Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/cHeiX9enA2ZoJ33kae1kHmZ1zQ0.roa
File: cHeiX9enA2ZoJ33kae1kHmZ1zQ0.roa (raw, json)
Hash identifier: xWWvXx5RNQp5rP6Tz9Bp6MNNHkJJLJJdcb2483jICP0=
Subject key identifier: 70:77:A2:5F:D7:A7:03:66:68:27:7D:E4:69:ED:64:1E:66:75:CD:0D
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 018573686E8BE120FE66904E9AE9321DF4C5
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/cHeiX9enA2ZoJ33kae1kHmZ1zQ0.roa
Signing time: Mon 02 Jan 2023 16:55:01 +0000
ROA not before: Mon 02 Jan 2023 16:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48823
IP address blocks: 95.129.48.0/21 maxlen: 24
134.0.24.0/21 maxlen: 24
185.11.136.0/22 maxlen: 24
2a03:2900::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:6e:8b:e1:20:fe:66:90:4e:9a:e9:32:1d:f4:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 2 16:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7077a25fd7a7036668277de469ed641e6675cd0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:45:ea:35:d7:e4:39:d7:a9:f4:16:94:f4:0a:
4c:d1:7e:99:37:40:a3:7a:9f:3a:8c:3d:72:05:6a:
f2:dd:af:60:d6:5d:fe:09:66:7b:6d:8f:1f:af:40:
c4:5c:8b:4f:f2:64:0c:cd:76:79:d0:04:e8:4b:35:
3c:8c:1a:df:40:33:34:8a:e5:1d:3a:0b:48:17:35:
75:98:22:8e:83:b5:2d:e7:7c:17:85:69:83:97:57:
aa:cd:4b:fe:59:3f:f5:fc:8c:60:08:c5:d5:35:cf:
42:84:66:d9:13:e6:37:44:08:e1:87:73:e0:8c:14:
c5:76:25:bc:9a:ab:84:53:0e:cb:8b:7a:3d:43:53:
ed:44:09:b2:42:41:d1:ce:a2:69:df:b7:33:4b:63:
c6:a7:be:5c:58:3a:02:d0:d2:83:4e:3b:dc:00:2b:
f1:a0:ef:7c:0c:cd:cb:ca:a4:6e:fd:33:40:59:8f:
d9:28:63:79:17:3c:ee:75:17:68:6b:07:f9:52:1e:
2e:cd:3c:c1:77:e0:f0:8a:09:e3:2c:11:bc:88:fe:
92:9a:51:31:85:65:68:1e:70:b9:06:0a:ae:f7:9f:
e6:bd:a6:b8:94:17:e2:b3:44:9d:57:f3:40:3a:5e:
3a:c3:4c:b9:e2:f4:8a:94:13:2e:0a:bb:97:48:98:
d3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:77:A2:5F:D7:A7:03:66:68:27:7D:E4:69:ED:64:1E:66:75:CD:0D
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/cHeiX9enA2ZoJ33kae1kHmZ1zQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.48.0/21
134.0.24.0/21
185.11.136.0/22
IPv6:
2a03:2900::/32
Signature Algorithm: sha256WithRSAEncryption
83:0d:99:2f:5b:b6:70:3b:91:e2:22:41:85:bb:1e:41:99:f8:
bb:fa:fd:af:fa:0d:c1:ff:7d:d2:34:a1:09:c5:fd:00:a3:55:
32:b1:5c:82:01:ae:15:98:ea:66:48:ed:43:09:4e:8a:78:e4:
fa:fd:fa:04:34:38:1e:70:d4:09:1c:c4:9a:fe:2a:45:33:c8:
1b:73:5f:02:77:0a:e3:3c:90:cf:91:ff:71:2e:4b:43:5b:41:
7f:b2:c5:8f:80:74:90:51:c4:10:17:cc:1e:b4:7f:6c:12:2b:
6a:30:9a:e0:e9:c0:fc:ac:36:fa:c9:74:71:1f:c9:d7:f2:f4:
08:17:84:86:c0:15:af:32:55:6c:ea:5b:ed:fd:65:73:e5:b6:
ae:dc:50:1e:40:11:f7:9e:95:cb:31:ce:92:15:ec:35:eb:c3:
97:42:5e:0f:23:95:eb:46:90:12:5d:86:a9:fe:55:47:1e:6b:
7d:f0:b6:72:b1:45:b2:85:88:62:a9:4d:c8:ec:2f:76:b7:11:
72:60:7d:93:f1:8a:01:87:ef:9c:14:12:ad:9b:0b:52:0e:3d:
e9:d6:19:c7:09:18:68:9a:a5:22:14:27:f8:11:2d:00:98:2a:
1d:2b:8e:b8:19:32:df:21:b8:c3:45:22:c4:be:00:81:23:3a:
54:5c:f6:58
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVzaG6L4SD+ZpBOmukyHfTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjMwMTAyMTY1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc3YTI1ZmQ3YTcwMzY2NjgyNzdkZTQ2OWVkNjQxZTY2NzVjZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUXqNdfkOdep9BaU9ApM0X6ZN0Cj
ep86jD1yBWry3a9g1l3+CWZ7bY8fr0DEXItP8mQMzXZ50AToSzU8jBrfQDM0iuUd
OgtIFzV1mCKOg7Ut53wXhWmDl1eqzUv+WT/1/IxgCMXVNc9ChGbZE+Y3RAjhh3Pg
jBTFdiW8mquEUw7Li3o9Q1PtRAmyQkHRzqJp37czS2PGp75cWDoC0NKDTjvcACvx
oO98DM3LyqRu/TNAWY/ZKGN5FzzudRdoawf5Uh4uzTzBd+DwignjLBG8iP6SmlEx
hWVoHnC5Bgqu95/mvaa4lBfis0SdV/NAOl46w0y54vSKlBMuCruXSJjTDwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHB3ol/XpwNmaCd95GntZB5mdc0NMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvY0hlaVg5ZW5BMlpvSjMza2FlMWtIbVoxelEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDX4EwAwQD
hgAYAwQCuQuIMA0EAgACMAcDBQAqAykAMA0GCSqGSIb3DQEBCwUAA4IBAQCDDZkv
W7ZwO5HiIkGFux5Bmfi7+v2v+g3B/33SNKEJxf0Ao1UysVyCAa4VmOpmSO1DCU6K
eOT6/foENDgecNQJHMSa/ipFM8gbc18CdwrjPJDPkf9xLktDW0F/ssWPgHSQUcQQ
F8wetH9sEitqMJrg6cD8rDb6yXRxH8nX8vQIF4SGwBWvMlVs6lvt/WVz5bau3FAe
QBH3npXLMc6SFew168OXQl4PI5XrRpASXYap/lVHHmt98LZysUWyhYhiqU3I7C92
txFyYH2T8YoBh++cFBKtmwtSDj3p1hnHCRhomqUiFCf4ES0AmCodK464GTLfIbjD
RSLEvgCBIzpUXPZY
Generated at Thu Dec 28 05:05:38 2023 by rpki-client on console-fra.rpki-client.org