Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/eaDI5sSuDGhQybRare7MldX7fRw.roa
File: eaDI5sSuDGhQybRare7MldX7fRw.roa (raw, json)
Hash identifier: KPjkyaHmRbP7BEx6AzhtTet44vbCO+pB+pcVeGbUCzI=
Subject key identifier: 79:A0:C8:E6:C4:AE:0C:68:50:C9:B4:5A:AD:EE:CC:95:D5:FB:7D:1C
Certificate issuer: /CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Certificate serial: 0194B705A0877294D126A2AAEC7F94E32C7D
Authority key identifier: D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/eaDI5sSuDGhQybRare7MldX7fRw.roa
Signing time: Thu 30 Jan 2025 11:43:06 +0000
ROA not before: Thu 30 Jan 2025 11:43:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20661
IP address blocks: 95.85.96.0/19 maxlen: 24
95.85.96.0/24 maxlen: 24
95.85.98.0/24 maxlen: 24
95.85.99.0/24 maxlen: 24
95.85.100.0/22 maxlen: 22
95.85.100.0/24 maxlen: 24
95.85.101.0/24 maxlen: 24
95.85.104.0/22 maxlen: 22
95.85.104.0/24 maxlen: 24
95.85.121.0/24 maxlen: 24
103.220.0.0/22 maxlen: 22
119.235.112.0/20 maxlen: 20
177.93.143.0/24 maxlen: 24
185.69.184.0/24 maxlen: 24
216.250.8.0/21 maxlen: 21
217.174.224.0/20 maxlen: 24
2a05:2180::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 Jan 2025 16:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:05:a0:87:72:94:d1:26:a2:aa:ec:7f:94:e3:2c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Validity
Not Before: Jan 30 11:43:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79a0c8e6c4ae0c6850c9b45aadeecc95d5fb7d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:15:fc:8a:30:0a:13:49:47:b2:f6:0f:59:59:
37:79:18:4c:ae:49:c1:37:94:a3:cd:85:c0:48:29:
18:40:fb:d0:13:e7:ae:0f:72:d6:cb:98:5c:dc:ed:
af:82:87:47:96:5b:4f:d1:1a:51:2b:83:56:73:31:
78:4a:09:4a:36:f5:ec:1d:a4:18:bc:14:be:03:dc:
c9:1c:36:f8:ce:31:c7:c0:4f:c6:23:7c:ae:09:a9:
d6:a2:d3:f7:13:df:7a:ab:ad:49:46:16:90:b2:d4:
d4:cf:6e:d6:a7:0d:12:d1:16:bc:e1:0a:22:b9:0a:
89:55:7e:18:ed:5d:cb:9a:9d:f8:81:2b:ae:11:d7:
8f:5a:60:44:23:a8:73:aa:b7:7a:fb:a4:b8:b2:52:
ef:1e:dd:39:0a:ba:33:f4:b5:13:11:cb:0d:ec:f4:
ed:a2:30:f5:d1:19:17:3d:59:74:1f:5e:58:cb:a3:
63:55:d5:fb:d2:42:37:97:10:80:05:73:ad:31:10:
23:68:14:9a:40:6f:32:99:c7:83:17:8c:52:c5:1e:
d5:fa:ff:97:1f:b9:a7:bd:76:33:a6:63:2d:9d:b1:
ca:08:ff:7c:a3:62:6a:7f:bc:d1:04:39:8f:8d:f1:
7e:49:26:9f:f1:87:32:42:af:d6:21:16:98:64:c0:
b9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A0:C8:E6:C4:AE:0C:68:50:C9:B4:5A:AD:EE:CC:95:D5:FB:7D:1C
X509v3 Authority Key Identifier:
keyid:D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/eaDI5sSuDGhQybRare7MldX7fRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.96.0/19
