnY1OWdYMXVoZndrR0tITTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAMBAIAATAGAwQAX43yMCQE
AgACMB4DBQAqCh9BAwUAKhM/gDAOAwUAKhM/gwMFAyoTP4AwDQYJKoZIhvcNAQEL
BQADggEBAEjJfSUrmzkyvHKM6P7obrhsbHyaPWb5qC3aD/vdwzXp1ET3PXXCjupL
L5vHLWZkIZWpvYDeprm3fgnJrN+4ddXgzcdW5hDtqyY3svIPiS5R5x7Dq1FQs5K8
HNieWwIUND+uYlwIYvoniZfFKHIIeY35I4wRpXHfDvMy2yXAYPVomLNOXcSOV+Fn
WOiOmR3Ohj7vMKnPp8Wk9yuSehn12qR0bmfbOI2WPf/aJhd32XS5JlS5JF9pGiDG
fzqDsVEUtjs7d1ALFbVrwX2mzhrIC5ZjKaayvy4JeS4bYfGdHNFBm+GIh0h/4LPa
htzMTRiuLZfBBv6HqEbygrb+DnWJ++g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:19 2024 by rpki-client on console-fra.rpki-client.org