Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9ca9bc-e41c-4931-9d9d-ead096812626/1/28_rH9a7EgpimQ701kT89ZZQtZY.roa
File: 28_rH9a7EgpimQ701kT89ZZQtZY.roa (raw, json)
Hash identifier: Z4gXfRCiqJkdgeXs7Tk7a/1QFeFlLpDT1R8jGGiPwrs=
Subject key identifier: DB:CF:EB:1F:D6:BB:12:0A:62:99:0E:F4:D6:44:FC:F5:96:50:B5:96
Certificate issuer: /CN=5a67da4c5acbd0d9a062f917c576df34acd43343
Certificate serial: 0185736847F52ADC20C7BC5156B3B632812B
Authority key identifier: 5A:67:DA:4C:5A:CB:D0:D9:A0:62:F9:17:C5:76:DF:34:AC:D4:33:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmfaTFrL0NmgYvkXxXbfNKzUM0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/9ca9bc-e41c-4931-9d9d-ead096812626/1/28_rH9a7EgpimQ701kT89ZZQtZY.roa
Signing time: Mon 02 Jan 2023 16:54:52 +0000
ROA not before: Mon 02 Jan 2023 16:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42529
IP address blocks: 195.16.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:47:f5:2a:dc:20:c7:bc:51:56:b3:b6:32:81:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a67da4c5acbd0d9a062f917c576df34acd43343
Validity
Not Before: Jan 2 16:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbcfeb1fd6bb120a62990ef4d644fcf59650b596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:02:e2:de:a9:07:35:f8:23:9c:53:ac:da:b8:
7f:30:b3:f5:68:2a:00:4b:55:1d:84:1c:f2:8c:28:
ad:f2:9b:e7:0d:cf:14:7c:45:7c:2b:1b:6b:06:bb:
38:3a:63:47:02:79:24:b7:d1:bf:cb:1e:66:da:a6:
ed:65:c4:ca:b3:85:eb:ff:7a:2c:f7:93:a6:32:10:
3c:a4:74:74:15:57:c2:a6:63:6e:e2:19:18:9d:7b:
41:4b:b7:d8:a4:87:30:ba:ed:7e:03:53:3c:95:25:
95:95:00:56:8b:ed:96:9b:6e:39:8c:2c:3c:23:92:
e1:ae:ec:ee:74:26:c0:56:30:b6:99:ec:e2:72:21:
71:87:b0:2f:fc:77:c1:cd:9b:fa:85:3c:a0:20:4e:
75:02:98:8b:37:7d:1f:4d:0a:21:9e:1e:91:81:0d:
df:3a:2f:0d:84:8d:a1:9e:4e:c7:42:55:b4:47:b5:
59:dd:46:dc:0a:36:15:c8:88:28:12:ae:ef:81:0a:
bb:5c:e7:ab:ed:05:42:b8:ed:1f:5a:cf:f9:45:1a:
af:6e:db:50:f8:f4:33:06:74:36:72:d9:ac:7a:eb:
88:a9:0b:54:ab:7b:93:29:71:24:b2:51:42:d5:3d:
e5:3c:66:bb:95:b2:92:5a:60:0c:30:81:1e:31:52:
e1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:CF:EB:1F:D6:BB:12:0A:62:99:0E:F4:D6:44:FC:F5:96:50:B5:96
X509v3 Authority Key Identifier:
keyid:5A:67:DA:4C:5A:CB:D0:D9:A0:62:F9:17:C5:76:DF:34:AC:D4:33:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmfaTFrL0NmgYvkXxXbfNKzUM0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9ca9bc-e41c-4931-9d9d-ead096812626/1/28_rH9a7EgpimQ701kT89ZZQtZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9ca9bc-e41c-4931-9d9d-ead096812626/1/WmfaTFrL0NmgYvkXxXbfNKzUM0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.95.0/24
