Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8XDjQTZpfFEsCrFR9bsNjrPWUeY.roa
File: 8XDjQTZpfFEsCrFR9bsNjrPWUeY.roa (raw, json)
Hash identifier: NonoGfSEZ+60g1yfsYWUiEdMEoHxxl9PLJ9oS+jgeR4=
Subject key identifier: F1:70:E3:41:36:69:7C:51:2C:0A:B1:51:F5:BB:0D:8E:B3:D6:51:E6
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01938E10DC8DCFD62C67175732D317E2321D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8XDjQTZpfFEsCrFR9bsNjrPWUeY.roa
Signing time: Tue 03 Dec 2024 19:48:09 +0000
ROA not before: Tue 03 Dec 2024 19:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214943
IP address blocks: 195.177.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Dec 2024 20:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8e:10:dc:8d:cf:d6:2c:67:17:57:32:d3:17:e2:32:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 3 19:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f170e34136697c512c0ab151f5bb0d8eb3d651e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3f:f0:af:a5:7e:e8:f8:c6:b2:41:05:bb:20:
2b:56:80:f4:7a:93:a0:88:10:b2:11:29:20:4b:ef:
c5:c7:aa:5d:68:27:51:9b:17:e8:ce:17:22:cf:ce:
1f:95:9e:b3:c1:1e:e0:21:ec:59:64:b8:f6:aa:89:
11:a1:74:44:9c:5a:8d:15:47:4a:85:90:17:30:13:
b1:d6:65:30:6f:b0:18:d2:a1:0b:b8:f9:2a:3d:38:
92:b8:e1:cd:d7:74:ff:11:f8:98:f7:dc:b6:02:6d:
c7:1c:aa:c3:32:f3:0a:73:ca:a7:1b:46:42:3e:55:
c9:68:ae:ba:d1:09:d7:ec:ac:78:6d:94:3e:f3:e1:
5f:d5:e8:53:48:d9:8b:09:a7:9a:f0:40:03:60:f9:
0c:07:d5:23:bb:f3:48:d9:37:94:11:5e:75:d7:99:
db:e3:99:e6:8a:48:99:a7:1d:0f:26:ed:b9:e7:91:
df:ab:58:cf:f6:f4:4b:45:14:15:9b:a5:8f:dc:d9:
84:72:e5:c4:cd:72:b0:7e:6f:95:c4:6f:44:22:c5:
88:6f:e6:d5:1f:f3:f8:cf:92:8d:71:c0:dd:9e:54:
00:c9:ec:3a:41:fa:43:8c:fd:4d:fb:e0:ea:f8:6c:
a9:93:1c:a9:24:37:1a:f3:6f:f2:75:c5:15:98:6a:
ba:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:70:E3:41:36:69:7C:51:2C:0A:B1:51:F5:BB:0D:8E:B3:D6:51:E6
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8XDjQTZpfFEsCrFR9bsNjrPWUeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.92.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e9:3c:57:d7:74:d7:01:3d:67:96:30:b3:97:1a:4f:d0:73:
b7:34:a9:b4:75:bd:4a:f9:6c:b4:2e:5f:b7:15:44:2b:bc:8a:
ee:27:0e:03:3a:96:fd:3d:8e:a4:4d:00:88:7a:96:49:5d:e1:
57:a7:c6:a5:22:71:7a:5c:0d:46:18:54:9d:f6:60:bf:0f:f9:
54:05:15:ff:e1:c1:b0:d8:ed:f5:cb:51:61:a8:2b:47:b1:55:
49:cc:73:ac:33:11:f8:c5:b7:c3:f7:a0:04:dc:0d:fe:69:ae:
39:a7:4a:c6:7c:1f:9f:48:fb:be:25:48:cd:81:ef:0b:db:e9:
d9:70:77:d1:b9:47:68:22:f1:0f:ca:07:95:2f:d7:5d:19:5b:
1e:af:48:2f:5f:03:34:d7:f9:45:7e:6a:8e:48:a1:cd:5d:e2:
80:5b:62:12:99:66:f8:da:d3:72:f0:e6:66:f8:86:4c:90:f4:
67:ca:d7:bf:6d:51:32:ab:79:b5:d9:7d:09:c2:ed:25:e4:f9:
b2:95:3e:2f:ed:6f:07:41:2f:5c:ed:f1:ed:54:5d:a9:84:c1:
eb:02:d4:5d:bb:97:38:4a:24:90:b2:17:fd:96:83:d4:03:e2:
3b:a3:68:19:af:ad:67:b7:30:a7:6a:9b:15:e8:e0:cc:17:54:
00:ec:0a:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOOENyNz9YsZxdXMtMX4jIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMjAzMTk0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTcwZTM0MTM2Njk3YzUxMmMwYWIxNTFmNWJiMGQ4ZWIzZDY1MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzD/wr6V+6PjGskEFuyArVoD0epOg
iBCyESkgS+/Fx6pdaCdRmxfozhciz84flZ6zwR7gIexZZLj2qokRoXREnFqNFUdK
hZAXMBOx1mUwb7AY0qELuPkqPTiSuOHN13T/EfiY99y2Am3HHKrDMvMKc8qnG0ZC
PlXJaK660QnX7Kx4bZQ+8+Ff1ehTSNmLCaea8EADYPkMB9Uju/NI2TeUEV5115nb
45nmikiZpx0PJu2555Hfq1jP9vRLRRQVm6WP3NmEcuXEzXKwfm+VxG9EIsWIb+bV
H/P4z5KNccDdnlQAyew6QfpDjP1N++Dq+GypkxypJDca82/ydcUVmGq6SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPFw40E2aXxRLAqxUfW7DY6z1lHmMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOFhEalFUWnBmRkVzQ3JGUjlic05qclBXVWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7FcMA0G
CSqGSIb3DQEBCwUAA4IBAQCC6TxX13TXAT1nljCzlxpP0HO3NKm0db1K+Wy0Ll+3
FUQrvIruJw4DOpb9PY6kTQCIepZJXeFXp8alInF6XA1GGFSd9mC/D/lUBRX/4cGw
2O31y1FhqCtHsVVJzHOsMxH4xbfD96AE3A3+aa45p0rGfB+fSPu+JUjNge8L2+nZ
cHfRuUdoIvEPygeVL9ddGVser0gvXwM01/lFfmqOSKHNXeKAW2ISmWb42tNy8OZm
+IZMkPRnyte/bVEyq3m12X0Jwu0l5PmylT4v7W8HQS9c7fHtVF2phMHrAtRdu5c4
SiSQshf9loPUA+I7o2gZr61ntzCnapsV6ODMF1QA7AoW
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:37:53 2025 by rpki-client