Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/AAx6I9JIlU7lr_xm6S2-YNIFliY.roa
File: AAx6I9JIlU7lr_xm6S2-YNIFliY.roa (raw, json)
Hash identifier: 7QakQkDimnx9HutYaEvdDRLEHOV6yqMWFZZUz3Xhbmk=
Subject key identifier: 00:0C:7A:23:D2:48:95:4E:E5:AF:FC:66:E9:2D:BE:60:D2:05:96:26
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0193CFA429A78A530D24AFBE5049D46150D0
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/AAx6I9JIlU7lr_xm6S2-YNIFliY.roa
Signing time: Mon 16 Dec 2024 13:24:22 +0000
ROA not before: Mon 16 Dec 2024 13:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39598
IP address blocks: 95.161.0.0/18 maxlen: 24
95.161.95.0/24 maxlen: 24
95.161.248.0/21 maxlen: 21
95.161.250.0/24 maxlen: 24
2a00:11d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 16 Dec 2024 14:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:a4:29:a7:8a:53:0d:24:af:be:50:49:d4:61:50:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Dec 16 13:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=000c7a23d248954ee5affc66e92dbe60d2059626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5a:f6:a2:24:73:f3:bc:78:18:0e:c3:e6:1b:
d6:5a:4b:59:aa:41:e1:92:06:e2:10:70:13:80:b6:
3c:2e:dc:d0:60:a6:aa:a2:c4:2a:35:30:4c:88:e4:
3b:bc:a0:68:bf:67:13:d3:0a:fe:e1:40:0b:71:ea:
ea:b1:4f:81:2d:b6:d2:31:4d:90:a3:22:4b:90:76:
1b:01:e2:03:1b:b3:9c:84:94:6d:6a:2d:71:b2:63:
66:fc:99:4b:76:99:4a:60:f9:f0:31:ee:3a:0c:14:
f4:c0:f4:49:77:f0:49:5f:81:95:e3:9d:e6:76:9b:
25:19:38:74:c4:10:5c:f5:b7:e5:61:d8:30:02:cf:
a8:22:9d:67:c8:ff:e3:6e:f7:02:18:3a:59:2b:af:
d3:de:44:2b:d0:87:8a:77:50:17:f3:a6:05:25:4a:
19:6e:0d:fb:07:3f:90:80:ba:1a:1e:8d:f1:a3:92:
29:4a:80:95:37:54:d9:ac:3e:69:9e:8a:d7:5b:4c:
40:a0:fe:5f:7d:21:ab:c9:74:ad:3e:70:0e:cb:17:
db:f9:90:cf:7b:84:04:bd:9d:bb:f3:cf:39:c9:9d:
59:5a:ad:73:d2:76:5b:74:22:10:ff:09:70:ac:54:
e0:46:e1:f4:45:b7:01:04:45:3d:2f:a6:55:3b:2e:
b3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:0C:7A:23:D2:48:95:4E:E5:AF:FC:66:E9:2D:BE:60:D2:05:96:26
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/AAx6I9JIlU7lr_xm6S2-YNIFliY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.161.0.0/18
95.161.95.0/24
95.161.248.0/21
IPv6:
2a00:11d8::/32
Signature Algorithm: sha256WithRSAEncryption
9c:d2:3c:b3:13:ca:62:b4:73:3b:d4:73:f1:39:bf:c0:92:4d:
49:62:15:ba:a9:ca:c6:82:7e:6b:7d:45:af:e0:42:f2:b0:75:
20:3c:78:da:44:3c:a9:85:5a:6d:36:49:8f:d8:e3:be:42:5e:
7a:9e:e7:94:52:c6:36:f4:a7:6f:62:06:74:35:f4:81:9d:c5:
99:c8:2c:54:82:7a:1b:bc:5e:2f:ca:c7:81:95:fb:0d:0f:b9:
e3:56:e1:1a:d7:7e:4e:a4:54:6c:30:6d:ae:80:10:49:80:63:
c7:d4:2b:a2:2d:82:30:f8:9b:b9:fa:05:03:18:84:20:be:b8:
03:aa:a9:3b:49:86:c7:ff:5c:8e:a6:72:6c:ff:bc:da:a5:6b:
8d:a9:96:43:36:34:d7:a2:1a:a7:f1:ca:9d:43:d4:8c:a3:ef:
b2:e8:c9:c1:4b:fd:a1:97:3c:29:e4:be:54:af:61:4e:5d:da:
96:8f:17:38:b1:22:9c:4d:6c:0c:16:66:bf:50:19:43:b4:fa:
29:50:a5:fd:ce:3d:d7:5e:4e:cc:77:c0:57:07:f7:8b:b8:36:
48:f8:6e:b1:89:ba:e9:f7:f9:16:51:49:87:52:ef:2c:06:64:
1e:84:33:ee:23:43:12:1a:ee:f2:e7:a0:30:fc:88:0f:2f:17:
44:8e:b2:12
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZPPpCmnilMNJK++UEnUYVDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQxMjE2MTMyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDBjN2EyM2QyNDg5NTRlZTVhZmZjNjZlOTJkYmU2MGQyMDU5NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlr2oiRz87x4GA7D5hvWWktZqkHh
kgbiEHATgLY8LtzQYKaqosQqNTBMiOQ7vKBov2cT0wr+4UALcerqsU+BLbbSMU2Q
oyJLkHYbAeIDG7OchJRtai1xsmNm/JlLdplKYPnwMe46DBT0wPRJd/BJX4GV453m
dpslGTh0xBBc9bflYdgwAs+oIp1nyP/jbvcCGDpZK6/T3kQr0IeKd1AX86YFJUoZ
bg37Bz+QgLoaHo3xo5IpSoCVN1TZrD5pnorXW0xAoP5ffSGryXStPnAOyxfb+ZDP
e4QEvZ278885yZ1ZWq1z0nZbdCIQ/wlwrFTgRuH0RbcBBEU9L6ZVOy6ztQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAAMeiPSSJVO5a/8ZuktvmDSBZYmMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvQUF4Nkk5SklsVTdscl94bTZTMi1ZTklGbGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGX6EAAwQA
X6FfAwQDX6H4MA0EAgACMAcDBQAqABHYMA0GCSqGSIb3DQEBCwUAA4IBAQCc0jyz
E8pitHM71HPxOb/Akk1JYhW6qcrGgn5rfUWv4ELysHUgPHjaRDyphVptNkmP2OO+
Ql56nueUUsY29KdvYgZ0NfSBncWZyCxUgnobvF4vyseBlfsND7njVuEa135OpFRs
MG2ugBBJgGPH1CuiLYIw+Ju5+gUDGIQgvrgDqqk7SYbH/1yOpnJs/7zapWuNqZZD
NjTXohqn8cqdQ9SMo++y6MnBS/2hlzwp5L5Ur2FOXdqWjxc4sSKcTWwMFma/UBlD
tPopUKX9zj3XXk7Md8BXB/eLuDZI+G6xibrp9/kWUUmHUu8sBmQehDPuI0MSGu7y
56Aw/IgPLxdEjrIS
-----END CERTIFICATE-----
Generated at Thu Jun 12 15:13:43 2025 by rpki-client