Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/TyHp8SrpP1kbbFiP8GchOUXgDtE.roa
File: TyHp8SrpP1kbbFiP8GchOUXgDtE.roa (raw, json)
Hash identifier: ozsiLymPogqXWmfKh13XAW5OQtn/LHDTTrMlcBSE6Jo=
Subject key identifier: 4F:21:E9:F1:2A:E9:3F:59:1B:6C:58:8F:F0:67:21:39:45:E0:0E:D1
Certificate issuer: /CN=65d9e9266eecabc0fd4a6077eb0ba8fa9f3bde27
Certificate serial: 01856B8A4300858F7CED2B62312A5A899CB3
Authority key identifier: 65:D9:E9:26:6E:EC:AB:C0:FD:4A:60:77:EB:0B:A8:FA:9F:3B:DE:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdnpJm7sq8D9SmB36wuo-p873ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/TyHp8SrpP1kbbFiP8GchOUXgDtE.roa
Signing time: Sun 01 Jan 2023 04:15:01 +0000
ROA not before: Sun 01 Jan 2023 04:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 95.214.50.0/24 maxlen: 24
95.214.51.0/24 maxlen: 24
95.214.48.0/24 maxlen: 24
95.214.49.0/24 maxlen: 24
2a09:d682::/32 maxlen: 48
2a09:d685::/32 maxlen: 48
2a09:d686::/32 maxlen: 48
2a09:d681::/32 maxlen: 48
2a09:d683::/32 maxlen: 48
2a09:d684::/32 maxlen: 48
2a09:d687::/32 maxlen: 48
2a09:d680::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:43:00:85:8f:7c:ed:2b:62:31:2a:5a:89:9c:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65d9e9266eecabc0fd4a6077eb0ba8fa9f3bde27
Validity
Not Before: Jan 1 04:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f21e9f12ae93f591b6c588ff067213945e00ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ef:a0:32:d2:c1:39:6e:53:62:fd:3d:39:e1:
1b:8a:32:3b:05:05:a8:c2:3e:e4:3c:0a:d1:bb:42:
3b:7b:af:94:ac:8f:4b:a5:7d:aa:9b:34:c9:7f:77:
dd:af:65:86:d3:ac:b8:fa:f4:03:80:8b:d0:5a:34:
46:b4:63:dc:ee:ad:99:d3:66:38:5c:d0:58:c3:86:
35:e0:76:97:16:04:e0:35:af:e9:52:e7:4d:da:33:
ab:db:b6:02:e6:04:04:c6:c6:0f:27:1c:54:ad:fc:
c9:b2:0b:d6:c0:24:06:cb:9c:ea:4b:ab:fd:5b:fc:
0d:79:7a:d8:be:6c:d3:88:93:53:3b:a6:32:a7:a5:
1a:ba:06:c9:5a:7f:c3:e7:c3:3b:8c:d8:b3:f5:2e:
f6:64:fe:ea:85:5c:b4:7e:e9:19:2b:00:00:50:1a:
8e:ad:5a:b7:57:36:20:2e:44:3f:01:0e:a9:7a:47:
2a:17:7f:94:7b:f2:45:53:34:08:fb:b4:26:31:bf:
e5:9f:09:47:af:da:12:0b:31:d1:e4:a6:68:2b:fe:
0c:ec:cb:a5:41:e0:41:57:c9:5e:09:a7:84:8b:26:
db:a4:03:12:12:5b:db:9b:cf:cc:2c:a0:f7:72:99:
e9:ac:5f:9f:e6:16:f2:15:fd:de:c2:8c:32:e3:be:
8f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:21:E9:F1:2A:E9:3F:59:1B:6C:58:8F:F0:67:21:39:45:E0:0E:D1
X509v3 Authority Key Identifier:
keyid:65:D9:E9:26:6E:EC:AB:C0:FD:4A:60:77:EB:0B:A8:FA:9F:3B:DE:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdnpJm7sq8D9SmB36wuo-p873ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/TyHp8SrpP1kbbFiP8GchOUXgDtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/ZdnpJm7sq8D9SmB36wuo-p873ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.48.0/22
