Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/uoaIWkNy8hc1ttE7GcTh7w7B-hM.roa
File: uoaIWkNy8hc1ttE7GcTh7w7B-hM.roa (raw, json)
Hash identifier: u0gfHB2Rykngt7pgqMj/i+zZq4a7vKZcjJzb795MtRQ=
Subject key identifier: BA:86:88:5A:43:72:F2:17:35:B6:D1:3B:19:C4:E1:EF:0E:C1:FA:13
Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59
Certificate serial: 0194606A5F5019B6F0B1CBBBFF8C0918BB6D
Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/uoaIWkNy8hc1ttE7GcTh7w7B-hM.roa
Signing time: Mon 13 Jan 2025 16:06:11 +0000
ROA not before: Mon 13 Jan 2025 16:06:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214640
IP address blocks: 95.141.241.0/24 maxlen: 24
2a13:7c80::/32 maxlen: 32
2a13:7c81::/32 maxlen: 48
2a13:7c82::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 15:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:6a:5f:50:19:b6:f0:b1:cb:bb:ff:8c:09:18:bb:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59
Validity
Not Before: Jan 13 16:06:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba86885a4372f21735b6d13b19c4e1ef0ec1fa13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3f:ee:5b:88:75:9f:75:7d:39:87:d2:57:46:
1c:6a:e9:7c:2a:4e:d6:b0:3d:01:dd:6d:03:f5:7c:
e1:95:92:26:6a:20:d6:25:0b:32:69:15:1f:de:b0:
a6:49:19:e3:79:e5:8e:d6:a6:8d:83:5b:0f:13:9b:
c5:d5:5d:f7:d4:b5:7c:83:39:08:02:75:22:2b:3f:
b1:fc:39:d5:56:0f:22:0e:4d:fb:30:cc:be:63:36:
57:20:7a:bc:5a:18:87:47:da:29:f8:8b:17:e8:b3:
f5:8a:ed:ca:e1:b0:df:0b:eb:65:2c:38:49:64:dc:
4a:d7:ef:e6:ec:09:6b:c1:53:8c:a6:dd:2f:10:e8:
9a:97:db:40:b1:6d:59:18:8b:c3:63:dc:16:f0:55:
c4:b4:95:4b:a3:06:06:84:8d:76:a3:f9:61:70:d4:
9d:bf:88:26:44:af:cd:d5:91:a0:83:7e:e2:d0:f0:
ed:01:96:4d:5a:4c:e6:b6:ed:0c:97:3a:79:e8:a2:
e1:6c:7e:b1:f0:bc:aa:3c:ca:23:be:af:22:35:30:
9c:89:08:9b:18:3e:07:3c:02:1e:4a:86:45:bd:71:
0d:c6:a0:b3:87:37:a5:d3:6f:a8:ad:3b:5e:ef:44:
28:a8:fc:af:69:4c:ae:77:8a:28:4d:29:4b:bb:84:
fe:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:86:88:5A:43:72:F2:17:35:B6:D1:3B:19:C4:E1:EF:0E:C1:FA:13
X509v3 Authority Key Identifier:
keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/uoaIWkNy8hc1ttE7GcTh7w7B-hM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.241.0/24
IPv6:
2a13:7c80::-2a13:7c82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
32:7a:ab:a8:cf:74:d1:1e:81:b3:80:e8:cc:ae:b2:4c:48:04:
26:f6:bf:89:78:bb:a6:7e:77:89:63:f4:c0:08:49:ef:19:97:
3f:2a:c8:6a:cb:a4:ce:6a:af:96:65:73:63:2b:30:f2:f5:9f:
d2:ec:ee:87:73:a6:ff:12:ce:31:8f:e4:68:7a:a1:0c:28:d0:
2b:f6:2f:a1:19:81:d4:dc:95:98:ff:41:e8:a2:73:4e:f3:b1:
4b:65:01:db:21:74:64:39:ff:a7:7a:1f:e4:4d:fa:a5:fe:2a:
20:d6:96:ad:7c:2e:e1:1c:99:9a:95:34:4e:ea:31:37:6a:0e:
38:97:ca:7d:de:6c:3f:42:d6:f8:1d:d8:d7:2d:79:fd:38:da:
d4:9e:7d:c2:5b:53:ed:69:3c:91:49:e1:9f:e2:8d:fa:93:fa:
aa:95:35:27:0c:45:7b:36:57:ec:1d:cc:1e:ff:63:98:af:bc:
14:59:8c:f7:cc:00:fd:83:5a:6a:05:4c:03:df:69:36:c7:98:
bf:0a:cc:37:b8:b2:a2:e1:54:56:18:53:4c:cd:47:66:87:37:
7f:d1:57:77:8d:e5:74:2c:ef:5f:79:53:ed:c2:30:12:cf:dc:
f1:cc:b4:c9:dc:61:b9:0c:15:8c:da:72:92:7a:05:41:af:79:
60:72:e2:e5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZRgal9QGbbwscu7/4wJGLttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1
M2RjNTkwHhcNMjUwMTEzMTYwNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg2ODg1YTQzNzJmMjE3MzViNmQxM2IxOWM0ZTFlZjBlYzFmYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwz/uW4h1n3V9OYfSV0Ycaul8Kk7W
sD0B3W0D9XzhlZImaiDWJQsyaRUf3rCmSRnjeeWO1qaNg1sPE5vF1V331LV8gzkI
AnUiKz+x/DnVVg8iDk37MMy+YzZXIHq8WhiHR9op+IsX6LP1iu3K4bDfC+tlLDhJ
ZNxK1+/m7AlrwVOMpt0vEOial9tAsW1ZGIvDY9wW8FXEtJVLowYGhI12o/lhcNSd
v4gmRK/N1ZGgg37i0PDtAZZNWkzmtu0Mlzp56KLhbH6x8LyqPMojvq8iNTCciQib
GD4HPAIeSoZFvXENxqCzhzel02+orTte70QoqPyvaUyud4ooTSlLu4T+4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLqGiFpDcvIXNbbROxnE4e8OwfoTMB8GA1UdIwQY
MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt
ZmI2OTgzY2U5ZGZmLzEvdW9hSVdrTnk4aGMxdHRFN0djVGg3dzdCLWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm
LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAX43xMBYE
AgACMBAwDgMFByoTfIADBQAqE3yCMA0GCSqGSIb3DQEBCwUAA4IBAQAyequoz3TR
HoGzgOjMrrJMSAQm9r+JeLumfneJY/TACEnvGZc/Kshqy6TOaq+WZXNjKzDy9Z/S
7O6Hc6b/Es4xj+RoeqEMKNAr9i+hGYHU3JWY/0HoonNO87FLZQHbIXRkOf+neh/k
Tfql/iog1patfC7hHJmalTRO6jE3ag44l8p93mw/Qtb4HdjXLXn9ONrUnn3CW1Pt
aTyRSeGf4o36k/qqlTUnDEV7NlfsHcwe/2OYr7wUWYz3zAD9g1pqBUwD32k2x5i/
Csw3uLKi4VRWGFNMzUdmhzd/0Vd3jeV0LO9feVPtwjASz9zxzLTJ3GG5DBWM2nKS
egVBr3lgcuLl
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:01:54 2025 by rpki-client