Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/82BDDs4JetPr60bFvcYZDrvzjxI.roa
File: 82BDDs4JetPr60bFvcYZDrvzjxI.roa (raw, json)
Hash identifier: CBIyzSw3mmqC6JboqzBFcaRqhyCaa652ZQLSgqdfjUM=
Subject key identifier: F3:60:43:0E:CE:09:7A:D3:EB:EB:46:C5:BD:C6:19:0E:BB:F3:8F:12
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01947FF53F44C1AA68C65166C28243E11759
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/82BDDs4JetPr60bFvcYZDrvzjxI.roa
Signing time: Sun 19 Jan 2025 19:06:06 +0000
ROA not before: Sun 19 Jan 2025 19:06:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214943
IP address blocks: 195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 16:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7f:f5:3f:44:c1:aa:68:c6:51:66:c2:82:43:e1:17:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 19 19:06:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f360430ece097ad3ebeb46c5bdc6190ebbf38f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a7:65:4d:fa:eb:93:d8:c9:92:2b:e6:43:35:
57:aa:9d:e9:6b:14:39:dc:d8:09:cb:1d:b4:bb:28:
3f:c0:b0:6a:ce:39:da:2c:c8:f5:62:4e:0b:c7:76:
0f:f7:03:be:cd:46:13:c7:1b:61:41:f6:e2:d4:35:
c8:42:06:d1:05:b6:1e:58:ef:80:32:95:73:cb:74:
cc:93:c6:02:08:d3:79:96:1d:14:6d:d3:a4:9a:56:
d1:b1:8b:bf:50:bb:01:67:87:fa:f9:98:66:3d:bd:
4a:93:a6:eb:c5:74:06:ee:be:00:7b:30:48:09:1f:
ea:ab:ac:08:fe:40:ff:d5:c2:41:35:98:18:6a:17:
92:34:bd:ef:79:a6:bc:25:09:4b:18:8f:ee:06:9c:
84:4f:12:01:5b:8d:18:a2:be:e6:26:76:73:9b:c1:
b7:60:7d:12:5c:a2:aa:c1:92:34:72:d6:d7:d9:16:
4c:37:9d:d0:2c:0c:46:c4:8d:8b:50:e2:35:2a:dc:
dd:92:1e:4b:f4:80:de:39:ad:f3:0f:b9:ed:d1:8e:
94:f6:43:78:e8:69:84:9a:b6:72:f3:84:8e:ec:5f:
c1:1e:64:30:ed:a4:b6:56:3d:18:7c:d8:73:3c:27:
98:a5:11:39:e6:09:1f:04:3c:77:4a:34:e7:09:f4:
19:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:60:43:0E:CE:09:7A:D3:EB:EB:46:C5:BD:C6:19:0E:BB:F3:8F:12
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/82BDDs4JetPr60bFvcYZDrvzjxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.92.0/24
195.177.95.0/24
195.211.190.0/24
Signature Algorithm: sha256WithRSAEncryption
61:05:57:f2:64:78:07:a0:b9:83:42:28:1b:e9:c5:61:ff:51:
50:96:ec:4c:a9:59:00:e9:6b:d5:cd:49:c1:3f:db:ac:1c:1f:
b5:2a:8c:2a:01:dd:59:8e:97:54:25:65:d7:a6:cd:c8:2a:53:
4b:eb:fc:ce:80:5e:ac:8d:b0:bd:06:d2:91:bc:28:4b:cf:0a:
7e:df:19:bc:95:23:f0:56:a9:d4:7e:81:a3:97:60:c1:94:a7:
c6:15:9e:c1:15:7e:fc:50:0f:b1:00:20:d1:6d:8d:95:2e:f7:
ad:8d:25:98:90:31:14:3c:fd:9e:27:ac:dc:79:5a:41:d4:d1:
4f:ce:db:97:75:0c:9a:3a:ed:cd:25:c7:21:23:1c:9e:8a:56:
75:17:2f:09:5c:03:3e:bd:88:ef:9c:76:ae:07:eb:af:c2:7e:
c0:3a:26:d9:89:fd:24:d1:e3:84:77:19:8c:2f:e5:1d:65:64:
de:9b:f4:9c:be:a6:49:03:b0:29:59:55:78:d0:81:7d:70:94:
56:0c:14:ea:db:aa:9a:ed:d9:02:2c:46:74:99:1b:cf:a1:82:
56:69:26:ab:7f:77:5d:97:59:e7:2f:9e:27:ce:f5:92:e6:95:
b7:1a:39:f3:1e:98:50:5a:0b:09:26:75:ad:99:de:28:d9:48:
54:dc:8f:96
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZR/9T9EwapoxlFmwoJD4RdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTE5MTkwNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzYwNDMwZWNlMDk3YWQzZWJlYjQ2YzViZGM2MTkwZWJiZjM4ZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKdlTfrrk9jJkivmQzVXqp3paxQ5
3NgJyx20uyg/wLBqzjnaLMj1Yk4Lx3YP9wO+zUYTxxthQfbi1DXIQgbRBbYeWO+A
MpVzy3TMk8YCCNN5lh0UbdOkmlbRsYu/ULsBZ4f6+ZhmPb1Kk6brxXQG7r4AezBI
CR/qq6wI/kD/1cJBNZgYaheSNL3veaa8JQlLGI/uBpyETxIBW40Yor7mJnZzm8G3
YH0SXKKqwZI0ctbX2RZMN53QLAxGxI2LUOI1Ktzdkh5L9IDeOa3zD7nt0Y6U9kN4
6GmEmrZy84SO7F/BHmQw7aS2Vj0YfNhzPCeYpRE55gkfBDx3SjTnCfQZGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPNgQw7OCXrT6+tGxb3GGQ67848SMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvODJCRERzNEpldFByNjBiRnZjWVpEcnZ6anhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw7FcAwQA
w7FfAwQAw9O+MA0GCSqGSIb3DQEBCwUAA4IBAQBhBVfyZHgHoLmDQigb6cVh/1FQ
luxMqVkA6WvVzUnBP9usHB+1KowqAd1ZjpdUJWXXps3IKlNL6/zOgF6sjbC9BtKR
vChLzwp+3xm8lSPwVqnUfoGjl2DBlKfGFZ7BFX78UA+xACDRbY2VLvetjSWYkDEU
PP2eJ6zceVpB1NFPztuXdQyaOu3NJcchIxyeilZ1Fy8JXAM+vYjvnHauB+uvwn7A
OibZif0k0eOEdxmML+UdZWTem/ScvqZJA7ApWVV40IF9cJRWDBTq26qa7dkCLEZ0
mRvPoYJWaSarf3ddl1nnL54nzvWS5pW3GjnzHphQWgsJJnWtmd4o2UhU3I+W
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:27:59 2025 by rpki-client