Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/EdP08__TkhKwRKEZNyaNe1W78z0.roa
File: EdP08__TkhKwRKEZNyaNe1W78z0.roa (raw, json)
Hash identifier: 2ZlcpouEJskzzT4q3h7hzu8ybCnAv04Pr723cNx05qw=
Subject key identifier: 11:D3:F4:F3:FF:D3:92:12:B0:44:A1:19:37:26:8D:7B:55:BB:F3:3D
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0194FA34A8CD0FB8708CDAFCD8CACE3BAB6E
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/EdP08__TkhKwRKEZNyaNe1W78z0.roa
Signing time: Wed 12 Feb 2025 12:49:02 +0000
ROA not before: Wed 12 Feb 2025 12:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39598
IP address blocks: 95.161.248.0/21 maxlen: 21
95.161.250.0/24 maxlen: 24
2a00:11d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Feb 2025 15:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:34:a8:cd:0f:b8:70:8c:da:fc:d8:ca:ce:3b:ab:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Feb 12 12:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11d3f4f3ffd39212b044a11937268d7b55bbf33d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:17:b7:49:2e:52:ed:10:90:0c:0a:6b:c0:ae:
ef:da:de:6b:63:56:29:af:e9:26:28:b7:8f:e1:92:
f3:7b:06:df:82:8f:24:a7:ad:d2:51:40:61:7a:5c:
c6:56:2a:91:d7:40:50:9a:5c:1f:b0:a6:2b:20:61:
e9:74:d9:20:4b:f3:1e:35:fd:b0:2e:88:31:45:01:
ae:ba:35:0e:3a:0d:d9:7f:2d:ee:c6:15:da:c2:42:
a7:07:9c:b8:d3:2b:c6:00:99:5e:e2:25:5b:30:f3:
8d:3a:ce:16:50:9b:73:d8:1b:88:26:a3:ca:eb:0b:
2d:1e:fd:1a:6d:6f:e5:e0:bf:f4:6b:f3:9d:09:2c:
1f:7f:50:df:07:2b:7f:1d:8c:c7:c0:86:0a:8d:d5:
12:91:36:af:e8:77:f3:fb:44:1c:a0:95:a8:a5:54:
43:4a:fd:28:69:ce:df:51:77:d9:c8:23:62:bd:f5:
66:b4:ec:54:73:e1:2d:6b:e8:41:36:5e:90:d4:26:
ff:62:49:44:4f:ae:e2:35:3b:df:5b:2c:59:3d:b5:
49:70:45:31:c9:af:a7:5d:cd:d1:99:f0:85:0e:1b:
45:8d:25:2a:6f:ae:31:9c:c9:4a:26:8b:f9:2b:32:
e0:16:0d:6f:86:f1:87:7b:c0:29:5b:d7:17:fc:79:
29:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D3:F4:F3:FF:D3:92:12:B0:44:A1:19:37:26:8D:7B:55:BB:F3:3D
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/EdP08__TkhKwRKEZNyaNe1W78z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.161.248.0/21
IPv6:
2a00:11d8::/32
Signature Algorithm: sha256WithRSAEncryption
27:41:65:87:3d:c4:6d:b5:88:f4:56:d0:ff:c3:6d:55:cb:68:
94:3f:49:9a:7e:82:da:37:0b:3f:f5:57:79:ba:f9:2c:28:63:
24:40:a2:30:63:98:98:15:63:c3:30:aa:14:09:4c:6e:61:92:
e6:e4:5b:2d:10:01:2e:7d:61:72:80:42:3a:22:bb:e9:ad:bc:
89:68:38:5b:45:a0:63:e2:f4:84:9c:95:49:3e:44:0f:1c:4d:
25:9e:f6:0e:09:11:57:dc:73:6f:09:47:92:d1:02:59:0c:c6:
cd:2f:cb:26:e9:18:3e:3f:e4:60:b1:ef:71:eb:24:97:22:70:
05:2e:33:77:e2:bc:d2:8b:16:56:7a:45:dc:8e:e3:e2:17:4e:
a1:6a:67:d3:f9:67:1b:9b:29:ac:b3:ff:6a:e3:ef:75:f3:33:
e7:5d:4a:c3:9a:ab:08:16:1a:3e:32:bc:7e:4d:9e:63:7f:b2:
8c:18:58:f5:0e:a6:d1:b4:73:c7:d3:94:df:f1:1b:11:89:4b:
ea:3f:98:2b:37:3d:48:d3:c6:07:49:f6:07:ad:21:33:cf:9e:
25:b8:66:98:46:92:fc:a9:b6:31:57:8f:a6:f2:d8:1b:8b:77:
6a:16:fc:a6:bf:b5:73:16:d2:1d:ca:53:c0:06:5c:61:c4:35:
75:04:da:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZT6NKjND7hwjNr82MrOO6tuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwMjEyMTI0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQzZjRmM2ZmZDM5MjEyYjA0NGExMTkzNzI2OGQ3YjU1YmJmMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxe3SS5S7RCQDAprwK7v2t5rY1Yp
r+kmKLeP4ZLzewbfgo8kp63SUUBhelzGViqR10BQmlwfsKYrIGHpdNkgS/MeNf2w
LogxRQGuujUOOg3Zfy3uxhXawkKnB5y40yvGAJle4iVbMPONOs4WUJtz2BuIJqPK
6wstHv0abW/l4L/0a/OdCSwff1DfByt/HYzHwIYKjdUSkTav6Hfz+0QcoJWopVRD
Sv0oac7fUXfZyCNivfVmtOxUc+Eta+hBNl6Q1Cb/YklET67iNTvfWyxZPbVJcEUx
ya+nXc3RmfCFDhtFjSUqb64xnMlKJov5KzLgFg1vhvGHe8ApW9cX/HkpOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBHT9PP/05ISsEShGTcmjXtVu/M9MB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvRWRQMDhfX1RraEt3UktFWk55YU5lMVc3OHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDX6H4MA0E
AgACMAcDBQAqABHYMA0GCSqGSIb3DQEBCwUAA4IBAQAnQWWHPcRttYj0VtD/w21V
y2iUP0mafoLaNws/9Vd5uvksKGMkQKIwY5iYFWPDMKoUCUxuYZLm5FstEAEufWFy
gEI6IrvprbyJaDhbRaBj4vSEnJVJPkQPHE0lnvYOCRFX3HNvCUeS0QJZDMbNL8sm
6Rg+P+Rgse9x6ySXInAFLjN34rzSixZWekXcjuPiF06hamfT+Wcbmymss/9q4+91
8zPnXUrDmqsIFho+Mrx+TZ5jf7KMGFj1DqbRtHPH05Tf8RsRiUvqP5grNz1I08YH
SfYHrSEzz54luGaYRpL8qbYxV4+m8tgbi3dqFvymv7VzFtIdylPABlxhxDV1BNqS
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:15:53 2025 by rpki-client