Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/CE2x4B2yYS5pT-GPgyfAGijPU5Y.roa
File: CE2x4B2yYS5pT-GPgyfAGijPU5Y.roa (raw, json)
Hash identifier: a5th7Jj9epPyPyxaSvNgsY+u0gBCY4R/jt87zASHuTc=
Subject key identifier: 08:4D:B1:E0:1D:B2:61:2E:69:4F:E1:8F:83:27:C0:1A:28:CF:53:96
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 019426D991BF16D6A59DC81423075497AE04
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/CE2x4B2yYS5pT-GPgyfAGijPU5Y.roa
Signing time: Thu 02 Jan 2025 11:49:40 +0000
ROA not before: Thu 02 Jan 2025 11:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60606
IP address blocks: 95.173.212.0/24 maxlen: 24
185.2.42.0/24 maxlen: 24
2a06:5d80::/32 maxlen: 40
Validation: Failed, certificate revoked on Thu 20 Feb 2025 17:42:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:91:bf:16:d6:a5:9d:c8:14:23:07:54:97:ae:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Jan 2 11:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=084db1e01db2612e694fe18f8327c01a28cf5396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b8:25:70:8b:c9:fe:c3:5d:29:de:9a:2a:e7:
e9:1d:70:5a:91:da:ee:01:11:e0:e2:36:f3:1a:f5:
34:7b:7b:50:81:f1:21:c0:a3:ec:7e:28:f8:f1:2b:
54:bd:b4:2a:c0:0f:5d:49:03:fe:2f:cd:ca:c9:17:
07:2d:5a:37:ef:9b:55:94:2a:f0:7e:4c:ee:fa:01:
ca:f7:28:d3:9a:16:24:d6:d9:ff:aa:84:44:96:7c:
9d:4e:89:a4:50:34:82:77:94:c9:88:01:17:71:ff:
0b:08:ea:b4:7f:24:1d:73:de:39:06:7d:ae:d0:00:
4a:26:3a:88:ff:57:c5:05:64:ba:f1:61:38:4d:c2:
a7:1c:a8:94:a1:9c:4b:81:31:35:91:fa:9e:56:7c:
45:2d:41:24:f4:6d:90:b0:4c:07:27:2e:fb:0c:1f:
2b:4f:48:ef:e8:46:a1:26:1d:10:a9:1b:01:f9:ee:
d2:21:61:c3:3a:18:79:a5:f1:94:c7:04:7b:93:1b:
5a:96:c9:ea:c0:66:de:1f:50:5a:92:38:ae:5d:d1:
bc:ff:df:28:01:71:4f:35:90:79:42:ce:e5:53:13:
25:77:53:4f:92:2a:ae:f0:1a:f2:b2:b1:98:c9:a6:
8f:bf:88:85:81:62:1d:10:19:15:02:82:cf:00:2e:
46:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4D:B1:E0:1D:B2:61:2E:69:4F:E1:8F:83:27:C0:1A:28:CF:53:96
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/CE2x4B2yYS5pT-GPgyfAGijPU5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.212.0/24
185.2.42.0/24
IPv6:
2a06:5d80::/32
Signature Algorithm: sha256WithRSAEncryption
44:91:66:a5:d7:06:3b:d1:b6:b6:c6:51:2b:05:e4:90:67:bf:
2a:d1:b6:20:70:7c:12:f8:79:d3:02:4f:a8:23:5a:cb:83:29:
6c:53:f1:ee:3f:c5:71:94:c8:39:61:17:9f:4f:4c:f0:89:0a:
da:f9:73:74:44:01:a7:72:f0:a2:06:0f:80:c0:ed:d0:23:60:
63:3c:a6:30:03:66:cd:13:fe:30:86:4c:d9:e0:32:d9:e8:7a:
07:c7:99:5b:6f:67:6c:fa:1c:99:2e:95:f0:2a:8e:57:e1:e9:
1c:bc:96:e2:42:b4:87:86:3a:82:77:89:7d:1d:50:08:20:38:
40:43:e5:08:8c:1c:3c:88:fc:39:65:2c:e4:6a:69:d1:56:95:
bb:97:41:86:ec:29:11:79:b9:a0:43:cb:9a:9a:df:09:ff:21:
02:ba:aa:dd:50:35:7c:f0:2c:1c:a3:8c:cd:a7:41:e5:26:a9:
bf:c3:61:44:ee:3a:50:84:00:7f:a2:80:8d:0a:21:e0:f6:0a:
66:fd:5a:e2:6e:50:0d:54:e1:2c:ae:67:74:ea:58:2a:43:e7:
fc:7a:29:7e:6d:97:ca:e2:a5:36:40:a7:5c:56:97:cb:f0:4a:
d7:08:6c:6c:76:f7:b5:7b:ca:d4:24:17:e3:10:db:2e:7e:b0:
99:99:5d:a3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2ZG/FtalncgUIwdUl64EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjUwMTAyMTE0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRkYjFlMDFkYjI2MTJlNjk0ZmUxOGY4MzI3YzAxYTI4Y2Y1Mzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7glcIvJ/sNdKd6aKufpHXBakdru
ARHg4jbzGvU0e3tQgfEhwKPsfij48StUvbQqwA9dSQP+L83KyRcHLVo375tVlCrw
fkzu+gHK9yjTmhYk1tn/qoRElnydTomkUDSCd5TJiAEXcf8LCOq0fyQdc945Bn2u
0ABKJjqI/1fFBWS68WE4TcKnHKiUoZxLgTE1kfqeVnxFLUEk9G2QsEwHJy77DB8r
T0jv6EahJh0QqRsB+e7SIWHDOhh5pfGUxwR7kxtalsnqwGbeH1BakjiuXdG8/98o
AXFPNZB5Qs7lUxMld1NPkiqu8BrysrGYyaaPv4iFgWIdEBkVAoLPAC5GQwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAhNseAdsmEuaU/hj4MnwBooz1OWMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvQ0UyeDRCMnlZUzVwVC1HUGd5ZkFHaWpQVTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAX63UAwQA
uQIqMA0EAgACMAcDBQAqBl2AMA0GCSqGSIb3DQEBCwUAA4IBAQBEkWal1wY70ba2
xlErBeSQZ78q0bYgcHwS+HnTAk+oI1rLgylsU/HuP8VxlMg5YRefT0zwiQra+XN0
RAGncvCiBg+AwO3QI2BjPKYwA2bNE/4whkzZ4DLZ6HoHx5lbb2ds+hyZLpXwKo5X
4ekcvJbiQrSHhjqCd4l9HVAIIDhAQ+UIjBw8iPw5ZSzkamnRVpW7l0GG7CkRebmg
Q8uamt8J/yECuqrdUDV88Cwco4zNp0HlJqm/w2FE7jpQhAB/ooCNCiHg9gpm/Vri
blANVOEsrmd06lgqQ+f8eil+bZfK4qU2QKdcVpfL8ErXCGxsdve1e8rUJBfjENsu
frCZmV2j
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:31:52 2025 by rpki-client