Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/13b4bc-197e-40a6-b845-9ecd8cc50a88/1/E9HJ-ALClyM5ob9cZ2RqmHv3r_o.roa
File: E9HJ-ALClyM5ob9cZ2RqmHv3r_o.roa (raw, json)
Hash identifier: q7Zo72q2zemORkxx9+i+oO8WPI8m2jPskswUdHbgeB0=
Subject key identifier: 13:D1:C9:F8:02:C2:97:23:39:A1:BF:5C:67:64:6A:98:7B:F7:AF:FA
Certificate issuer: /CN=2791a7b8ee8440522b0b5530c85dce1d73f967b7
Certificate serial: 018D658CB38EBC830CEFFACC5BF1D68221D8
Authority key identifier: 27:91:A7:B8:EE:84:40:52:2B:0B:55:30:C8:5D:CE:1D:73:F9:67:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5GnuO6EQFIrC1UwyF3OHXP5Z7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/13b4bc-197e-40a6-b845-9ecd8cc50a88/1/E9HJ-ALClyM5ob9cZ2RqmHv3r_o.roa
Signing time: Thu 01 Feb 2024 16:42:16 +0000
ROA not before: Thu 01 Feb 2024 16:42:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 95.128.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 16:12:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:8c:b3:8e:bc:83:0c:ef:fa:cc:5b:f1:d6:82:21:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2791a7b8ee8440522b0b5530c85dce1d73f967b7
Validity
Not Before: Feb 1 16:42:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13d1c9f802c2972339a1bf5c67646a987bf7affa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fc:93:d2:d3:97:b4:25:9e:43:fd:9c:fc:1e:
71:64:b9:1c:94:29:31:6d:d1:52:ae:c6:d7:15:75:
50:4a:40:23:24:c1:19:f5:7a:dc:76:41:54:46:c6:
6b:fc:c8:56:93:c5:ac:b4:6d:d6:02:8e:88:a3:e7:
17:ff:ee:6a:0c:bf:fa:83:94:85:0b:a0:0a:3b:12:
b2:24:50:4a:cf:38:a6:09:66:45:b5:17:df:d7:1e:
01:99:70:42:f5:16:ad:7a:74:22:11:09:b1:9e:ee:
50:12:a3:0e:95:97:94:da:c5:7c:c5:81:9c:1d:7a:
75:f2:7b:66:48:64:00:08:bb:7c:af:4f:79:7b:5a:
5f:61:e9:e4:0e:cf:be:e2:07:e9:fb:ef:ee:9c:00:
e4:bd:d8:a6:71:a9:31:16:84:86:08:97:7d:e2:20:
53:d3:1d:a7:a7:ed:01:f1:fb:2b:df:61:cd:18:e9:
55:f7:f5:83:87:6a:2b:06:47:0e:3e:26:64:8d:a5:
ab:c3:92:cd:7e:53:7b:71:1a:fc:e4:12:24:0f:38:
5b:7f:a7:e9:11:1a:a9:f7:90:f6:5f:fc:76:ab:8c:
0d:b1:d2:34:71:66:c8:e0:6e:07:bb:25:ee:98:98:
17:bf:69:58:c5:08:d2:c1:db:f2:bd:d6:15:e7:a0:
c8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D1:C9:F8:02:C2:97:23:39:A1:BF:5C:67:64:6A:98:7B:F7:AF:FA
X509v3 Authority Key Identifier:
keyid:27:91:A7:B8:EE:84:40:52:2B:0B:55:30:C8:5D:CE:1D:73:F9:67:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5GnuO6EQFIrC1UwyF3OHXP5Z7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/13b4bc-197e-40a6-b845-9ecd8cc50a88/1/E9HJ-ALClyM5ob9cZ2RqmHv3r_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/13b4bc-197e-40a6-b845-9ecd8cc50a88/1/J5GnuO6EQFIrC1UwyF3OHXP5Z7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.196.0/24
