Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/ga3J3Gxab2OvQg9-ddtfHNKGL9g.roa
File: ga3J3Gxab2OvQg9-ddtfHNKGL9g.roa (raw, json)
Hash identifier: dvcUrk7iKbQCXKMBUubSg0QYb9R+FQ7c2ws2lObCZcE=
Subject key identifier: 81:AD:C9:DC:6C:5A:6F:63:AF:42:0F:7E:75:DB:5F:1C:D2:86:2F:D8
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018CC42453B1C059F467081D00473630610E
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/ga3J3Gxab2OvQg9-ddtfHNKGL9g.roa
Signing time: Mon 01 Jan 2024 08:29:24 +0000
ROA not before: Mon 01 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39598
IP address blocks: 95.161.125.0/24 maxlen: 24
95.161.127.0/24 maxlen: 24
95.161.250.0/24 maxlen: 24
95.161.248.0/21 maxlen: 21
95.161.95.0/24 maxlen: 24
95.161.0.0/18 maxlen: 24
2a00:11d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 16 Dec 2024 13:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:53:b1:c0:59:f4:67:08:1d:00:47:36:30:61:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81adc9dc6c5a6f63af420f7e75db5f1cd2862fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:78:75:16:6b:33:9b:72:5b:65:0f:05:54:0b:
2f:c8:d8:e4:24:72:64:66:7b:5c:2b:f0:67:fd:29:
6c:1d:ca:96:a0:b2:10:4d:3b:fc:fa:df:b2:ca:07:
59:5c:e0:ce:62:3d:e6:40:f1:9c:a6:c2:54:1f:d4:
0d:fd:f1:5f:b8:26:1c:c6:83:e0:89:f9:ad:24:1c:
f5:ed:86:15:7f:97:b4:5f:58:64:e6:59:ae:66:97:
6c:b3:33:bd:d9:f3:66:ee:09:5f:9c:ab:49:70:a3:
1d:c7:5a:cb:92:9a:38:f1:8e:39:ae:2c:d8:f1:3a:
58:88:8a:81:b7:fb:05:ca:a6:0d:0b:0e:d9:82:99:
09:ad:e0:1a:6f:f8:bd:1d:bf:36:90:e3:0a:7f:3e:
e6:e5:e4:81:d2:30:c4:8a:c7:ea:77:06:b4:79:1f:
38:8d:c2:2f:6b:ce:a6:8b:ff:7b:6b:19:29:f8:39:
e3:27:e6:c7:8b:54:93:29:55:87:35:29:cd:71:ba:
8c:a6:6b:ce:37:fb:26:ee:79:6d:05:d4:9b:ed:c0:
9a:f5:ef:7d:c4:6b:a0:bf:3e:3c:d8:ac:cf:5e:81:
97:d0:2c:ce:80:b0:39:f9:6c:99:e0:9a:f1:61:fe:
85:59:1b:29:a8:05:70:83:32:83:9f:96:25:8c:53:
62:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AD:C9:DC:6C:5A:6F:63:AF:42:0F:7E:75:DB:5F:1C:D2:86:2F:D8
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/ga3J3Gxab2OvQg9-ddtfHNKGL9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.161.0.0/18
95.161.95.0/24
95.161.125.0/24
95.161.127.0/24
95.161.248.0/21
IPv6:
2a00:11d8::/32
Signature Algorithm: sha256WithRSAEncryption
0d:c8:d7:ba:6f:c8:84:15:2a:d3:e6:b9:21:e0:71:2a:87:f5:
ab:6c:ec:54:3d:1f:0e:3d:8a:6e:ed:ee:83:6e:d3:44:b1:a4:
31:58:94:f4:e3:e6:53:68:2c:2e:97:8c:05:c2:3c:b8:af:69:
20:ea:1f:92:27:89:8c:fc:b3:e0:53:b7:3f:f5:91:8e:f3:08:
50:cc:71:2a:a0:f1:a4:99:90:08:a6:93:a9:20:be:2c:6b:f7:
44:5c:07:7c:b0:2f:11:ce:cb:c7:70:cf:39:10:ae:11:8e:5e:
ce:81:1f:82:f8:27:1f:14:87:03:3f:a6:73:ec:fe:51:2e:b9:
9a:60:41:e6:cb:c6:c6:a5:58:ae:b6:6c:67:d5:6b:50:cf:2a:
38:df:6c:88:82:36:1a:c3:54:9b:91:63:d6:e6:fd:86:74:79:
28:b7:79:93:51:eb:ef:e2:06:3a:ff:88:bc:1b:54:3b:91:e1:
2a:49:f2:e9:66:cc:1b:22:49:12:99:fe:1e:c9:dd:57:9e:e5:
f6:52:4d:d8:3b:77:dd:b3:fb:f0:49:3f:5d:93:92:dd:61:01:
8f:cc:d6:05:66:4f:5b:15:de:c2:1c:e0:59:c2:4e:3a:5c:ee:
42:95:88:a9:fa:2d:e2:94:62:68:28:86:69:8d:e0:3c:db:e4:
64:26:b7:e2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEJFOxwFn0ZwgdAEc2MGEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWFkYzlkYzZjNWE2ZjYzYWY0MjBmN2U3NWRiNWYxY2QyODYyZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnh1Fmszm3JbZQ8FVAsvyNjkJHJk
ZntcK/Bn/SlsHcqWoLIQTTv8+t+yygdZXODOYj3mQPGcpsJUH9QN/fFfuCYcxoPg
ifmtJBz17YYVf5e0X1hk5lmuZpdsszO92fNm7glfnKtJcKMdx1rLkpo48Y45rizY
8TpYiIqBt/sFyqYNCw7ZgpkJreAab/i9Hb82kOMKfz7m5eSB0jDEisfqdwa0eR84
jcIva86mi/97axkp+DnjJ+bHi1STKVWHNSnNcbqMpmvON/sm7nltBdSb7cCa9e99
xGugvz482KzPXoGX0CzOgLA5+WyZ4JrxYf6FWRspqAVwgzKDn5YljFNiiQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIGtydxsWm9jr0IPfnXbXxzShi/YMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvZ2EzSjNHeGFiMk92UWc5LWRkdGZITktHTDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGX6EAAwQA
X6FfAwQAX6F9AwQAX6F/AwQDX6H4MA0EAgACMAcDBQAqABHYMA0GCSqGSIb3DQEB
CwUAA4IBAQANyNe6b8iEFSrT5rkh4HEqh/WrbOxUPR8OPYpu7e6DbtNEsaQxWJT0
4+ZTaCwul4wFwjy4r2kg6h+SJ4mM/LPgU7c/9ZGO8whQzHEqoPGkmZAIppOpIL4s
a/dEXAd8sC8RzsvHcM85EK4Rjl7OgR+C+CcfFIcDP6Zz7P5RLrmaYEHmy8bGpViu
tmxn1WtQzyo432yIgjYaw1SbkWPW5v2GdHkot3mTUevv4gY6/4i8G1Q7keEqSfLp
ZswbIkkSmf4eyd1XnuX2Uk3YO3fds/vwST9dk5LdYQGPzNYFZk9bFd7CHOBZwk46
XO5ClYip+i3ilGJoKIZpjeA82+RkJrfi
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:20:54 2025 by rpki-client