Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/yQ915PnBb0AETT8XUWRYguXFqig.roa
File: yQ915PnBb0AETT8XUWRYguXFqig.roa (raw, json)
Hash identifier: nz7EtLSXCbJ2FqSnxoUzHpSOieV8SwhtYhgnAe64NsA=
Subject key identifier: C9:0F:75:E4:F9:C1:6F:40:04:4D:3F:17:51:64:58:82:E5:C5:AA:28
Certificate issuer: /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial: 019425FD53A82270ED16682DE68302E7660A
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/yQ915PnBb0AETT8XUWRYguXFqig.roa
Signing time: Thu 02 Jan 2025 07:49:06 +0000
ROA not before: Thu 02 Jan 2025 07:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 45.95.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 18:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:53:a8:22:70:ed:16:68:2d:e6:83:02:e7:66:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Validity
Not Before: Jan 2 07:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c90f75e4f9c16f40044d3f1751645882e5c5aa28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0e:a0:f1:d4:64:73:d2:d6:79:c5:b0:3e:9c:
cf:9b:19:bd:71:ff:15:3a:f0:ae:f4:2d:41:f0:e7:
20:ad:13:6c:0b:ea:87:4b:55:11:30:fa:c7:7a:88:
a2:71:6b:0b:ff:84:62:c1:c7:8d:01:64:9b:4f:7c:
b0:ee:69:ef:6c:d1:31:89:ea:8f:84:5f:c9:5b:1f:
fe:04:00:0f:c8:70:1f:47:2e:d6:05:5f:29:8f:89:
5d:27:3e:23:90:92:4e:10:0c:8a:08:22:f1:5c:02:
12:50:67:4d:91:82:a5:e5:fb:c0:ff:45:da:d3:7b:
c6:65:90:76:fe:a6:01:9b:c9:d7:f7:6f:1a:fe:6e:
c7:e1:3d:19:5d:09:b4:f7:cf:92:c1:9a:e9:14:ec:
c0:fe:ac:12:58:6b:4e:35:f8:2d:41:91:98:34:38:
9d:eb:a5:39:37:bf:fe:1c:e7:f7:03:65:de:a8:95:
67:46:99:ab:d4:c5:9a:02:81:4d:60:e0:8d:1e:e6:
21:6d:c2:df:a0:9d:bd:20:c7:9f:c8:ec:bd:47:a4:
8f:ee:c1:73:43:bf:b0:5c:6d:63:c0:3f:2e:aa:a8:
a2:6c:06:15:14:2c:eb:b0:94:a4:d3:e0:2c:c7:9e:
f7:00:c4:59:23:50:08:8a:24:a9:eb:7f:86:d0:45:
2d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0F:75:E4:F9:C1:6F:40:04:4D:3F:17:51:64:58:82:E5:C5:AA:28
X509v3 Authority Key Identifier:
keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/yQ915PnBb0AETT8XUWRYguXFqig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.207.0/24
Signature Algorithm: sha256WithRSAEncryption
83:5f:12:83:3f:0f:6c:23:f7:c1:a0:16:0e:10:dd:3b:f1:c4:
e9:11:69:c2:6b:9e:e0:31:2b:3d:08:70:ac:e6:5b:1e:27:ec:
0b:46:89:36:f5:aa:1b:de:33:23:50:50:a9:d7:ce:39:80:d6:
ca:5e:72:bf:77:91:86:01:c2:f1:ae:4d:fa:35:00:27:eb:87:
13:b8:0a:28:f2:61:76:b7:8d:ef:d8:b1:21:4e:aa:ad:81:c4:
0a:5d:d8:af:19:0b:65:17:e7:4c:b0:f1:b3:81:27:4c:15:39:
9d:0a:a9:0e:5e:2c:9a:02:6b:09:4d:ad:d1:d6:09:d8:93:ac:
38:10:99:17:0d:70:2b:a0:e8:d4:67:9f:dc:66:c5:d8:af:4b:
26:e0:e3:97:17:d3:d2:bd:59:a2:36:fd:5a:b5:e2:65:ac:39:
38:d1:6d:8b:bb:56:be:7d:1b:24:a2:26:04:50:92:9c:d8:45:
48:05:a8:33:8c:8c:e5:14:fc:5e:66:8b:4f:ba:8d:45:ff:2f:
91:26:5d:07:3c:e3:87:45:4b:b4:95:fe:f7:a1:e8:55:3d:79:
93:03:58:84:7c:32:a4:17:b9:31:fd:15:55:ab:fa:e8:bd:3f:
56:32:d1:10:75:b5:10:2b:a8:45:63:b7:d2:a5:57:98:65:61:
59:b7:3d:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/VOoInDtFmgt5oMC52YKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjUwMTAyMDc0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTBmNzVlNGY5YzE2ZjQwMDQ0ZDNmMTc1MTY0NTg4MmU1YzVhYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA6g8dRkc9LWecWwPpzPmxm9cf8V
OvCu9C1B8OcgrRNsC+qHS1URMPrHeoiicWsL/4RiwceNAWSbT3yw7mnvbNExieqP
hF/JWx/+BAAPyHAfRy7WBV8pj4ldJz4jkJJOEAyKCCLxXAISUGdNkYKl5fvA/0Xa
03vGZZB2/qYBm8nX928a/m7H4T0ZXQm098+SwZrpFOzA/qwSWGtONfgtQZGYNDid
66U5N7/+HOf3A2XeqJVnRpmr1MWaAoFNYOCNHuYhbcLfoJ29IMefyOy9R6SP7sFz
Q7+wXG1jwD8uqqiibAYVFCzrsJSk0+Asx573AMRZI1AIiiSp63+G0EUtrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMkPdeT5wW9ABE0/F1FkWILlxaooMB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEveVE5MTVQbkJiMEFFVFQ4WFVXUllndVhGcWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/PMA0G
CSqGSIb3DQEBCwUAA4IBAQCDXxKDPw9sI/fBoBYOEN078cTpEWnCa57gMSs9CHCs
5lseJ+wLRok29aob3jMjUFCp1845gNbKXnK/d5GGAcLxrk36NQAn64cTuAoo8mF2
t43v2LEhTqqtgcQKXdivGQtlF+dMsPGzgSdMFTmdCqkOXiyaAmsJTa3R1gnYk6w4
EJkXDXAroOjUZ5/cZsXYr0sm4OOXF9PSvVmiNv1ateJlrDk40W2Lu1a+fRskoiYE
UJKc2EVIBagzjIzlFPxeZotPuo1F/y+RJl0HPOOHRUu0lf73oehVPXmTA1iEfDKk
F7kx/RVVq/rovT9WMtEQdbUQK6hFY7fSpVeYZWFZtz1C
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:54:55 2025 by rpki-client