Signature Algorithm: sha256WithRSAEncryption
30:b9:60:06:78:b7:e2:b0:8d:6b:1a:22:c5:b6:c2:15:63:6b:
00:88:98:34:d8:5d:01:26:9a:91:5e:06:b6:62:96:60:c2:84:
34:62:04:56:68:c8:f1:93:f1:5b:c6:69:cb:17:78:1e:db:4d:
a4:8f:74:c2:13:74:8b:ac:0d:e8:71:7a:5a:e7:91:73:fc:0b:
89:92:bc:d8:33:b6:f6:8d:79:1f:84:03:6d:49:52:7a:05:c1:
57:67:6f:db:bb:22:c9:68:a8:fe:5e:32:14:53:f7:27:b4:98:
36:76:0f:f8:4a:fc:cf:cb:13:6b:ed:66:8d:d1:27:c7:f0:ab:
a3:04:2b:85:c3:c7:e0:1c:9e:f9:87:82:6a:05:a2:67:c5:eb:
00:14:b6:51:75:79:6f:db:21:8c:7b:e8:27:92:dc:98:6a:35:
9e:37:00:07:08:b5:e0:74:b3:66:a7:2f:82:6a:b3:58:eb:1f:
4f:bb:0d:5b:6a:7e:f9:12:a8:da:1c:de:d6:2e:48:77:7c:b7:
2e:23:14:57:ed:6c:dc:b7:e5:1d:50:fb:06:77:2d:c5:05:84:
60:e2:a0:ed:ef:5c:6d:a1:66:6e:eb:97:32:86:d2:eb:78:91:
5e:d5:e3:1d:82:f0:79:96:72:82:dd:46:e8:68:1c:2d:69:d8:
0d:37:3a:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzaEf1Ktwgx7xRVrO2MoErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNjdkYTRjNWFjYmQwZDlhMDYyZjkxN2M1NzZkZjM0YWNk
NDMzNDMwHhcNMjMwMTAyMTY1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmNmZWIxZmQ2YmIxMjBhNjI5OTBlZjRkNjQ0ZmNmNTk2NTBiNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQLi3qkHNfgjnFOs2rh/MLP1aCoA
S1UdhBzyjCit8pvnDc8UfEV8KxtrBrs4OmNHAnkkt9G/yx5m2qbtZcTKs4Xr/3os
95OmMhA8pHR0FVfCpmNu4hkYnXtBS7fYpIcwuu1+A1M8lSWVlQBWi+2Wm245jCw8
I5LhruzudCbAVjC2meziciFxh7Av/HfBzZv6hTygIE51ApiLN30fTQohnh6RgQ3f
Oi8NhI2hnk7HQlW0R7VZ3UbcCjYVyIgoEq7vgQq7XOer7QVCuO0fWs/5RRqvbttQ
+PQzBnQ2ctmseuuIqQtUq3uTKXEkslFC1T3lPGa7lbKSWmAMMIEeMVLh5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvP6x/WuxIKYpkO9NZE/PWWULWWMB8GA1UdIwQY
MBaAFFpn2kxay9DZoGL5F8V23zSs1DNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV21mYVRGckwwTm1nWXZrWHhYYmZOS3pVTTBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85Y2E5YmMtZTQxYy00OTMxLTlkOWQt
ZWFkMDk2ODEyNjI2LzEvMjhfckg5YTdFZ3BpbVE3MDFrVDg5WlpRdFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85Y2E5YmMtZTQxYy00OTMxLTlkOWQtZWFkMDk2ODEyNjI2
LzEvV21mYVRGckwwTm1nWXZrWHhYYmZOS3pVTTBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxBfMA0G
CSqGSIb3DQEBCwUAA4IBAQAwuWAGeLfisI1rGiLFtsIVY2sAiJg02F0BJpqRXga2
YpZgwoQ0YgRWaMjxk/FbxmnLF3ge202kj3TCE3SLrA3ocXpa55Fz/AuJkrzYM7b2
jXkfhANtSVJ6BcFXZ2/buyLJaKj+XjIUU/cntJg2dg/4SvzPyxNr7WaN0SfH8Kuj
BCuFw8fgHJ75h4JqBaJnxesAFLZRdXlv2yGMe+gnktyYajWeNwAHCLXgdLNmpy+C
arNY6x9Puw1ban75EqjaHN7WLkh3fLcuIxRX7Wzct+UdUPsGdy3FBYRg4qDt71xt
oWZu65cyhtLreJFe1eMdgvB5lnKC3UboaBwtadgNNzp5
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:48 2024 by rpki-client on console.sobornost.net