Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/FlCNMY2BZ5iNwpuL8kfI9B1YUtY.roa
File: FlCNMY2BZ5iNwpuL8kfI9B1YUtY.roa (raw, json)
Hash identifier: Oa/3Ukn+7mDksbFem41q6MMSFgOqDywoM1o++XRwZMY=
Subject key identifier: 16:50:8D:31:8D:81:67:98:8D:C2:9B:8B:F2:47:C8:F4:1D:58:52:D6
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0193CFE096AF16057F8074A0C65BD359BDF8
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/FlCNMY2BZ5iNwpuL8kfI9B1YUtY.roa
Signing time: Mon 16 Dec 2024 14:30:22 +0000
ROA not before: Mon 16 Dec 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39598
IP address blocks: 95.161.0.0/18 maxlen: 24
95.161.248.0/21 maxlen: 21
95.161.250.0/24 maxlen: 24
2a00:11d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Dec 2024 11:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:e0:96:af:16:05:7f:80:74:a0:c6:5b:d3:59:bd:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Dec 16 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16508d318d8167988dc29b8bf247c8f41d5852d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:96:95:f0:3f:49:44:4b:82:3d:dc:60:60:02:
1e:0c:f5:16:9e:aa:8f:49:08:3b:5d:51:20:56:3c:
36:16:8f:2e:cf:c8:0d:19:7c:d6:50:73:4d:dc:0e:
96:b7:62:87:43:05:d1:f8:00:3f:8d:db:81:06:7b:
70:18:af:8b:03:56:6a:98:da:ff:d8:03:67:1c:91:
31:0e:6b:16:51:bb:4a:17:fb:bd:c3:f1:74:a2:ea:
aa:39:d4:f9:cc:60:a8:52:83:db:fe:43:39:55:ac:
e8:b6:9b:41:fa:79:a8:18:0f:7e:91:e0:1c:e6:8d:
df:d2:fb:75:6d:40:7c:be:f2:0c:ba:d1:fb:cd:6f:
a7:65:c9:d3:5c:65:16:4d:12:c7:d8:ee:4d:89:5a:
c3:dd:8b:62:7d:ca:2b:e3:6a:ec:8b:61:12:e4:0c:
7e:6d:c3:79:a9:59:08:68:43:44:20:28:1b:5f:23:
67:d0:57:20:76:6b:cf:46:99:34:e2:79:2a:e5:7c:
34:b5:2c:f1:00:7d:69:52:53:97:17:e2:b0:e7:6b:
54:ca:b0:59:49:b9:62:8d:35:bf:bf:d7:98:dc:f4:
71:37:fc:cd:dc:4c:a9:e4:1f:5f:a9:11:8e:91:0d:
65:90:60:8d:41:8f:89:9d:96:3a:85:c1:77:54:7f:
8a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:50:8D:31:8D:81:67:98:8D:C2:9B:8B:F2:47:C8:F4:1D:58:52:D6
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/FlCNMY2BZ5iNwpuL8kfI9B1YUtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.161.0.0/18
95.161.248.0/21
IPv6:
2a00:11d8::/32
Signature Algorithm: sha256WithRSAEncryption
87:0d:f6:ed:de:79:03:bd:68:17:11:cf:ca:b9:83:ed:00:a1:
7c:7e:45:bd:64:79:51:02:33:17:68:21:48:aa:47:8f:ef:4d:
02:57:b1:af:5d:ab:e4:2d:48:e4:45:73:94:32:53:85:72:5b:
0c:03:13:c2:ef:12:0f:fa:51:b9:16:a3:d2:e8:1b:bf:e1:12:
9a:cd:17:ad:84:98:2f:17:4b:15:c8:84:87:4c:a3:c1:af:36:
fb:c7:07:0f:5c:40:02:7e:8a:60:cb:54:ef:a4:e8:0c:94:6e:
c0:d6:74:7e:49:90:90:39:36:52:04:79:a2:39:9d:3e:a5:8f:
11:05:06:8f:1c:36:e0:9d:7b:f8:69:bc:7f:b1:94:af:64:cb:
c5:c5:08:59:92:30:3c:df:aa:7e:15:64:86:57:a7:85:cd:43:
2c:a4:32:2c:5e:c2:26:2c:56:37:22:30:04:27:e7:a8:c0:d4:
73:0e:a1:05:21:02:ee:8b:f3:a6:ac:9c:6e:fe:ab:5e:bd:90:
59:bb:97:59:fc:6f:81:f9:bf:bd:09:2a:a3:43:30:e6:50:ad:
d9:2c:4f:59:d2:61:6c:02:d2:86:c3:7c:28:6d:66:eb:e2:6b:
bd:44:c6:0d:ae:53:09:6c:48:8c:eb:c7:df:11:72:fa:10:d8:
af:a1:0e:6a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZPP4JavFgV/gHSgxlvTWb34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQxMjE2MTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjUwOGQzMThkODE2Nzk4OGRjMjliOGJmMjQ3YzhmNDFkNTg1MmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15aV8D9JREuCPdxgYAIeDPUWnqqP
SQg7XVEgVjw2Fo8uz8gNGXzWUHNN3A6Wt2KHQwXR+AA/jduBBntwGK+LA1ZqmNr/
2ANnHJExDmsWUbtKF/u9w/F0ouqqOdT5zGCoUoPb/kM5VazotptB+nmoGA9+keAc
5o3f0vt1bUB8vvIMutH7zW+nZcnTXGUWTRLH2O5NiVrD3Ytifcor42rsi2ES5Ax+
bcN5qVkIaENEICgbXyNn0FcgdmvPRpk04nkq5Xw0tSzxAH1pUlOXF+Kw52tUyrBZ
SblijTW/v9eY3PRxN/zN3Eyp5B9fqRGOkQ1lkGCNQY+JnZY6hcF3VH+KTQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBZQjTGNgWeYjcKbi/JHyPQdWFLWMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvRmxDTk1ZMkJaNWlOd3B1TDhrZkk5QjFZVXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGX6EAAwQD
X6H4MA0EAgACMAcDBQAqABHYMA0GCSqGSIb3DQEBCwUAA4IBAQCHDfbt3nkDvWgX
Ec/KuYPtAKF8fkW9ZHlRAjMXaCFIqkeP700CV7GvXavkLUjkRXOUMlOFclsMAxPC
7xIP+lG5FqPS6Bu/4RKazRethJgvF0sVyISHTKPBrzb7xwcPXEACfopgy1TvpOgM
lG7A1nR+SZCQOTZSBHmiOZ0+pY8RBQaPHDbgnXv4abx/sZSvZMvFxQhZkjA836p+
FWSGV6eFzUMspDIsXsImLFY3IjAEJ+eowNRzDqEFIQLui/OmrJxu/qtevZBZu5dZ
/G+B+b+9CSqjQzDmUK3ZLE9Z0mFsAtKGw3wobWbr4mu9RMYNrlMJbEiM68ffEXL6
ENivoQ5q
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:27:39 2025 by rpki-client