Signature Algorithm: sha256WithRSAEncryption
53:93:4d:e0:c9:55:09:6c:8c:0c:cb:42:a5:07:f9:41:9c:b2:
60:22:dd:e0:af:7e:c5:e9:02:b9:37:aa:73:57:89:20:74:39:
9f:d5:0b:8b:9c:a2:3d:60:bd:5d:dc:eb:4a:5a:27:d0:a8:56:
88:d0:43:ed:aa:6f:7f:0c:01:98:1e:35:ba:d0:05:6b:10:ef:
c5:79:4e:85:5b:e8:54:ab:9e:fb:07:c9:83:8f:44:fc:59:23:
30:2b:fa:fe:c2:da:87:1a:7e:40:c1:f7:36:60:d8:29:39:8c:
6e:53:a3:be:35:19:f8:7f:42:e6:30:60:30:36:97:12:69:05:
70:83:cf:5c:64:1c:99:01:8e:f6:53:9b:ea:55:2a:77:63:4b:
61:dc:10:b7:6c:2a:63:43:fe:af:8b:e1:b0:42:3e:93:57:64:
4e:26:ab:cd:5d:50:b2:07:e6:0b:8b:27:a9:ca:57:f5:99:e8:
cb:9f:38:79:10:d7:0d:55:13:5f:d5:5a:5b:9d:fe:1a:df:d0:
7e:5c:9d:a4:e1:f7:3a:9c:68:bf:53:b1:b9:83:76:db:45:7e:
b8:c6:a5:af:53:b7:d2:8b:a4:a6:90:03:01:03:ab:c4:fd:23:
88:65:4e:1f:b2:e0:72:a5:b1:a0:83:4f:c6:83:9d:81:de:de:
c0:e6:3e:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1ljLOOvIMM7/rMW/HWgiHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTFhN2I4ZWU4NDQwNTIyYjBiNTUzMGM4NWRjZTFkNzNm
OTY3YjcwHhcNMjQwMjAxMTY0MjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2QxYzlmODAyYzI5NzIzMzlhMWJmNWM2NzY0NmE5ODdiZjdhZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPyT0tOXtCWeQ/2c/B5xZLkclCkx
bdFSrsbXFXVQSkAjJMEZ9XrcdkFURsZr/MhWk8WstG3WAo6Io+cX/+5qDL/6g5SF
C6AKOxKyJFBKzzimCWZFtRff1x4BmXBC9RatenQiEQmxnu5QEqMOlZeU2sV8xYGc
HXp18ntmSGQACLt8r095e1pfYenkDs++4gfp++/unADkvdimcakxFoSGCJd94iBT
0x2np+0B8fsr32HNGOlV9/WDh2orBkcOPiZkjaWrw5LNflN7cRr85BIkDzhbf6fp
ERqp95D2X/x2q4wNsdI0cWbI4G4HuyXumJgXv2lYxQjSwdvyvdYV56DIfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPRyfgCwpcjOaG/XGdkaph796/6MB8GA1UdIwQY
MBaAFCeRp7juhEBSKwtVMMhdzh1z+We3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVHbnVPNkVRRklyQzFVd3lGM09IWFA1WjdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xM2I0YmMtMTk3ZS00MGE2LWI4NDUt
OWVjZDhjYzUwYTg4LzEvRTlISi1BTENseU01b2I5Y1oyUnFtSHYzcl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xM2I0YmMtMTk3ZS00MGE2LWI4NDUtOWVjZDhjYzUwYTg4
LzEvSjVHbnVPNkVRRklyQzFVd3lGM09IWFA1WjdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4DEMA0G
CSqGSIb3DQEBCwUAA4IBAQBTk03gyVUJbIwMy0KlB/lBnLJgIt3gr37F6QK5N6pz
V4kgdDmf1QuLnKI9YL1d3OtKWifQqFaI0EPtqm9/DAGYHjW60AVrEO/FeU6FW+hU
q577B8mDj0T8WSMwK/r+wtqHGn5Awfc2YNgpOYxuU6O+NRn4f0LmMGAwNpcSaQVw
g89cZByZAY72U5vqVSp3Y0th3BC3bCpjQ/6vi+GwQj6TV2ROJqvNXVCyB+YLiyep
ylf1mejLnzh5ENcNVRNf1Vpbnf4a39B+XJ2k4fc6nGi/U7G5g3bbRX64xqWvU7fS
i6SmkAMBA6vE/SOIZU4fsuBypbGgg0/Gg52B3t7A5j5t
-----END CERTIFICATE-----
Generated at Mon Apr 8 20:06:39 2024 by rpki-client on console.sobornost.net