Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/38179c-25ab-4368-8cf8-57e593cf9a4e/1/M5i8YkISarB5GPXJg8viuQxOBB8.roa
File: M5i8YkISarB5GPXJg8viuQxOBB8.roa (raw, json)
Hash identifier: wc++hdMQzReCGtCbcs+1hUl+1/yDSd8FAz1A52maIM0=
Subject key identifier: 33:98:BC:62:42:12:6A:B0:79:18:F5:C9:83:CB:E2:B9:0C:4E:04:1F
Certificate issuer: /CN=2b051ef23060eb51bfd8c79795f6a4daf48a3aa0
Certificate serial: 019422FC2E2D652BE517D7DAEAE430B0F34F
Authority key identifier: 2B:05:1E:F2:30:60:EB:51:BF:D8:C7:97:95:F6:A4:DA:F4:8A:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwUe8jBg61G_2MeXlfak2vSKOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/38179c-25ab-4368-8cf8-57e593cf9a4e/1/M5i8YkISarB5GPXJg8viuQxOBB8.roa
Signing time: Wed 01 Jan 2025 17:48:59 +0000
ROA not before: Wed 01 Jan 2025 17:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 195.234.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 21:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2e:2d:65:2b:e5:17:d7:da:ea:e4:30:b0:f3:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b051ef23060eb51bfd8c79795f6a4daf48a3aa0
Validity
Not Before: Jan 1 17:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3398bc6242126ab07918f5c983cbe2b90c4e041f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:f1:2e:96:51:f2:2f:cb:d6:49:00:11:48:9b:
6a:e7:6f:00:94:f1:59:70:86:df:f2:9a:94:da:2f:
5c:2e:10:84:89:2a:89:eb:9e:f0:0b:6e:60:96:58:
04:91:d4:cc:18:a1:2b:cf:be:c1:5b:95:b7:99:55:
35:de:16:c2:d7:d3:ea:37:46:22:d3:92:fe:b6:11:
8f:f1:7e:71:a6:59:14:d8:ec:00:6c:40:65:de:49:
62:1c:bc:99:c9:aa:c6:dd:92:2d:e5:3d:a8:c0:47:
18:0f:25:06:bb:9e:0c:ad:5d:18:6e:23:bc:38:1c:
2e:32:41:b8:f7:43:46:ec:09:a5:9f:e3:ab:98:12:
19:47:c6:ff:70:50:9c:b3:a1:28:19:ef:0f:e8:b1:
15:de:27:69:52:a5:ef:e9:45:59:6d:a1:93:97:be:
6b:41:ca:da:d5:70:17:7a:2a:de:77:91:6f:b8:3f:
46:2c:1a:c6:23:c2:71:2f:0b:db:ce:08:9d:69:61:
9d:a8:92:0c:30:a0:cf:7b:91:96:86:c8:a8:df:08:
1b:34:b6:ed:fa:4e:eb:4a:3b:37:87:65:a0:9a:9d:
59:bf:8e:92:38:a0:22:8f:55:b4:19:af:30:0d:94:
f9:e5:f5:72:57:0c:28:07:21:32:bf:c9:4e:5f:3a:
15:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:98:BC:62:42:12:6A:B0:79:18:F5:C9:83:CB:E2:B9:0C:4E:04:1F
X509v3 Authority Key Identifier:
keyid:2B:05:1E:F2:30:60:EB:51:BF:D8:C7:97:95:F6:A4:DA:F4:8A:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwUe8jBg61G_2MeXlfak2vSKOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/38179c-25ab-4368-8cf8-57e593cf9a4e/1/M5i8YkISarB5GPXJg8viuQxOBB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/38179c-25ab-4368-8cf8-57e593cf9a4e/1/KwUe8jBg61G_2MeXlfak2vSKOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.153.0/24
