Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/445228-b442-4e16-ad69-8ffddb5e3c26/1/r2dYrZHtGTQ0NF85vip67Eql_2Q.roa
File: r2dYrZHtGTQ0NF85vip67Eql_2Q.roa (raw, json)
Hash identifier: atLJUMpLraJTtmotnViwjmvBz9ssx2o+kUkr6/t1Y1E=
Subject key identifier: AF:67:58:AD:91:ED:19:34:34:34:5F:39:BE:2A:7A:EC:4A:A5:FF:64
Certificate issuer: /CN=6417b1e13d32ed3a64a7c3522751623eefabe5f3
Certificate serial: 018E3D0B283E3C2EEA10EEC63EB953EC5BC0
Authority key identifier: 64:17:B1:E1:3D:32:ED:3A:64:A7:C3:52:27:51:62:3E:EF:AB:E5:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBex4T0y7Tpkp8NSJ1FiPu-r5fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/445228-b442-4e16-ad69-8ffddb5e3c26/1/r2dYrZHtGTQ0NF85vip67Eql_2Q.roa
Signing time: Thu 14 Mar 2024 12:58:45 +0000
ROA not before: Thu 14 Mar 2024 12:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8775
IP address blocks: 195.69.156.0/22 maxlen: 22
195.69.156.0/24 maxlen: 24
195.69.157.0/24 maxlen: 24
195.69.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:0b:28:3e:3c:2e:ea:10:ee:c6:3e:b9:53:ec:5b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6417b1e13d32ed3a64a7c3522751623eefabe5f3
Validity
Not Before: Mar 14 12:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af6758ad91ed193434345f39be2a7aec4aa5ff64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6d:23:69:fd:0f:76:ba:ee:d9:bf:2b:37:33:
98:6f:37:c2:fb:3d:48:b7:8b:f4:46:b9:df:e9:89:
6a:15:1e:26:d9:7b:52:fb:c9:f9:31:3e:e7:c6:1b:
07:d5:db:fe:c6:09:4e:46:54:68:e1:6a:e8:13:c1:
2e:ca:d7:d7:38:2c:f5:2a:29:e3:47:2a:8e:9e:88:
05:85:23:75:3f:71:53:5c:37:78:a8:fd:0c:eb:48:
87:69:9a:3b:44:e5:fb:bb:a7:3c:46:a3:25:fd:f6:
5f:a3:ce:9b:2d:3b:5b:53:9a:cd:07:9a:03:3f:ce:
37:33:4c:c4:31:66:d2:01:a6:65:6f:cd:d1:dd:d1:
61:1a:90:06:dd:4b:4f:37:4f:42:a5:0a:82:30:1c:
62:d6:41:e6:6e:0a:bc:5e:e9:ea:36:a4:7c:06:5c:
68:7b:f7:9f:11:83:93:69:96:50:d5:e8:48:a8:e7:
e2:1e:47:2b:f5:ec:d5:1a:fa:1a:be:fa:30:d0:a2:
9e:48:ed:70:f2:d4:1a:ac:c4:d8:c9:85:d7:76:3f:
cf:7d:fa:f9:e8:21:3d:2d:d8:9d:eb:61:6c:73:cc:
aa:6b:1b:7b:44:9f:bb:f0:7d:90:6a:3f:14:72:b2:
5a:63:1e:89:09:5e:91:c8:f8:2f:e6:e1:8d:3b:d0:
97:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:67:58:AD:91:ED:19:34:34:34:5F:39:BE:2A:7A:EC:4A:A5:FF:64
X509v3 Authority Key Identifier:
keyid:64:17:B1:E1:3D:32:ED:3A:64:A7:C3:52:27:51:62:3E:EF:AB:E5:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBex4T0y7Tpkp8NSJ1FiPu-r5fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/445228-b442-4e16-ad69-8ffddb5e3c26/1/r2dYrZHtGTQ0NF85vip67Eql_2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/445228-b442-4e16-ad69-8ffddb5e3c26/1/ZBex4T0y7Tpkp8NSJ1FiPu-r5fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.69.156.0/22
