Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/yJ-9j6tRpdKk-GFLV0SBT1f-MI8.roa
File: yJ-9j6tRpdKk-GFLV0SBT1f-MI8.roa (raw, json)
Hash identifier: jBvE4ke7f2F6bxOGDEJqDLyBHAXM7HnAfgODdq4G0kY=
Subject key identifier: C8:9F:BD:8F:AB:51:A5:D2:A4:F8:61:4B:57:44:81:4F:57:FE:30:8F
Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59
Certificate serial: 0194236A0EE69959E10F238894E3CB13A37E
Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/yJ-9j6tRpdKk-GFLV0SBT1f-MI8.roa
Signing time: Wed 01 Jan 2025 19:49:00 +0000
ROA not before: Wed 01 Jan 2025 19:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42675
IP address blocks: 95.141.241.0/24 maxlen: 24
2a13:7c80::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Mar 2025 18:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0e:e6:99:59:e1:0f:23:88:94:e3:cb:13:a3:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59
Validity
Not Before: Jan 1 19:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c89fbd8fab51a5d2a4f8614b5744814f57fe308f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dc:9b:13:8f:00:2c:7f:3f:61:89:de:b9:4e:
de:d0:3d:19:f6:ee:33:e4:34:d8:35:df:67:2d:03:
68:93:5a:58:66:8d:45:ad:4e:ec:08:d1:9f:1a:d9:
4d:30:64:e2:0f:3b:e6:d8:ae:3b:97:1e:ac:27:98:
76:76:30:71:d5:4d:3a:d4:1c:68:76:7d:a4:db:f7:
18:6b:a0:8e:e5:1c:36:21:87:ec:cc:77:b9:ec:2a:
df:f2:0d:96:be:93:bf:f9:36:fe:78:8f:38:01:e8:
99:cd:9b:7c:0f:c6:fb:61:4f:cb:11:9b:cb:49:58:
c4:31:79:4d:30:15:91:2e:a3:a9:84:da:4a:a5:a3:
e9:32:81:81:16:8d:88:67:22:59:88:ad:22:52:2f:
9a:d3:64:8d:1a:a1:06:97:4c:79:3a:7d:e5:2f:d1:
e7:15:55:1d:02:51:7b:4a:5b:b2:fb:60:9c:2e:43:
e6:32:bd:2f:4e:70:21:68:f0:b4:b1:46:9d:df:ee:
96:5e:b9:98:14:c2:bb:60:bd:9a:7c:ce:1c:d9:79:
b8:5e:8a:4e:a3:2e:14:e6:9d:d2:c1:0d:77:dd:03:
72:0e:e3:75:72:e9:89:36:7f:4b:c2:31:ee:92:39:
f7:9e:41:b4:6f:7e:b2:97:1b:7d:9a:31:cb:41:4f:
c4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:9F:BD:8F:AB:51:A5:D2:A4:F8:61:4B:57:44:81:4F:57:FE:30:8F
X509v3 Authority Key Identifier:
keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/yJ-9j6tRpdKk-GFLV0SBT1f-MI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.241.0/24
IPv6:
2a13:7c80::/32
Signature Algorithm: sha256WithRSAEncryption
91:ad:51:54:89:8f:68:94:ad:2e:5b:cd:9b:d3:2d:47:f3:d2:
5f:be:fb:7b:e8:1d:48:88:25:49:73:24:88:a9:83:da:1e:63:
74:c5:a6:9e:c8:7b:01:d2:c2:ed:b9:f8:f0:69:f0:ad:9b:a3:
0d:e3:41:eb:6c:60:fa:e1:bc:bb:06:26:85:e9:b5:41:4f:47:
2b:80:b3:72:5c:eb:31:47:3b:ec:d2:9a:7c:f5:d6:11:14:c2:
b4:88:18:17:2f:03:8c:63:43:66:5c:b9:76:46:9a:5a:a8:a0:
48:53:0e:b3:13:af:b2:ae:b8:b1:66:c2:87:1d:f5:2d:dc:f4:
32:2c:ad:7f:71:48:46:10:5c:aa:e9:aa:ac:54:58:91:82:01:
c6:74:dd:72:25:4f:b4:3f:e2:c6:b1:a0:37:78:17:cc:ae:2d:
4e:bf:73:90:00:87:0a:8a:9f:a5:6e:ac:6d:d7:71:20:ea:71:
81:f3:38:cf:b4:ae:93:c2:8b:9a:66:03:63:02:b3:48:3f:2c:
a5:84:89:f4:74:46:63:ff:3c:ae:45:32:01:b1:f1:35:64:8e:
ed:d1:6b:9d:03:1f:46:a0:1a:65:c6:db:12:0c:cf:64:87:1d:
ef:3d:a2:8e:9d:14:23:39:29:d2:48:08:54:1a:7d:86:15:55:
80:f7:03:6e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjag7mmVnhDyOIlOPLE6N+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1
M2RjNTkwHhcNMjUwMTAxMTk0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODlmYmQ4ZmFiNTFhNWQyYTRmODYxNGI1NzQ0ODE0ZjU3ZmUzMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodybE48ALH8/YYneuU7e0D0Z9u4z
5DTYNd9nLQNok1pYZo1FrU7sCNGfGtlNMGTiDzvm2K47lx6sJ5h2djBx1U061Bxo
dn2k2/cYa6CO5Rw2IYfszHe57Crf8g2WvpO/+Tb+eI84AeiZzZt8D8b7YU/LEZvL
SVjEMXlNMBWRLqOphNpKpaPpMoGBFo2IZyJZiK0iUi+a02SNGqEGl0x5On3lL9Hn
FVUdAlF7Sluy+2CcLkPmMr0vTnAhaPC0sUad3+6WXrmYFMK7YL2afM4c2Xm4XopO
oy4U5p3SwQ133QNyDuN1cumJNn9LwjHukjn3nkG0b36ylxt9mjHLQU/ExQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMifvY+rUaXSpPhhS1dEgU9X/jCPMB8GA1UdIwQY
MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt
ZmI2OTgzY2U5ZGZmLzEveUotOWo2dFJwZEtrLUdGTFYwU0JUMWYtTUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm
LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAX43xMA0E
AgACMAcDBQAqE3yAMA0GCSqGSIb3DQEBCwUAA4IBAQCRrVFUiY9olK0uW82b0y1H
89Jfvvt76B1IiCVJcySIqYPaHmN0xaaeyHsB0sLtufjwafCtm6MN40HrbGD64by7
BiaF6bVBT0crgLNyXOsxRzvs0pp89dYRFMK0iBgXLwOMY0NmXLl2RppaqKBIUw6z
E6+yrrixZsKHHfUt3PQyLK1/cUhGEFyq6aqsVFiRggHGdN1yJU+0P+LGsaA3eBfM
ri1Ov3OQAIcKip+lbqxt13Eg6nGB8zjPtK6TwouaZgNjArNIPyylhIn0dEZj/zyu
RTIBsfE1ZI7t0WudAx9GoBplxtsSDM9khx3vPaKOnRQjOSnSSAhUGn2GFVWA9wNu
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:37:45 2025 by rpki-client