Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/bR-lKvMPvsvAZwK_OGNhuT64irs.roa
File: bR-lKvMPvsvAZwK_OGNhuT64irs.roa (raw, json)
Hash identifier: OaBvdEDC/83dNLAtuQMeUYEfupmZVdqSxVmlBU/t26I=
Subject key identifier: 6D:1F:A5:2A:F3:0F:BE:CB:C0:67:02:BF:38:63:61:B9:3E:B8:8A:BB
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018AFC4C1161B092A2ABF8050405B325FFA7
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/bR-lKvMPvsvAZwK_OGNhuT64irs.roa
Signing time: Wed 04 Oct 2023 20:05:58 +0000
ROA not before: Wed 04 Oct 2023 20:05:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39598
IP address blocks: 95.161.125.0/24 maxlen: 24
95.161.127.0/24 maxlen: 24
95.161.250.0/24 maxlen: 24
95.161.248.0/21 maxlen: 21
95.161.95.0/24 maxlen: 24
95.161.0.0/18 maxlen: 24
2a00:11d8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:4c:11:61:b0:92:a2:ab:f8:05:04:05:b3:25:ff:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Oct 4 20:05:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d1fa52af30fbecbc06702bf386361b93eb88abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b0:6b:a3:2a:31:1a:7b:1e:ee:5f:0d:70:2d:
ee:a0:da:1f:26:0e:56:6e:68:4a:ce:b0:7d:75:39:
71:31:11:fa:c6:da:fb:01:34:7c:8f:74:72:b2:91:
1e:28:2a:fb:8c:44:b5:8d:37:5c:0e:16:d9:4e:bd:
47:d9:1b:50:e1:d0:59:1a:a2:9d:92:44:8b:e2:49:
62:a4:77:b5:ea:8a:70:16:0a:a0:b1:48:67:f2:e3:
fa:bb:d1:0e:ea:bf:88:45:6d:30:f5:7a:a4:3e:34:
b6:06:41:da:ed:83:d3:f2:53:28:f1:07:ca:87:fa:
d5:b2:5a:fc:97:08:e9:0c:41:8d:ae:e9:ab:e1:e3:
77:60:2d:1e:b8:16:56:9f:d0:0d:6b:62:f9:74:61:
b9:22:a1:60:5b:e6:58:3c:b8:f9:ae:d4:ed:6e:ad:
31:7e:9e:e3:20:c9:69:87:ce:d7:44:54:52:3a:37:
2d:f0:90:41:b7:61:05:92:6a:b1:cf:65:7a:99:d8:
e0:75:2b:e5:d6:d3:23:55:84:be:80:02:62:08:a0:
a1:8a:04:93:cb:49:5c:a3:59:3b:32:dc:6d:bb:85:
0d:27:85:ba:a3:ee:a0:98:28:67:0d:31:d9:30:ef:
bf:57:f0:e1:2e:8d:37:48:74:00:9b:e1:0c:11:96:
d4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1F:A5:2A:F3:0F:BE:CB:C0:67:02:BF:38:63:61:B9:3E:B8:8A:BB
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/bR-lKvMPvsvAZwK_OGNhuT64irs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.161.0.0/18
95.161.95.0/24
95.161.125.0/24
95.161.127.0/24
95.161.248.0/21
IPv6:
2a00:11d8::/32
Signature Algorithm: sha256WithRSAEncryption
c3:a5:ff:15:c8:8d:88:f3:eb:53:da:45:6d:8f:28:74:06:c8:
2c:c6:4d:c3:34:5d:48:80:f6:ed:de:27:61:44:66:19:f1:52:
67:e0:d7:75:c7:74:d6:7e:64:b9:5f:43:e5:fb:e0:ca:d1:e5:
34:a0:51:2d:ae:6b:da:cc:04:b9:ed:9c:21:0e:53:3f:51:49:
0e:19:41:89:09:1d:f2:5f:56:d7:ce:5f:60:f5:5f:b3:61:1e:
09:a1:bd:dd:2c:d5:ca:43:76:c9:78:33:5e:75:da:f9:88:84:
89:b9:ff:e1:00:33:c5:5f:7f:e3:66:64:d9:0c:90:3c:0d:56:
dd:3a:ac:cb:dc:4c:b7:ff:6f:5d:ea:11:9d:83:da:54:2e:b7:
85:bd:d4:30:f0:e7:33:fc:79:52:71:72:98:07:c0:7b:d3:6e:
6c:f4:e9:f5:f9:df:61:c1:58:3c:1f:be:2f:ec:09:7a:a5:04:
e0:b3:bd:d7:ab:23:84:bb:12:1c:6f:fa:2c:e9:e1:16:ea:d0:
b4:80:55:b4:dd:c3:ac:ab:bc:eb:c1:20:5c:96:f5:0a:7a:d0:
5d:a8:67:a4:8b:e2:e6:c0:bd:86:2d:f2:3f:f5:2d:9e:2e:04:
cc:34:67:0d:2b:e8:9f:e9:48:67:41:40:bf:6d:97:6d:b6:17:
68:28:fe:c6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYr8TBFhsJKiq/gFBAWzJf+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMxMDA0MjAwNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDFmYTUyYWYzMGZiZWNiYzA2NzAyYmYzODYzNjFiOTNlYjg4YWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbBroyoxGnse7l8NcC3uoNofJg5W
bmhKzrB9dTlxMRH6xtr7ATR8j3RyspEeKCr7jES1jTdcDhbZTr1H2RtQ4dBZGqKd
kkSL4klipHe16opwFgqgsUhn8uP6u9EO6r+IRW0w9XqkPjS2BkHa7YPT8lMo8QfK
h/rVslr8lwjpDEGNrumr4eN3YC0euBZWn9ANa2L5dGG5IqFgW+ZYPLj5rtTtbq0x
fp7jIMlph87XRFRSOjct8JBBt2EFkmqxz2V6mdjgdSvl1tMjVYS+gAJiCKChigST
y0lco1k7Mtxtu4UNJ4W6o+6gmChnDTHZMO+/V/DhLo03SHQAm+EMEZbUtQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFG0fpSrzD77LwGcCvzhjYbk+uIq7MB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvYlItbEt2TVB2c3ZBWndLX09HTmh1VDY0aXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGX6EAAwQA
X6FfAwQAX6F9AwQAX6F/AwQDX6H4MA0EAgACMAcDBQAqABHYMA0GCSqGSIb3DQEB
CwUAA4IBAQDDpf8VyI2I8+tT2kVtjyh0Bsgsxk3DNF1IgPbt3idhRGYZ8VJn4Nd1
x3TWfmS5X0Pl++DK0eU0oFEtrmvazAS57ZwhDlM/UUkOGUGJCR3yX1bXzl9g9V+z
YR4Job3dLNXKQ3bJeDNeddr5iISJuf/hADPFX3/jZmTZDJA8DVbdOqzL3Ey3/29d
6hGdg9pULreFvdQw8Ocz/HlScXKYB8B7025s9On1+d9hwVg8H74v7Al6pQTgs73X
qyOEuxIcb/os6eEW6tC0gFW03cOsq7zrwSBclvUKetBdqGeki+LmwL2GLfI/9S2e
LgTMNGcNK+if6UhnQUC/bZdtthdoKP7G
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:47 2024 by rpki-client on console.sobornost.net