Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/LiQgSgd3h4OshrhDxUhSI9Aycso.roa
File: LiQgSgd3h4OshrhDxUhSI9Aycso.roa (raw, json)
Hash identifier: W0/sgXNqgEcpsaaq/0DPwbVGx04kzUAtRMzZasqnjVM=
Subject key identifier: 2E:24:20:4A:07:77:87:83:AC:86:B8:43:C5:48:52:23:D0:32:72:CA
Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59
Certificate serial: 0194236A0F91B20890FB84880D959C8B27D7
Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/LiQgSgd3h4OshrhDxUhSI9Aycso.roa
Signing time: Wed 01 Jan 2025 19:49:00 +0000
ROA not before: Wed 01 Jan 2025 19:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214640
IP address blocks: 95.141.241.0/24 maxlen: 24
2a13:7c80::/32 maxlen: 32
2a13:7c81::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Jan 2025 16:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0f:91:b2:08:90:fb:84:88:0d:95:9c:8b:27:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59
Validity
Not Before: Jan 1 19:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e24204a07778783ac86b843c5485223d03272ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9c:4e:78:1b:6c:0f:fe:7b:8c:b9:9d:ee:38:
d9:42:30:0c:56:6b:31:41:22:e8:0c:07:a1:f2:d7:
76:d9:7f:a9:3a:46:e8:f4:3b:dd:5a:95:5b:96:1a:
5d:4b:e9:b1:ce:8d:0c:07:81:b4:41:6c:9d:af:e7:
8a:f4:6d:5e:da:91:4d:ec:b7:3d:f0:05:da:6c:49:
56:6a:4c:13:2e:52:3d:85:8c:17:cb:a9:68:77:40:
7d:0f:2b:71:e9:d1:de:8e:ea:f7:da:28:3a:87:e8:
45:ad:9b:fe:15:f1:0e:d7:d4:f6:74:07:a1:f5:d9:
9f:93:11:51:ce:75:ca:12:88:83:21:a2:3f:84:b7:
97:3c:5f:ac:56:06:c2:78:81:bf:1c:9f:f3:83:52:
4d:87:1e:37:a9:9a:8a:67:21:9e:df:f6:86:99:76:
c3:79:4a:6c:69:2f:d0:9d:c4:19:99:80:11:e3:d4:
49:8d:e0:5d:3e:a4:da:91:f9:1b:8b:10:19:d3:7e:
df:19:65:d6:d4:5e:86:66:eb:1b:1b:5c:ca:5c:6e:
59:17:a3:5a:35:75:33:29:c3:4f:74:23:1a:e7:7f:
05:48:8e:2a:5d:b5:8c:20:0e:80:20:b6:c6:0c:b4:
ec:69:ca:72:7c:cb:82:cf:2e:b3:95:33:d0:48:ad:
7f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:24:20:4A:07:77:87:83:AC:86:B8:43:C5:48:52:23:D0:32:72:CA
X509v3 Authority Key Identifier:
keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/LiQgSgd3h4OshrhDxUhSI9Aycso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.241.0/24
IPv6:
2a13:7c80::/31
Signature Algorithm: sha256WithRSAEncryption
86:d4:65:95:0a:63:a7:59:26:c2:ce:17:79:e0:71:38:48:25:
7f:9e:38:b5:1c:24:38:61:6f:35:38:d7:ab:2e:38:3b:0f:43:
b8:1b:b7:ef:81:7b:18:77:71:81:a4:e0:1f:a5:cf:ee:99:6a:
be:4b:d7:df:d5:b8:1d:34:91:08:79:ba:62:73:b1:d8:9e:db:
e6:b5:70:f5:33:f9:35:53:e4:09:93:92:c2:0a:84:80:37:30:
07:58:48:bf:94:3a:bf:0d:c4:be:fd:84:5d:70:09:3e:22:98:
8a:d1:9b:3e:fe:3f:69:66:32:6e:49:d9:83:32:89:9b:71:24:
55:04:63:b1:28:ff:6a:37:eb:80:4f:26:20:dd:01:4f:8b:0f:
0e:6c:49:6d:fc:c6:82:92:82:ff:75:3a:51:78:4c:e5:2c:8e:
4a:63:2d:31:17:3a:ee:a3:27:cd:c4:9b:54:7f:b4:8e:fa:f6:
c4:11:a0:53:9a:69:cb:7d:d0:27:40:b1:5f:1a:7f:b5:f9:0a:
a5:5f:58:45:dd:bb:30:d3:e7:28:b9:64:a7:75:65:80:f7:26:
c0:44:99:16:91:4f:65:8e:ca:30:ed:1a:2c:cd:b8:a6:58:75:
3e:a4:ab:b4:77:59:b7:5d:42:4e:79:f0:de:c0:8a:ea:35:ea:
8e:eb:fb:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjag+RsgiQ+4SIDZWciyfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1
M2RjNTkwHhcNMjUwMTAxMTk0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTI0MjA0YTA3Nzc4NzgzYWM4NmI4NDNjNTQ4NTIyM2QwMzI3MmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJxOeBtsD/57jLmd7jjZQjAMVmsx
QSLoDAeh8td22X+pOkbo9DvdWpVblhpdS+mxzo0MB4G0QWydr+eK9G1e2pFN7Lc9
8AXabElWakwTLlI9hYwXy6lod0B9Dytx6dHejur32ig6h+hFrZv+FfEO19T2dAeh
9dmfkxFRznXKEoiDIaI/hLeXPF+sVgbCeIG/HJ/zg1JNhx43qZqKZyGe3/aGmXbD
eUpsaS/QncQZmYAR49RJjeBdPqTakfkbixAZ037fGWXW1F6GZusbG1zKXG5ZF6Na
NXUzKcNPdCMa538FSI4qXbWMIA6AILbGDLTsacpyfMuCzy6zlTPQSK1/4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC4kIEoHd4eDrIa4Q8VIUiPQMnLKMB8GA1UdIwQY
MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt
ZmI2OTgzY2U5ZGZmLzEvTGlRZ1NnZDNoNE9zaHJoRHhVaFNJOUF5Y3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm
LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAX43xMA0E
AgACMAcDBQEqE3yAMA0GCSqGSIb3DQEBCwUAA4IBAQCG1GWVCmOnWSbCzhd54HE4
SCV/nji1HCQ4YW81ONerLjg7D0O4G7fvgXsYd3GBpOAfpc/umWq+S9ff1bgdNJEI
ebpic7HYntvmtXD1M/k1U+QJk5LCCoSANzAHWEi/lDq/DcS+/YRdcAk+IpiK0Zs+
/j9pZjJuSdmDMombcSRVBGOxKP9qN+uATyYg3QFPiw8ObElt/MaCkoL/dTpReEzl
LI5KYy0xFzruoyfNxJtUf7SO+vbEEaBTmmnLfdAnQLFfGn+1+QqlX1hF3bsw0+co
uWSndWWA9ybARJkWkU9ljsow7RoszbimWHU+pKu0d1m3XUJOefDewIrqNeqO6/ve
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:05:14 2025 by rpki-client