Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/27ca7f-66b4-4bb1-9f5f-f5ba4fe2bf54/1/xgPRkDsHt9qCtgoTH0cXumxbY6A.roa
File: xgPRkDsHt9qCtgoTH0cXumxbY6A.roa (raw, json)
Hash identifier: fIFKWom2hmocRz9cRjkTFTjox3Lguc1OeGeNOmixVlM=
Subject key identifier: C6:03:D1:90:3B:07:B7:DA:82:B6:0A:13:1F:47:17:BA:6C:5B:63:A0
Certificate issuer: /CN=a1695d5558241e04a872dc1346898f2cea70dfe7
Certificate serial: 018D658D9DEF44C7FDE9F0BD90EE7555D9D7
Authority key identifier: A1:69:5D:55:58:24:1E:04:A8:72:DC:13:46:89:8F:2C:EA:70:DF:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWldVVgkHgSoctwTRomPLOpw3-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/27ca7f-66b4-4bb1-9f5f-f5ba4fe2bf54/1/xgPRkDsHt9qCtgoTH0cXumxbY6A.roa
Signing time: Thu 01 Feb 2024 16:43:16 +0000
ROA not before: Thu 01 Feb 2024 16:43:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 95.128.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 16:13:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:8d:9d:ef:44:c7:fd:e9:f0:bd:90:ee:75:55:d9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1695d5558241e04a872dc1346898f2cea70dfe7
Validity
Not Before: Feb 1 16:43:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c603d1903b07b7da82b60a131f4717ba6c5b63a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:32:f7:0f:fb:90:e1:a6:31:00:2e:2f:b2:43:
20:e1:92:bc:c2:11:25:2f:05:06:20:a3:c8:4e:5b:
a6:e4:75:6b:0c:e8:b1:c1:24:4e:42:f0:78:ee:b6:
b5:23:14:0f:c8:22:7c:0f:70:02:33:cc:ce:8b:ff:
2c:89:49:2d:a9:ac:6d:46:be:ea:ab:81:48:ce:11:
00:f8:83:90:7a:1b:b8:c8:af:5d:90:11:64:bf:85:
b5:13:f1:98:12:da:30:60:1a:ff:f8:e5:71:0e:df:
14:89:f5:9c:bb:f0:6d:31:df:0e:9f:b3:3f:12:05:
09:39:fc:e4:1d:a5:aa:f3:7e:d7:46:5d:03:14:6d:
5e:71:60:55:e1:c0:15:20:6c:5b:7f:b7:39:32:7e:
52:96:81:f4:09:f7:5e:31:ee:5c:80:7c:f0:27:f6:
9a:59:a8:e5:45:43:91:ce:0a:54:83:d1:a8:46:a5:
ad:2c:a2:dc:b1:54:db:61:b8:50:a1:8d:40:72:8a:
31:5d:e9:f7:84:cc:9b:1d:02:f8:7d:e1:58:b6:5c:
30:f7:c7:11:92:71:3e:7e:a5:da:79:2b:c7:4e:5a:
10:30:17:0f:03:0c:67:57:90:e3:59:3f:df:1a:9f:
a5:2e:fc:18:01:5f:30:40:93:c2:9e:4f:a4:eb:2d:
15:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:03:D1:90:3B:07:B7:DA:82:B6:0A:13:1F:47:17:BA:6C:5B:63:A0
X509v3 Authority Key Identifier:
keyid:A1:69:5D:55:58:24:1E:04:A8:72:DC:13:46:89:8F:2C:EA:70:DF:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWldVVgkHgSoctwTRomPLOpw3-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/27ca7f-66b4-4bb1-9f5f-f5ba4fe2bf54/1/xgPRkDsHt9qCtgoTH0cXumxbY6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/27ca7f-66b4-4bb1-9f5f-f5ba4fe2bf54/1/oWldVVgkHgSoctwTRomPLOpw3-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.197.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:69:ab:64:65:a9:91:72:0b:6c:4b:68:74:51:18:75:f7:84:
23:06:d9:c5:f8:96:79:31:21:ca:f0:bb:9a:2d:b8:bd:cf:a5:
c9:03:72:cf:69:31:88:8a:cf:d1:4d:d6:db:0c:32:ed:0a:a0:
49:79:30:e5:ad:02:e2:0e:50:16:dc:a8:3f:5f:c6:d8:ce:39:
1a:52:4f:78:71:de:58:a5:72:ef:37:d1:5e:6c:10:03:f6:ab:
67:61:ba:ea:f1:02:b5:54:3a:e5:0c:94:4b:25:3b:6b:2b:7d:
bf:05:db:47:fa:a9:a5:e9:10:10:77:ad:4d:0c:61:02:b5:6a:
1e:bc:c0:28:0d:2a:63:95:6c:89:64:7e:23:2f:31:b0:b7:b8:
67:5d:fd:af:6e:92:8b:a8:ca:85:95:0d:de:ad:a6:c5:7f:a0:
be:3f:56:81:f3:54:e0:58:6a:72:c1:57:b9:28:b4:45:79:dc:
7f:79:09:44:d1:2f:17:2e:35:6b:9f:68:09:eb:a0:2d:22:4c:
40:24:e6:a2:3a:0b:61:dd:85:5d:30:a5:2a:20:52:1d:c2:6d:
0c:7b:fe:36:9e:8b:18:28:ea:a3:79:68:6c:2e:82:94:e6:9d:
20:68:e6:d0:04:62:f2:f5:9f:07:a9:50:e1:e0:ed:e6:9e:5d:
b4:3a:00:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1ljZ3vRMf96fC9kO51VdnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjk1ZDU1NTgyNDFlMDRhODcyZGMxMzQ2ODk4ZjJjZWE3
MGRmZTcwHhcNMjQwMjAxMTY0MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjAzZDE5MDNiMDdiN2RhODJiNjBhMTMxZjQ3MTdiYTZjNWI2M2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTL3D/uQ4aYxAC4vskMg4ZK8whEl
LwUGIKPITlum5HVrDOixwSROQvB47ra1IxQPyCJ8D3ACM8zOi/8siUktqaxtRr7q
q4FIzhEA+IOQehu4yK9dkBFkv4W1E/GYEtowYBr/+OVxDt8UifWcu/BtMd8On7M/
EgUJOfzkHaWq837XRl0DFG1ecWBV4cAVIGxbf7c5Mn5SloH0CfdeMe5cgHzwJ/aa
WajlRUORzgpUg9GoRqWtLKLcsVTbYbhQoY1AcooxXen3hMybHQL4feFYtlww98cR
knE+fqXaeSvHTloQMBcPAwxnV5DjWT/fGp+lLvwYAV8wQJPCnk+k6y0VzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMYD0ZA7B7fagrYKEx9HF7psW2OgMB8GA1UdIwQY
MBaAFKFpXVVYJB4EqHLcE0aJjyzqcN/nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dsZFZWZ2tIZ1NvY3R3VFJvbVBMT3B3My1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8yN2NhN2YtNjZiNC00YmIxLTlmNWYt
ZjViYTRmZTJiZjU0LzEveGdQUmtEc0h0OXFDdGdvVEgwY1h1bXhiWTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8yN2NhN2YtNjZiNC00YmIxLTlmNWYtZjViYTRmZTJiZjU0
LzEvb1dsZFZWZ2tIZ1NvY3R3VFJvbVBMT3B3My1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4DFMA0G
CSqGSIb3DQEBCwUAA4IBAQBsaatkZamRcgtsS2h0URh194QjBtnF+JZ5MSHK8Lua
Lbi9z6XJA3LPaTGIis/RTdbbDDLtCqBJeTDlrQLiDlAW3Kg/X8bYzjkaUk94cd5Y
pXLvN9FebBAD9qtnYbrq8QK1VDrlDJRLJTtrK32/BdtH+qml6RAQd61NDGECtWoe
vMAoDSpjlWyJZH4jLzGwt7hnXf2vbpKLqMqFlQ3erabFf6C+P1aB81TgWGpywVe5
KLRFedx/eQlE0S8XLjVrn2gJ66AtIkxAJOaiOgth3YVdMKUqIFIdwm0Me/42nosY
KOqjeWhsLoKU5p0gaObQBGLy9Z8HqVDh4O3mnl20OgDh
-----END CERTIFICATE-----
Generated at Mon Apr 8 20:06:37 2024 by rpki-client on console.sobornost.net