Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/I6uam3bFZr_NBIe1SFYl7w-cIWE.roa
File: I6uam3bFZr_NBIe1SFYl7w-cIWE.roa (raw, json)
Hash identifier: 0Jj6yb0uSp/mfXnAtba7zI4OfcMamVol4wJUuJ6M8DE=
Subject key identifier: 23:AB:9A:9B:76:C5:66:BF:CD:04:87:B5:48:56:25:EF:0F:9C:21:61
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0193783528AAD8A390A757F7D1704E84BD58
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/I6uam3bFZr_NBIe1SFYl7w-cIWE.roa
Signing time: Fri 29 Nov 2024 13:56:09 +0000
ROA not before: Fri 29 Nov 2024 13:56:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 329007
IP address blocks: 195.177.92.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Nov 2024 12:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:78:35:28:aa:d8:a3:90:a7:57:f7:d1:70:4e:84:bd:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 29 13:56:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23ab9a9b76c566bfcd0487b5485625ef0f9c2161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:48:10:b5:61:ff:d3:47:37:71:93:8b:38:67:
2a:3e:e7:12:c7:dc:ab:36:cf:65:07:29:4d:51:33:
f4:01:79:da:de:c9:d4:af:6f:a9:9c:d3:89:86:49:
d2:7c:27:30:e3:b1:83:5c:4d:a5:35:26:ef:f0:77:
ff:d9:df:62:58:51:bd:cd:11:fa:59:24:9d:cd:6d:
ef:33:f7:c0:f2:7a:53:a8:6f:76:4d:b1:ee:57:10:
ae:b8:58:22:c8:b5:22:30:e7:b9:ee:de:95:b1:6b:
3f:3a:6e:12:1c:21:e8:3a:be:cc:27:1b:00:87:f1:
85:e1:10:62:58:3c:ab:4e:63:bc:2d:1d:d6:00:63:
6a:8b:8e:67:03:9d:db:29:99:47:8e:97:c3:93:42:
84:92:95:0e:8a:26:21:0b:71:48:b1:4b:26:58:06:
d8:7a:01:7f:a2:e1:ef:50:b9:6b:1d:32:c5:70:a4:
09:83:8d:9b:6f:8a:1e:4c:be:71:dd:67:5e:28:9f:
f4:d9:8d:0a:cc:ed:4d:fd:ad:71:49:6b:5f:97:b7:
25:2a:dc:f8:be:b7:7a:3d:89:90:86:ec:da:f4:7e:
94:fc:be:ef:d2:ea:27:a3:e6:fb:cd:a2:e3:50:8c:
d2:d3:4f:5c:13:41:1f:e8:63:53:fa:18:a5:20:50:
8c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AB:9A:9B:76:C5:66:BF:CD:04:87:B5:48:56:25:EF:0F:9C:21:61
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/I6uam3bFZr_NBIe1SFYl7w-cIWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.92.0/24
195.211.190.0/24
Signature Algorithm: sha256WithRSAEncryption
76:11:f8:51:a4:af:7d:3b:82:0a:92:ef:77:68:bb:39:77:1f:
54:e8:96:9d:c3:b6:aa:01:60:e4:4f:77:b3:06:ff:ea:f5:52:
62:8b:91:75:8c:e1:70:dd:e3:ac:f7:58:d4:bf:99:45:74:fd:
f2:37:b3:fa:95:e9:df:3f:e6:96:55:f9:17:c0:1e:24:ad:ee:
02:60:21:6b:12:d2:0b:d3:27:bf:5d:3d:94:cd:18:3a:b6:fe:
4c:36:b3:43:63:14:49:7b:8c:bf:a4:2a:8e:8a:a2:81:dc:2c:
35:75:f8:4b:a1:1d:b7:b1:0d:d2:8e:ff:dc:62:0a:71:16:24:
f2:97:a5:9c:a3:6c:0e:9c:04:51:3c:cb:66:34:c5:ec:c3:35:
02:0e:94:1a:6e:f5:7e:d2:ef:15:32:5c:1e:8f:92:33:bf:f9:
e2:14:59:be:03:ba:f4:47:f0:6d:4a:a1:04:67:f9:1a:b9:c4:
0c:71:3a:e6:2e:7f:85:e9:b7:e6:04:51:ef:1d:60:a9:7b:6c:
b9:a7:4d:d4:ea:8f:9b:89:07:d5:2b:64:09:9e:96:47:3a:2d:
a6:33:72:f8:3c:aa:6c:ff:91:56:bd:33:ec:9d:ef:d2:c8:63:
24:de:1d:b4:18:51:12:ab:61:8a:c1:ff:79:97:e4:52:ba:3e:
a6:23:ec:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZN4NSiq2KOQp1f30XBOhL1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMTI5MTM1NjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FiOWE5Yjc2YzU2NmJmY2QwNDg3YjU0ODU2MjVlZjBmOWMyMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0gQtWH/00c3cZOLOGcqPucSx9yr
Ns9lBylNUTP0AXna3snUr2+pnNOJhknSfCcw47GDXE2lNSbv8Hf/2d9iWFG9zRH6
WSSdzW3vM/fA8npTqG92TbHuVxCuuFgiyLUiMOe57t6VsWs/Om4SHCHoOr7MJxsA
h/GF4RBiWDyrTmO8LR3WAGNqi45nA53bKZlHjpfDk0KEkpUOiiYhC3FIsUsmWAbY
egF/ouHvULlrHTLFcKQJg42bb4oeTL5x3WdeKJ/02Y0KzO1N/a1xSWtfl7clKtz4
vrd6PYmQhuza9H6U/L7v0uono+b7zaLjUIzS009cE0Ef6GNT+hilIFCMFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCOrmpt2xWa/zQSHtUhWJe8PnCFhMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSTZ1YW0zYkZacl9OQkllMVNGWWw3dy1jSVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw7FcAwQA
w9O+MA0GCSqGSIb3DQEBCwUAA4IBAQB2EfhRpK99O4IKku93aLs5dx9U6Jadw7aq
AWDkT3ezBv/q9VJii5F1jOFw3eOs91jUv5lFdP3yN7P6lenfP+aWVfkXwB4kre4C
YCFrEtIL0ye/XT2UzRg6tv5MNrNDYxRJe4y/pCqOiqKB3Cw1dfhLoR23sQ3Sjv/c
YgpxFiTyl6Wco2wOnARRPMtmNMXswzUCDpQabvV+0u8VMlwej5Izv/niFFm+A7r0
R/BtSqEEZ/kaucQMcTrmLn+F6bfmBFHvHWCpe2y5p03U6o+biQfVK2QJnpZHOi2m
M3L4PKps/5FWvTPsne/SyGMk3h20GFESq2GKwf95l+RSuj6mI+xs
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:17:56 2025 by rpki-client