Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/0fbd8d-820d-4979-81a3-8be9571eb10d/1/t1f5UcM1K1CGzIK6N3av_cmMCNQ.roa
File: t1f5UcM1K1CGzIK6N3av_cmMCNQ.roa (raw, json)
Hash identifier: R1A1odNZH03pTklTg0UocrsQxyrofgw6bgJJ8YVo0Xc=
Subject key identifier: B7:57:F9:51:C3:35:2B:50:86:CC:82:BA:37:76:AF:FD:C9:8C:08:D4
Certificate issuer: /CN=c69ceb1240844cde8a168897e47c1df5d6ecbf21
Certificate serial: 018E433671838AA5C9BBADF8F152E58EAD57
Authority key identifier: C6:9C:EB:12:40:84:4C:DE:8A:16:88:97:E4:7C:1D:F5:D6:EC:BF:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xpzrEkCETN6KFoiX5Hwd9dbsvyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/0fbd8d-820d-4979-81a3-8be9571eb10d/1/t1f5UcM1K1CGzIK6N3av_cmMCNQ.roa
Signing time: Fri 15 Mar 2024 17:43:45 +0000
ROA not before: Fri 15 Mar 2024 17:43:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200370
IP address blocks: 95.142.231.0/24 maxlen: 24
95.142.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 11:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:43:36:71:83:8a:a5:c9:bb:ad:f8:f1:52:e5:8e:ad:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c69ceb1240844cde8a168897e47c1df5d6ecbf21
Validity
Not Before: Mar 15 17:43:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b757f951c3352b5086cc82ba3776affdc98c08d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:10:f4:e3:94:8d:63:f5:ab:3d:ff:aa:c1:66:
42:c3:ce:fc:cb:56:77:b9:bb:4e:92:8b:72:66:de:
0c:b7:23:dc:41:85:a9:ea:92:80:1d:25:dc:90:c7:
fd:d1:d3:7c:fe:bf:ab:7d:48:75:22:dc:b3:03:21:
5e:52:f7:60:d3:f6:c0:33:3f:2b:73:d7:2f:f9:8e:
38:d2:8b:1a:9a:47:8c:1f:e8:33:cc:6a:89:e0:1e:
05:c0:da:53:e0:ca:94:5a:2e:48:e9:e6:af:a6:97:
ab:96:3f:ae:ca:e3:2a:a3:ca:07:80:d5:db:ed:7b:
32:cb:5d:75:26:f0:2b:93:4c:46:76:07:92:a8:9c:
06:fe:be:6b:19:1a:05:79:27:cd:65:6f:85:86:d8:
12:de:47:6d:c7:b0:b9:e0:e9:7b:5f:1b:4c:cc:11:
b6:13:d8:de:3c:f2:21:d1:c2:ad:10:ff:5c:51:c3:
34:6c:eb:39:fe:9e:e9:f1:ba:bf:22:4b:f8:61:ba:
ea:40:85:be:06:9d:02:53:6b:92:cb:24:7b:b0:59:
a3:4a:57:3d:22:fe:f4:a7:72:91:71:73:b5:1f:d5:
42:65:ae:41:f4:7d:d5:98:7b:3d:c2:4f:47:c2:5e:
8c:65:89:44:58:51:ed:66:23:7a:63:1b:d3:be:13:
87:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:57:F9:51:C3:35:2B:50:86:CC:82:BA:37:76:AF:FD:C9:8C:08:D4
X509v3 Authority Key Identifier:
keyid:C6:9C:EB:12:40:84:4C:DE:8A:16:88:97:E4:7C:1D:F5:D6:EC:BF:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xpzrEkCETN6KFoiX5Hwd9dbsvyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/0fbd8d-820d-4979-81a3-8be9571eb10d/1/t1f5UcM1K1CGzIK6N3av_cmMCNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/0fbd8d-820d-4979-81a3-8be9571eb10d/1/xpzrEkCETN6KFoiX5Hwd9dbsvyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.231.0/24
