Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a7ae11-121a-4f22-be3f-e907af07ff11/1/Z96xLy1j_uB_LBlhE326aiVEDZ0.roa
File: Z96xLy1j_uB_LBlhE326aiVEDZ0.roa (raw, json)
Hash identifier: ep0YAGsN6zGN1qI4YRO4fRPsoTVNY1x/SElPvCfrLdc=
Subject key identifier: 67:DE:B1:2F:2D:63:FE:E0:7F:2C:19:61:13:7D:BA:6A:25:44:0D:9D
Certificate issuer: /CN=5227b36e829e4d8565ed65748e1b1c93ccd00cee
Certificate serial: 01856E2FA12E2EBB7412B682A70B171C60AB
Authority key identifier: 52:27:B3:6E:82:9E:4D:85:65:ED:65:74:8E:1B:1C:93:CC:D0:0C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UiezboKeTYVl7WV0jhsck8zQDO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/a7ae11-121a-4f22-be3f-e907af07ff11/1/Z96xLy1j_uB_LBlhE326aiVEDZ0.roa
Signing time: Sun 01 Jan 2023 16:34:53 +0000
ROA not before: Sun 01 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48940
IP address blocks: 185.78.32.0/22 maxlen: 22
185.78.32.0/23 maxlen: 23
185.78.34.0/23 maxlen: 23
95.181.250.0/23 maxlen: 23
95.181.248.0/22 maxlen: 22
95.181.248.0/21 maxlen: 21
95.181.248.0/23 maxlen: 23
95.181.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:a1:2e:2e:bb:74:12:b6:82:a7:0b:17:1c:60:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5227b36e829e4d8565ed65748e1b1c93ccd00cee
Validity
Not Before: Jan 1 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67deb12f2d63fee07f2c1961137dba6a25440d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f7:79:c9:32:f9:51:69:4b:e5:21:e1:d9:b1:
2b:98:6c:8d:b0:69:c0:f7:20:e0:7b:a7:fa:7a:77:
54:e8:de:e6:53:b2:b9:a4:a4:38:31:bd:f0:76:c6:
23:6d:72:a3:02:7c:59:26:b0:55:cb:86:6d:95:f4:
9c:83:61:52:3c:b4:76:97:27:28:44:e9:aa:59:c2:
d3:20:33:a9:b6:86:07:5d:0f:fd:05:37:6d:b0:d6:
80:34:46:51:c8:be:08:b1:e1:4d:ab:84:78:cb:b3:
d8:89:ef:69:17:f3:62:7f:2d:bf:cc:d9:67:a1:9b:
a1:8b:e4:2d:22:3e:89:a5:b4:9a:b5:ee:dc:7b:d1:
be:1d:e8:e1:5d:7b:94:7f:65:e4:61:fd:5b:3d:72:
31:07:f5:93:82:be:f2:37:75:5c:4f:01:90:07:33:
45:58:68:2d:54:3c:e4:58:a5:14:0e:25:b2:6d:12:
81:c5:d2:f3:40:95:6d:03:1d:9d:96:8b:dc:24:dd:
fd:9a:68:65:19:03:2b:77:43:7d:bb:de:b7:2f:4a:
f1:cc:97:ac:24:fa:5c:40:9d:d4:98:a0:cd:36:63:
54:ac:88:45:60:f0:c4:ea:ed:69:bd:39:d5:94:36:
71:37:88:fe:40:1f:de:7e:ac:47:cb:d9:4f:15:92:
75:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DE:B1:2F:2D:63:FE:E0:7F:2C:19:61:13:7D:BA:6A:25:44:0D:9D
X509v3 Authority Key Identifier:
keyid:52:27:B3:6E:82:9E:4D:85:65:ED:65:74:8E:1B:1C:93:CC:D0:0C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UiezboKeTYVl7WV0jhsck8zQDO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a7ae11-121a-4f22-be3f-e907af07ff11/1/Z96xLy1j_uB_LBlhE326aiVEDZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a7ae11-121a-4f22-be3f-e907af07ff11/1/UiezboKeTYVl7WV0jhsck8zQDO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.248.0/21
