Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/ZqimjlqxkgQIdxy2oiEEmAR9IQg.roa
File: ZqimjlqxkgQIdxy2oiEEmAR9IQg.roa (raw, json)
Hash identifier: hMSbu9IJ8LjqhxLmbBGRle2ABmhM1y51R2b/8Bf/NJA=
Subject key identifier: 66:A8:A6:8E:5A:B1:92:04:08:77:1C:B6:A2:21:04:98:04:7D:21:08
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 018CAE80133E0132EA0A0F502EF7C2492A52
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/ZqimjlqxkgQIdxy2oiEEmAR9IQg.roa
Signing time: Thu 28 Dec 2023 03:37:58 +0000
ROA not before: Thu 28 Dec 2023 03:37:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48823
IP address blocks: 95.129.48.0/21 maxlen: 24
134.0.24.0/21 maxlen: 24
185.11.136.0/22 maxlen: 24
2a03:2900::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ae:80:13:3e:01:32:ea:0a:0f:50:2e:f7:c2:49:2a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Dec 28 03:37:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66a8a68e5ab1920408771cb6a2210498047d2108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:06:d1:6a:55:a1:96:0d:38:84:e5:79:6b:bc:
36:8d:3e:4e:f4:16:7a:b8:71:0e:27:6b:c4:e0:a9:
28:dc:59:86:4c:b4:9a:b0:d4:19:ed:79:f3:93:ee:
eb:1b:ce:46:43:0c:2d:15:c5:57:af:93:e5:c3:a8:
c6:d8:b1:09:45:a3:7c:25:b5:b4:9e:6a:53:bc:c2:
a9:68:d4:86:29:a5:53:41:d9:6e:57:37:4d:1c:b9:
38:ac:fa:9d:14:af:e5:a3:b3:26:9b:99:c5:83:5f:
0d:40:a4:20:e7:94:e3:8d:60:28:b1:60:e5:40:67:
b3:4a:47:aa:77:03:04:c1:f0:d2:27:ec:0c:76:76:
30:e5:ac:b9:8b:51:8d:bb:7d:33:5c:c0:46:2b:14:
1f:28:8e:16:12:ce:27:9e:b5:79:5c:b4:9b:26:61:
7b:7b:5e:6d:e0:75:0b:24:45:bc:d2:72:55:53:b0:
a2:a1:a8:74:26:7d:11:3b:f5:db:dd:7d:c2:5b:9f:
ad:c5:e1:02:ee:5b:e7:fb:d8:73:87:2d:71:5f:fc:
f6:0e:5b:e3:4c:6b:ad:b0:aa:c8:b7:95:27:6c:d0:
63:9a:2c:58:0c:93:97:ec:18:38:ea:2e:1c:6a:73:
69:99:5f:84:68:ae:0b:48:2b:c1:91:92:db:49:53:
7b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A8:A6:8E:5A:B1:92:04:08:77:1C:B6:A2:21:04:98:04:7D:21:08
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/ZqimjlqxkgQIdxy2oiEEmAR9IQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.48.0/21
134.0.24.0/21
185.11.136.0/22
IPv6:
2a03:2900::/32
Signature Algorithm: sha256WithRSAEncryption
43:ef:42:8b:8f:45:93:7d:d2:22:16:5b:44:47:18:dc:af:69:
6b:4c:e0:de:c6:cf:5d:5b:a7:b8:6d:de:ea:14:60:66:68:67:
96:dc:43:25:32:69:58:f8:a4:75:e4:b6:23:44:9e:fa:d8:25:
fe:bb:eb:5b:1f:58:fd:51:e8:b5:ce:c5:91:c8:83:ec:8b:6a:
37:9d:e3:40:73:4a:4a:df:b6:14:26:61:af:ca:74:e8:d4:2b:
5a:73:63:da:92:76:6b:05:3e:e2:63:53:d9:9b:96:02:0b:fc:
c2:f7:05:c6:76:c4:22:c8:d6:bc:65:d7:77:18:4d:48:ee:d7:
2a:99:97:31:18:47:52:96:0e:89:5b:81:08:d9:dd:56:4b:32:
c8:0a:b3:d6:64:9a:3b:fc:df:04:63:e6:6a:93:fd:bb:a4:a8:
7a:26:0e:84:8a:dd:ca:40:04:1c:38:8e:de:a0:7f:26:9c:83:
ff:8a:2f:e3:90:a2:51:1d:98:c4:ec:d8:af:93:bc:dc:1e:38:
54:91:3e:ed:22:c9:17:27:9a:5c:b8:fd:35:76:bd:73:a8:d8:
63:9b:59:42:95:a9:9f:29:e3:78:c2:9d:a7:15:1f:53:02:be:
8d:ab:48:d0:59:c2:08:31:c2:78:f4:7a:24:f3:95:ab:25:bd:
d8:70:8c:9a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYyugBM+ATLqCg9QLvfCSSpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjMxMjI4MDMzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmE4YTY4ZTVhYjE5MjA0MDg3NzFjYjZhMjIxMDQ5ODA0N2QyMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAbRalWhlg04hOV5a7w2jT5O9BZ6
uHEOJ2vE4Kko3FmGTLSasNQZ7Xnzk+7rG85GQwwtFcVXr5Plw6jG2LEJRaN8JbW0
nmpTvMKpaNSGKaVTQdluVzdNHLk4rPqdFK/lo7Mmm5nFg18NQKQg55TjjWAosWDl
QGezSkeqdwMEwfDSJ+wMdnYw5ay5i1GNu30zXMBGKxQfKI4WEs4nnrV5XLSbJmF7
e15t4HULJEW80nJVU7Cioah0Jn0RO/Xb3X3CW5+txeEC7lvn+9hzhy1xX/z2Dlvj
TGutsKrIt5UnbNBjmixYDJOX7Bg46i4canNpmV+EaK4LSCvBkZLbSVN7+QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGaopo5asZIECHcctqIhBJgEfSEIMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvWnFpbWpscXhrZ1FJZHh5Mm9pRUVtQVI5SVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDX4EwAwQD
hgAYAwQCuQuIMA0EAgACMAcDBQAqAykAMA0GCSqGSIb3DQEBCwUAA4IBAQBD70KL
j0WTfdIiFltERxjcr2lrTODexs9dW6e4bd7qFGBmaGeW3EMlMmlY+KR15LYjRJ76
2CX+u+tbH1j9Uei1zsWRyIPsi2o3neNAc0pK37YUJmGvynTo1Ctac2PaknZrBT7i
Y1PZm5YCC/zC9wXGdsQiyNa8Zdd3GE1I7tcqmZcxGEdSlg6JW4EI2d1WSzLICrPW
ZJo7/N8EY+Zqk/27pKh6Jg6Eit3KQAQcOI7eoH8mnIP/ii/jkKJRHZjE7Nivk7zc
HjhUkT7tIskXJ5pcuP01dr1zqNhjm1lClamfKeN4wp2nFR9TAr6Nq0jQWcIIMcJ4
9Hok85WrJb3YcIya
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:53 2024 by rpki-client on console-ams.rpki-client.org