95.142.239.0/24
Signature Algorithm: sha256WithRSAEncryption
44:79:73:ff:61:5a:6a:b1:a1:30:f2:52:e6:3f:df:ab:27:db:
6a:be:67:37:27:28:69:39:02:48:d3:a9:08:b7:28:fb:cc:4c:
0d:a9:f2:ff:46:5d:7a:3a:89:a3:9f:16:30:01:6f:f2:3f:65:
12:7b:71:89:93:5c:50:b2:bd:0d:70:f4:20:39:fa:41:e6:10:
23:e3:02:55:0c:8f:1d:7a:52:2a:3c:60:19:5b:c2:51:83:3a:
a1:2e:13:5a:64:cb:39:c8:4b:1f:3d:81:2c:8f:02:75:73:af:
d0:8d:1e:f1:28:85:9d:91:5d:51:4f:8a:a1:fa:74:61:18:ea:
15:f7:6d:c5:33:43:9f:db:b0:ac:b5:26:4e:72:c7:a9:10:1b:
5a:9f:20:63:f9:71:d9:79:8b:fd:1a:7e:83:87:30:29:21:6b:
a5:a6:5b:5c:a7:99:fa:3c:23:94:34:81:d8:18:9b:b7:3c:8e:
d5:34:e6:f6:53:be:0f:b2:c2:3d:20:46:a0:c1:bc:25:1d:e7:
f4:97:28:24:5e:3a:8f:e4:7b:85:48:1d:b5:25:ed:e5:4b:57:
39:98:4a:98:c4:dd:d2:d2:58:5f:34:4c:fa:df:1e:87:97:31:
d1:e4:b3:28:a1:19:c0:ef:17:36:2d:f1:5c:97:21:79:f0:7b:
ad:47:ea:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5DNnGDiqXJu6348VLljq1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OWNlYjEyNDA4NDRjZGU4YTE2ODg5N2U0N2MxZGY1ZDZl
Y2JmMjEwHhcNMjQwMzE1MTc0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzU3Zjk1MWMzMzUyYjUwODZjYzgyYmEzNzc2YWZmZGM5OGMwOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBD045SNY/WrPf+qwWZCw878y1Z3
ubtOkotyZt4MtyPcQYWp6pKAHSXckMf90dN8/r+rfUh1ItyzAyFeUvdg0/bAMz8r
c9cv+Y440osamkeMH+gzzGqJ4B4FwNpT4MqUWi5I6eavpperlj+uyuMqo8oHgNXb
7Xsyy111JvArk0xGdgeSqJwG/r5rGRoFeSfNZW+FhtgS3kdtx7C54Ol7XxtMzBG2
E9jePPIh0cKtEP9cUcM0bOs5/p7p8bq/Ikv4YbrqQIW+Bp0CU2uSyyR7sFmjSlc9
Iv70p3KRcXO1H9VCZa5B9H3VmHs9wk9Hwl6MZYlEWFHtZiN6YxvTvhOHFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLdX+VHDNStQhsyCujd2r/3JjAjUMB8GA1UdIwQY
MBaAFMac6xJAhEzeihaIl+R8HfXW7L8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHB6ckVrQ0VUTjZLRm9pWDVId2Q5ZGJzdnlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8wZmJkOGQtODIwZC00OTc5LTgxYTMt
OGJlOTU3MWViMTBkLzEvdDFmNVVjTTFLMUNHeklLNk4zYXZfY21NQ05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8wZmJkOGQtODIwZC00OTc5LTgxYTMtOGJlOTU3MWViMTBk
LzEveHB6ckVrQ0VUTjZLRm9pWDVId2Q5ZGJzdnlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX47nAwQA
X47vMA0GCSqGSIb3DQEBCwUAA4IBAQBEeXP/YVpqsaEw8lLmP9+rJ9tqvmc3Jyhp
OQJI06kItyj7zEwNqfL/Rl16OomjnxYwAW/yP2USe3GJk1xQsr0NcPQgOfpB5hAj
4wJVDI8delIqPGAZW8JRgzqhLhNaZMs5yEsfPYEsjwJ1c6/QjR7xKIWdkV1RT4qh
+nRhGOoV923FM0Of27CstSZOcsepEBtanyBj+XHZeYv9Gn6DhzApIWulpltcp5n6
PCOUNIHYGJu3PI7VNOb2U74PssI9IEagwbwlHef0lygkXjqP5HuFSB21Je3lS1c5
mEqYxN3S0lhfNEz63x6HlzHR5LMooRnA7xc2LfFclyF58HutR+oD
-----END CERTIFICATE-----
Generated at Wed Apr 30 01:00:30 2025 by rpki-client