185.78.32.0/22
Signature Algorithm: sha256WithRSAEncryption
51:16:d9:4d:de:9b:ab:74:45:60:df:ee:83:ac:2b:1c:3e:8c:
3c:01:12:23:26:e2:f3:35:73:62:27:3f:91:7f:e9:fe:c2:4d:
a0:4f:17:29:4f:8f:c4:c0:fd:4f:17:af:26:e7:1c:06:b2:2a:
5a:55:94:83:c5:ef:e4:df:13:6d:73:94:f5:0d:3c:47:06:f7:
84:b4:7b:09:4b:86:55:31:b9:e4:98:ef:11:16:be:7b:30:bb:
df:f0:ee:a8:93:78:67:ae:93:13:36:1b:e9:3b:7e:08:e6:2d:
e8:00:bd:75:fc:08:e6:48:53:6d:6f:ad:20:53:10:bb:07:8a:
e3:a3:02:9d:45:a4:2d:89:0f:60:fb:52:55:65:37:2f:e6:17:
3b:21:b0:59:53:94:72:51:82:f3:92:a2:4b:f2:b2:6d:1e:f6:
d6:24:2e:7b:47:cd:4c:03:9b:08:92:75:52:c4:7f:37:24:2b:
c9:18:da:a5:ec:91:3d:95:8b:52:27:9a:9b:97:3a:81:24:67:
20:c5:b1:83:a9:85:8c:69:c1:08:4b:df:02:7b:7b:b4:17:a7:
c0:55:66:fd:3c:1b:95:e6:58:71:d6:30:61:5c:78:46:f5:3d:
1a:ce:8e:0a:2c:c1:ad:ed:85:39:ad:7e:12:2d:4b:42:3a:03:
ee:ec:b2:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuL6EuLrt0EraCpwsXHGCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMjdiMzZlODI5ZTRkODU2NWVkNjU3NDhlMWIxYzkzY2Nk
MDBjZWUwHhcNMjMwMTAxMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2RlYjEyZjJkNjNmZWUwN2YyYzE5NjExMzdkYmE2YTI1NDQwZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPd5yTL5UWlL5SHh2bErmGyNsGnA
9yDge6f6endU6N7mU7K5pKQ4Mb3wdsYjbXKjAnxZJrBVy4ZtlfScg2FSPLR2lyco
ROmqWcLTIDOptoYHXQ/9BTdtsNaANEZRyL4IseFNq4R4y7PYie9pF/Nify2/zNln
oZuhi+QtIj6JpbSate7ce9G+HejhXXuUf2XkYf1bPXIxB/WTgr7yN3VcTwGQBzNF
WGgtVDzkWKUUDiWybRKBxdLzQJVtAx2dlovcJN39mmhlGQMrd0N9u963L0rxzJes
JPpcQJ3UmKDNNmNUrIhFYPDE6u1pvTnVlDZxN4j+QB/efqxHy9lPFZJ1jQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGfesS8tY/7gfywZYRN9umolRA2dMB8GA1UdIwQY
MBaAFFIns26Cnk2FZe1ldI4bHJPM0AzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWllemJvS2VUWVZsN1dWMGpoc2NrOHpRRE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hN2FlMTEtMTIxYS00ZjIyLWJlM2Yt
ZTkwN2FmMDdmZjExLzEvWjk2eEx5MWpfdUJfTEJsaEUzMjZhaVZFRFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hN2FlMTEtMTIxYS00ZjIyLWJlM2YtZTkwN2FmMDdmZjEx
LzEvVWllemJvS2VUWVZsN1dWMGpoc2NrOHpRRE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX7X4AwQC
uU4gMA0GCSqGSIb3DQEBCwUAA4IBAQBRFtlN3purdEVg3+6DrCscPow8ARIjJuLz
NXNiJz+Rf+n+wk2gTxcpT4/EwP1PF68m5xwGsipaVZSDxe/k3xNtc5T1DTxHBveE
tHsJS4ZVMbnkmO8RFr57MLvf8O6ok3hnrpMTNhvpO34I5i3oAL11/AjmSFNtb60g
UxC7B4rjowKdRaQtiQ9g+1JVZTcv5hc7IbBZU5RyUYLzkqJL8rJtHvbWJC57R81M
A5sIknVSxH83JCvJGNql7JE9lYtSJ5qblzqBJGcgxbGDqYWMacEIS98Ce3u0F6fA
VWb9PBuV5lhx1jBhXHhG9T0azo4KLMGt7YU5rX4SLUtCOgPu7LI1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:00 2024 by rpki-client on console-ams.rpki-client.org