103.220.0.0/22
119.235.112.0/20
177.93.143.0/24
185.69.184.0/24
216.250.8.0/21
217.174.224.0/20
IPv6:
2a05:2180::/29
Signature Algorithm: sha256WithRSAEncryption
22:39:29:f1:f6:77:dd:b0:5f:5b:f4:54:63:78:fd:1e:55:71:
91:f6:cf:dc:a8:10:5b:46:52:97:c2:5c:84:11:01:fc:f3:dc:
99:7a:ed:af:fe:af:17:bc:e5:61:6e:07:03:f0:a8:f8:dd:f9:
f4:41:4f:9e:06:56:e3:89:b9:78:2d:7b:ee:9f:d0:4f:94:77:
c2:11:4b:10:d7:86:d1:dc:66:0e:41:5c:4c:f8:1f:78:43:52:
cd:4e:c2:0c:7f:45:1e:25:25:db:e2:5b:f2:c7:11:13:1b:3d:
be:80:1c:08:b6:55:15:8f:fe:e8:87:a5:4f:19:a7:33:dd:06:
84:ef:35:d3:33:fd:c8:c3:a5:37:2a:75:58:a6:06:f1:b1:70:
0e:18:11:44:49:0f:43:c4:fa:1e:ea:62:9c:5b:35:29:36:1a:
90:40:b9:3b:15:4d:02:c4:75:60:ee:fb:9e:63:23:34:00:ce:
14:20:2d:5b:e4:98:98:0d:f1:61:1d:97:26:7a:4a:9d:f9:83:
b8:a9:14:cc:d4:04:43:0d:38:18:44:e8:a6:be:c1:d3:31:2f:
f7:a9:45:af:5f:d3:54:96:19:64:23:c0:13:2a:54:63:fc:4e:
88:f6:37:13:87:47:8e:bc:47:71:09:17:73:76:1e:52:f7:1f:
c8:1c:be:6b
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZS3BaCHcpTRJqKq7H+U4yx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjlmYTdiOTQ0ZjdlN2M2MGQ3M2VmMTBiNzc2ZmMyNzk5
NWE0ZWQwHhcNMjUwMTMwMTE0MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWEwYzhlNmM0YWUwYzY4NTBjOWI0NWFhZGVlY2M5NWQ1ZmI3ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBX8ijAKE0lHsvYPWVk3eRhMrknB
N5SjzYXASCkYQPvQE+euD3LWy5hc3O2vgodHlltP0RpRK4NWczF4SglKNvXsHaQY
vBS+A9zJHDb4zjHHwE/GI3yuCanWotP3E996q61JRhaQstTUz27Wpw0S0Ra84Qoi
uQqJVX4Y7V3Lmp34gSuuEdePWmBEI6hzqrd6+6S4slLvHt05Croz9LUTEcsN7PTt
ojD10RkXPVl0H15Yy6NjVdX70kI3lxCABXOtMRAjaBSaQG8ymceDF4xSxR7V+v+X
H7mnvXYzpmMtnbHKCP98o2Jqf7zRBDmPjfF+SSaf8YcyQq/WIRaYZMC5uwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHmgyObErgxoUMm0Wq3uzJXV+30cMB8GA1UdIwQY
MBaAFNn5+nuUT358YNc+8Qt3b8J5laTtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUt
MDhiZjIyZjY0MDk3LzEvZWFESTVzU3VER2hReWJSYXJlN01sZFg3ZlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUtMDhiZjIyZjY0MDk3
LzEvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFX1VgAwQC
Z9wAAwQEd+twAwQAsV2PAwQAuUW4AwQD2PoIAwQE2a7gMA0EAgACMAcDBQMqBSGA
MA0GCSqGSIb3DQEBCwUAA4IBAQAiOSnx9nfdsF9b9FRjeP0eVXGR9s/cqBBbRlKX
wlyEEQH889yZeu2v/q8XvOVhbgcD8Kj43fn0QU+eBlbjibl4LXvun9BPlHfCEUsQ
14bR3GYOQVxM+B94Q1LNTsIMf0UeJSXb4lvyxxETGz2+gBwItlUVj/7oh6VPGacz
3QaE7zXTM/3Iw6U3KnVYpgbxsXAOGBFESQ9DxPoe6mKcWzUpNhqQQLk7FU0CxHVg
7vueYyM0AM4UIC1b5JiYDfFhHZcmekqd+YO4qRTM1ARDDTgYROimvsHTMS/3qUWv
X9NUlhlkI8ATKlRj/E6I9jcTh0eOvEdxCRdzdh5S9x/IHL5r
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:55 2025 by rpki-client