IPv6:
2a09:d680::/29
Signature Algorithm: sha256WithRSAEncryption
3b:9a:90:8a:29:59:f2:fc:ec:09:19:09:0c:a1:d5:ac:01:4f:
cf:68:87:38:81:98:3e:e8:8e:da:1c:a4:b1:c7:42:e0:40:bc:
d6:8a:df:2a:3c:46:91:5e:46:92:3d:df:4b:b7:bb:b5:06:94:
f1:a9:ac:7e:8c:90:17:26:fb:c5:21:84:37:29:7b:d7:a7:71:
c0:3d:d0:ab:3f:36:40:d5:b1:a3:82:11:d0:e8:e0:95:87:db:
0d:00:38:3f:2e:d5:aa:ac:47:ba:ad:d0:68:2e:f1:f4:41:3e:
25:2f:1c:34:b1:05:7b:0f:0a:8a:57:16:8a:99:ee:a1:d8:e9:
a9:4a:da:e8:1b:87:49:e9:4b:ff:71:6e:04:42:20:a3:08:c9:
18:9f:c7:ba:99:6f:0b:53:3b:4a:fc:0a:2e:e2:ad:ff:4c:25:
32:7b:75:64:46:ca:70:c0:cb:7f:03:5b:25:2f:84:d1:0d:4a:
e6:4e:b8:3d:c3:b5:a0:c6:f1:c2:29:2a:9f:47:ba:02:a7:18:
09:52:7a:47:fe:e5:9a:75:69:2f:cb:cf:fc:5b:08:76:0f:ea:
3d:56:f7:35:3d:c2:16:0e:b8:4c:ab:26:2b:d9:ec:ba:10:05:
67:8b:4b:ff:06:e5:16:c1:41:d8:1a:8e:41:97:23:c2:aa:bd:
3d:d8:ad:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrikMAhY987StiMSpaiZyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDllOTI2NmVlY2FiYzBmZDRhNjA3N2ViMGJhOGZhOWYz
YmRlMjcwHhcNMjMwMTAxMDQxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjIxZTlmMTJhZTkzZjU5MWI2YzU4OGZmMDY3MjEzOTQ1ZTAwZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1e+gMtLBOW5TYv09OeEbijI7BQWo
wj7kPArRu0I7e6+UrI9LpX2qmzTJf3fdr2WG06y4+vQDgIvQWjRGtGPc7q2Z02Y4
XNBYw4Y14HaXFgTgNa/pUudN2jOr27YC5gQExsYPJxxUrfzJsgvWwCQGy5zqS6v9
W/wNeXrYvmzTiJNTO6Yyp6UaugbJWn/D58M7jNiz9S72ZP7qhVy0fukZKwAAUBqO
rVq3VzYgLkQ/AQ6pekcqF3+Ue/JFUzQI+7QmMb/lnwlHr9oSCzHR5KZoK/4M7Mul
QeBBV8leCaeEiybbpAMSElvbm8/MLKD3cpnprF+f5hbyFf3ewowy476PFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE8h6fEq6T9ZG2xYj/BnITlF4A7RMB8GA1UdIwQY
MBaAFGXZ6SZu7KvA/Upgd+sLqPqfO94nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRucEptN3NxOEQ5U21CMzZ3dW8tcDg3M2ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9iYTQwMmMtYjAwZS00YTI2LWJmNTMt
OGU3NDdlMzRlMTYyLzEvVHlIcDhTcnBQMWtiYkZpUDhHY2hPVVhnRHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9iYTQwMmMtYjAwZS00YTI2LWJmNTMtOGU3NDdlMzRlMTYy
LzEvWmRucEptN3NxOEQ5U21CMzZ3dW8tcDg3M2ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCX9YwMA0E
AgACMAcDBQMqCdaAMA0GCSqGSIb3DQEBCwUAA4IBAQA7mpCKKVny/OwJGQkModWs
AU/PaIc4gZg+6I7aHKSxx0LgQLzWit8qPEaRXkaSPd9Lt7u1BpTxqax+jJAXJvvF
IYQ3KXvXp3HAPdCrPzZA1bGjghHQ6OCVh9sNADg/LtWqrEe6rdBoLvH0QT4lLxw0
sQV7DwqKVxaKme6h2OmpStroG4dJ6Uv/cW4EQiCjCMkYn8e6mW8LUztK/Aou4q3/
TCUye3VkRspwwMt/A1slL4TRDUrmTrg9w7WgxvHCKSqfR7oCpxgJUnpH/uWadWkv
y8/8Wwh2D+o9Vvc1PcIWDrhMqyYr2ey6EAVni0v/BuUWwUHYGo5BlyPCqr092K2u
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:38 2024 by rpki-client on console-fra.rpki-client.org