Signature Algorithm: sha256WithRSAEncryption
19:32:6c:73:e6:35:55:ee:05:73:b7:fb:54:61:67:de:68:ae:
8b:af:26:bf:bd:29:a7:c7:7e:e1:ae:d5:47:7d:10:f1:55:dd:
fa:1f:37:ef:be:8a:fc:b7:bf:8b:47:48:31:98:10:74:c3:ae:
db:c0:1d:49:7e:43:92:47:1f:f8:0d:3c:97:71:79:69:d6:31:
54:7d:e2:b8:0f:b1:3f:4d:1b:0b:ce:a5:f2:3d:bb:4a:44:1b:
70:e8:a4:94:26:d9:7e:48:d4:c3:53:84:6c:06:42:04:63:51:
e3:41:cb:3b:67:fc:a9:1c:e6:65:37:11:04:9a:e3:9c:81:52:
f3:01:b3:7b:7a:cf:c4:53:91:38:9c:1a:57:ed:93:c4:67:19:
e8:f8:25:c5:98:05:b6:89:ae:4c:d5:1b:90:3f:b1:6a:3d:aa:
b5:26:63:c2:56:dd:bd:9f:45:a5:43:09:96:dc:c6:14:e0:f0:
87:d7:66:08:88:e1:ae:a3:41:7b:c4:8f:22:c9:9f:6d:0a:71:
c3:1e:30:4d:54:ca:1d:f6:0a:59:ee:1d:fb:0f:8d:6e:8e:fb:
4e:ec:07:e1:ee:37:13:60:76:0a:bb:84:d7:f2:a2:97:7e:ce:
04:f9:4e:ec:f0:6d:0a:45:a1:7e:cb:37:c7:84:4d:b8:53:9e:
fd:4e:e6:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/C4tZSvlF9fa6uQwsPNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMDUxZWYyMzA2MGViNTFiZmQ4Yzc5Nzk1ZjZhNGRhZjQ4
YTNhYTAwHhcNMjUwMTAxMTc0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzk4YmM2MjQyMTI2YWIwNzkxOGY1Yzk4M2NiZTJiOTBjNGUwNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8fEullHyL8vWSQARSJtq528AlPFZ
cIbf8pqU2i9cLhCEiSqJ657wC25gllgEkdTMGKErz77BW5W3mVU13hbC19PqN0Yi
05L+thGP8X5xplkU2OwAbEBl3kliHLyZyarG3ZIt5T2owEcYDyUGu54MrV0YbiO8
OBwuMkG490NG7Amln+OrmBIZR8b/cFCcs6EoGe8P6LEV3idpUqXv6UVZbaGTl75r
Qcra1XAXeired5FvuD9GLBrGI8JxLwvbzgidaWGdqJIMMKDPe5GWhsio3wgbNLbt
+k7rSjs3h2Wgmp1Zv46SOKAij1W0Ga8wDZT55fVyVwwoByEyv8lOXzoV8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDOYvGJCEmqweRj1yYPL4rkMTgQfMB8GA1UdIwQY
MBaAFCsFHvIwYOtRv9jHl5X2pNr0ijqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3dVZThqQmc2MUdfMk1lWGxmYWsydlNLT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zODE3OWMtMjVhYi00MzY4LThjZjgt
NTdlNTkzY2Y5YTRlLzEvTTVpOFlrSVNhckI1R1BYSmc4dml1UXhPQkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8zODE3OWMtMjVhYi00MzY4LThjZjgtNTdlNTkzY2Y5YTRl
LzEvS3dVZThqQmc2MUdfMk1lWGxmYWsydlNLT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qZMA0G
CSqGSIb3DQEBCwUAA4IBAQAZMmxz5jVV7gVzt/tUYWfeaK6Lrya/vSmnx37hrtVH
fRDxVd36Hzfvvor8t7+LR0gxmBB0w67bwB1JfkOSRx/4DTyXcXlp1jFUfeK4D7E/
TRsLzqXyPbtKRBtw6KSUJtl+SNTDU4RsBkIEY1HjQcs7Z/ypHOZlNxEEmuOcgVLz
AbN7es/EU5E4nBpX7ZPEZxno+CXFmAW2ia5M1RuQP7FqPaq1JmPCVt29n0WlQwmW
3MYU4PCH12YIiOGuo0F7xI8iyZ9tCnHDHjBNVMod9gpZ7h37D41ujvtO7Afh7jcT
YHYKu4TX8qKXfs4E+U7s8G0KRaF+yzfHhE24U579TubQ
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:33 2025 by rpki-client