Signature Algorithm: sha256WithRSAEncryption
92:41:17:d7:ed:92:a1:9e:20:f7:54:ee:bc:99:89:ce:be:21:
85:5c:73:b0:3d:79:e9:4a:6b:a1:9c:d2:17:1c:58:24:a9:a3:
a2:3a:d0:e0:0d:34:d3:ec:fa:cd:b6:5c:7f:96:c4:da:76:8f:
09:0a:40:db:63:f0:ab:81:3d:e8:cd:71:d2:00:a9:a8:42:7c:
03:42:ec:56:55:f1:7a:20:a3:e4:b1:ea:8a:94:7f:f6:d2:8e:
4f:ad:6a:87:49:ed:ab:7a:31:cd:7f:af:cb:21:4a:5d:f4:71:
e6:75:3f:75:a3:d8:1e:60:a9:17:b4:2f:71:41:20:01:1a:cb:
68:98:6f:ab:08:1b:d0:ba:b4:ff:27:87:70:c0:60:d8:ca:04:
c3:17:e9:59:25:d2:fb:33:cd:c0:40:55:f5:d3:8a:53:de:9d:
c1:bb:6a:aa:ab:c2:cd:54:1b:dc:87:bc:af:a4:fc:7e:4b:01:
88:12:63:d0:e6:ee:a3:37:e3:8b:e4:fc:bc:2e:ae:bc:8c:d7:
a6:87:56:aa:3a:16:7f:ef:2b:c5:7c:1b:d6:60:88:45:95:4a:
4e:8d:af:b6:1a:ea:4d:22:cd:c5:ac:c8:2a:8b:72:69:bb:aa:
a9:24:c6:36:98:86:3e:f8:3d:ed:de:85:bf:8c:f4:5c:0a:3d:
a9:3f:eb:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY49Cyg+PC7qEO7GPrlT7FvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTdiMWUxM2QzMmVkM2E2NGE3YzM1MjI3NTE2MjNlZWZh
YmU1ZjMwHhcNMjQwMzE0MTI1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY3NThhZDkxZWQxOTM0MzQzNDVmMzliZTJhN2FlYzRhYTVmZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqW0jaf0Pdrru2b8rNzOYbzfC+z1I
t4v0Rrnf6YlqFR4m2XtS+8n5MT7nxhsH1dv+xglORlRo4WroE8EuytfXOCz1Kinj
RyqOnogFhSN1P3FTXDd4qP0M60iHaZo7ROX7u6c8RqMl/fZfo86bLTtbU5rNB5oD
P843M0zEMWbSAaZlb83R3dFhGpAG3UtPN09CpQqCMBxi1kHmbgq8XunqNqR8Blxo
e/efEYOTaZZQ1ehIqOfiHkcr9ezVGvoavvow0KKeSO1w8tQarMTYyYXXdj/Pffr5
6CE9Ldid62Fsc8yqaxt7RJ+78H2Qaj8UcrJaYx6JCV6RyPgv5uGNO9CXlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9nWK2R7Rk0NDRfOb4qeuxKpf9kMB8GA1UdIwQY
MBaAFGQXseE9Mu06ZKfDUidRYj7vq+XzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJleDRUMHk3VHBrcDhOU0oxRmlQdS1yNWZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS80NDUyMjgtYjQ0Mi00ZTE2LWFkNjkt
OGZmZGRiNWUzYzI2LzEvcjJkWXJaSHRHVFEwTkY4NXZpcDY3RXFsXzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS80NDUyMjgtYjQ0Mi00ZTE2LWFkNjktOGZmZGRiNWUzYzI2
LzEvWkJleDRUMHk3VHBrcDhOU0oxRmlQdS1yNWZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw0WcMA0G
CSqGSIb3DQEBCwUAA4IBAQCSQRfX7ZKhniD3VO68mYnOviGFXHOwPXnpSmuhnNIX
HFgkqaOiOtDgDTTT7PrNtlx/lsTado8JCkDbY/CrgT3ozXHSAKmoQnwDQuxWVfF6
IKPkseqKlH/20o5PrWqHSe2rejHNf6/LIUpd9HHmdT91o9geYKkXtC9xQSABGsto
mG+rCBvQurT/J4dwwGDYygTDF+lZJdL7M83AQFX104pT3p3Bu2qqq8LNVBvch7yv
pPx+SwGIEmPQ5u6jN+OL5Py8Lq68jNemh1aqOhZ/7yvFfBvWYIhFlUpOja+2GupN
Is3FrMgqi3Jpu6qpJMY2mIY++D3t3oW/jPRcCj2pP+vM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:02 2025 by rpki-client