Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/PAz4SioALSvhhlMrI14arT3PI7A.roa
File: PAz4SioALSvhhlMrI14arT3PI7A.roa (raw, json)
Hash identifier: RMp0yqLgZvRZXdKCsLtf71pvMnKhNvzBEWcKQXXNFqs=
Subject key identifier: 3C:0C:F8:4A:2A:00:2D:2B:E1:86:53:2B:23:5E:1A:AD:3D:CF:23:B0
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01956A2143F1E2A06D5DF69CF6888260002E
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/PAz4SioALSvhhlMrI14arT3PI7A.roa
Signing time: Thu 06 Mar 2025 06:25:19 +0000
ROA not before: Thu 06 Mar 2025 06:25:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16589
IP address blocks: 185.95.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 11:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:21:43:f1:e2:a0:6d:5d:f6:9c:f6:88:82:60:00:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 6 06:25:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c0cf84a2a002d2be186532b235e1aad3dcf23b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:91:e3:e0:5a:6d:0b:e6:7c:96:1c:54:cd:ff:
09:53:e2:3f:10:b5:c7:1f:27:1e:53:aa:ae:6b:58:
21:74:4e:66:bc:9f:cf:47:0f:72:7f:bf:bd:1a:09:
65:5d:f0:ce:41:40:69:ba:2f:9d:b7:ba:d8:30:94:
a4:0b:86:af:eb:43:23:43:48:b6:65:42:75:18:62:
bf:59:6d:e0:1b:9e:d4:e1:41:59:ff:bb:91:96:2d:
46:0f:6d:44:4c:ac:54:8c:35:c2:47:ff:cf:21:17:
27:d8:9c:d8:a7:ef:5f:df:61:3c:de:4a:2b:52:c1:
fd:b9:07:d7:3d:40:c9:17:cd:93:06:ad:a5:c9:f1:
41:3f:22:20:18:1d:2e:84:ad:0d:d1:2f:b1:03:aa:
44:97:d5:9a:ec:83:40:00:14:03:6c:2d:28:da:ab:
1a:3c:26:32:e2:84:9b:74:68:02:b2:9a:33:04:54:
db:f7:d3:0b:ab:a2:3b:8c:7f:fb:14:03:61:d0:89:
cf:18:9e:58:86:24:8c:36:65:de:36:7a:3d:d2:c4:
87:c2:e2:72:4f:2e:5c:96:e6:81:b6:bd:94:8c:1c:
b2:0b:c4:0b:8f:07:e5:53:b8:3a:68:6a:34:0d:64:
8a:ac:67:68:eb:3c:8f:3b:46:fa:9b:ab:32:79:28:
85:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:0C:F8:4A:2A:00:2D:2B:E1:86:53:2B:23:5E:1A:AD:3D:CF:23:B0
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/PAz4SioALSvhhlMrI14arT3PI7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.156.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:77:0e:81:77:0e:7c:ff:81:e6:f8:c2:eb:84:f4:d1:80:d8:
48:9f:85:74:b6:3b:89:2b:ed:cf:58:df:a4:2b:9b:19:1b:25:
c6:b6:47:8c:83:6a:86:04:64:68:13:9b:25:64:4d:18:e3:f5:
2c:ef:ca:30:e2:55:bc:1d:94:ec:94:b6:62:e1:17:1b:96:24:
2a:38:3c:29:d9:74:d1:3b:3c:dd:8d:cb:14:f3:80:97:f8:23:
b6:b1:46:7b:f1:e0:4a:e0:b7:f3:8d:f1:70:bc:25:e5:96:37:
11:48:d9:27:b8:93:69:f0:47:50:da:71:82:00:b7:99:6d:54:
f1:85:37:74:36:e6:2c:17:75:4d:ff:31:17:32:bc:c9:5f:d8:
44:38:a5:64:f7:89:6f:05:33:a8:25:a6:38:6a:f6:37:2e:15:
28:b7:57:5c:e6:a8:ae:e7:f6:a4:9f:46:41:f4:28:0a:23:81:
82:e5:02:20:5d:80:9d:50:e6:44:3b:ab:ac:45:86:7f:cd:0f:
be:92:c6:27:34:a6:73:19:aa:03:e1:b0:3f:17:b3:19:72:88:
00:64:d3:7a:0d:b4:df:b9:7d:03:25:af:c0:4e:49:e6:cc:fb:
a0:99:bf:fb:0a:60:f6:f1:55:14:43:be:59:1f:00:b6:b3:82:
e8:99:e6:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVqIUPx4qBtXfac9oiCYAAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzA2MDYyNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzBjZjg0YTJhMDAyZDJiZTE4NjUzMmIyMzVlMWFhZDNkY2YyM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZHj4FptC+Z8lhxUzf8JU+I/ELXH
HyceU6qua1ghdE5mvJ/PRw9yf7+9GgllXfDOQUBpui+dt7rYMJSkC4av60MjQ0i2
ZUJ1GGK/WW3gG57U4UFZ/7uRli1GD21ETKxUjDXCR//PIRcn2JzYp+9f32E83kor
UsH9uQfXPUDJF82TBq2lyfFBPyIgGB0uhK0N0S+xA6pEl9Wa7INAABQDbC0o2qsa
PCYy4oSbdGgCspozBFTb99MLq6I7jH/7FANh0InPGJ5YhiSMNmXeNno90sSHwuJy
Ty5cluaBtr2UjByyC8QLjwflU7g6aGo0DWSKrGdo6zyPO0b6m6syeSiFRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwM+EoqAC0r4YZTKyNeGq09zyOwMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvUEF6NFNpb0FMU3ZoaGxNckkxNGFyVDNQSTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV+cMA0G
CSqGSIb3DQEBCwUAA4IBAQDBdw6Bdw58/4Hm+MLrhPTRgNhIn4V0tjuJK+3PWN+k
K5sZGyXGtkeMg2qGBGRoE5slZE0Y4/Us78ow4lW8HZTslLZi4RcbliQqODwp2XTR
OzzdjcsU84CX+CO2sUZ78eBK4LfzjfFwvCXlljcRSNknuJNp8EdQ2nGCALeZbVTx
hTd0NuYsF3VN/zEXMrzJX9hEOKVk94lvBTOoJaY4avY3LhUot1dc5qiu5/akn0ZB
9CgKI4GC5QIgXYCdUOZEO6usRYZ/zQ++ksYnNKZzGaoD4bA/F7MZcogAZNN6DbTf
uX0DJa/ATknmzPugmb/7CmD28VUUQ75ZHwC2s4LomeYr
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:28:23 2025 by rpki-client