Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Dmf2cD8RmIxMnkQnvf-FMvHQCws.roa
File: Dmf2cD8RmIxMnkQnvf-FMvHQCws.roa (raw, json)
Hash identifier: /tdYB1jkVxnyewakp4M1kbby82yv9qN50f13k4FgjEo=
Subject key identifier: 0E:67:F6:70:3F:11:98:8C:4C:9E:44:27:BD:FF:85:32:F1:D0:0B:0B
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018CC56E316910167D3FDC6ACE3077B68C52
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Dmf2cD8RmIxMnkQnvf-FMvHQCws.roa
Signing time: Mon 01 Jan 2024 14:29:42 +0000
ROA not before: Mon 01 Jan 2024 14:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199746
IP address blocks: 81.95.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 09:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:31:69:10:16:7d:3f:dc:6a:ce:30:77:b6:8c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 1 14:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e67f6703f11988c4c9e4427bdff8532f1d00b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d3:0b:a3:d4:e2:49:f3:34:8b:38:b6:d7:35:
24:92:6d:6f:56:fe:ee:8a:73:92:40:bb:bc:53:61:
19:a4:22:cf:ae:d1:f6:ec:d9:56:5b:40:79:1d:f7:
42:b3:94:66:7f:61:bb:02:40:2b:09:71:cd:7f:60:
bd:f6:ae:b5:d2:b1:e7:9c:d5:a8:22:f6:3f:7b:c3:
d5:4f:ef:66:31:3f:25:b9:11:27:dd:b3:0c:0f:cd:
6a:f8:fa:80:a0:f9:85:64:d5:9c:fd:a1:aa:d0:73:
4c:dc:50:92:5c:d6:39:0c:ff:62:38:25:67:bb:c6:
77:6b:d4:d0:b6:30:61:c1:e9:75:89:e9:00:f9:fd:
24:2b:bb:df:a6:c7:f6:d3:61:7d:36:2f:4a:d9:b7:
2b:78:b9:2e:f8:b7:f5:4f:3c:e3:2a:90:7d:61:df:
51:89:9c:57:ff:60:07:1c:c9:ef:37:f0:7d:50:56:
11:81:62:f6:06:c8:96:9f:74:3f:02:f8:b6:20:07:
b0:7a:9f:ce:3a:8f:30:e1:d8:a5:a8:09:91:50:70:
fb:51:bc:37:f3:cd:0d:f9:d9:1d:9c:18:b6:fb:98:
4f:e5:4b:54:21:04:75:37:1a:74:90:bf:18:9b:b8:
78:fc:da:0a:89:37:fc:a0:a2:d3:b0:ea:99:b7:bd:
16:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:67:F6:70:3F:11:98:8C:4C:9E:44:27:BD:FF:85:32:F1:D0:0B:0B
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Dmf2cD8RmIxMnkQnvf-FMvHQCws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.39.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:11:e8:74:20:e3:47:0e:df:f1:2b:40:60:bf:b6:de:e5:f2:
aa:21:fe:95:59:29:1d:54:53:e8:34:00:9e:78:69:09:50:10:
5d:4d:c5:6c:bc:4f:bd:24:01:35:5f:91:33:17:b1:ac:21:3c:
0e:24:87:29:e6:c4:ac:2b:fe:73:9d:0f:13:87:cb:6d:7e:51:
78:b2:16:9a:50:7a:5a:d2:39:27:6a:7b:16:d2:0f:2b:31:da:
18:be:ba:45:43:e5:a2:87:70:00:a7:4b:c0:92:1e:1c:73:12:
53:b4:8c:b9:15:6c:02:22:a4:5c:78:65:c1:67:ed:56:f2:78:
0a:e8:3a:e6:c6:70:2d:43:90:6f:65:59:e2:2b:f0:ae:eb:65:
34:73:a9:1c:48:b4:0c:30:ff:41:63:05:19:3e:9d:08:2a:58:
9e:c6:8a:a0:68:6b:41:84:85:62:f5:6f:6c:2a:1d:b0:d5:a9:
e1:f6:4b:97:b4:76:88:38:75:62:ca:b8:88:a5:68:b1:c1:c2:
91:b4:f5:30:c0:a1:df:ae:60:3c:37:3a:54:21:3c:28:3e:54:
5a:6d:0c:fe:f1:d6:8b:15:da:40:0f:26:9c:84:0a:ff:e8:8e:
b9:6d:04:72:5c:f0:6e:97:49:6d:fa:36:f6:16:4d:a7:a9:45:
0e:cb:ff:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbjFpEBZ9P9xqzjB3toxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjQwMTAxMTQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTY3ZjY3MDNmMTE5ODhjNGM5ZTQ0MjdiZGZmODUzMmYxZDAwYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9MLo9TiSfM0izi21zUkkm1vVv7u
inOSQLu8U2EZpCLPrtH27NlWW0B5HfdCs5Rmf2G7AkArCXHNf2C99q610rHnnNWo
IvY/e8PVT+9mMT8luREn3bMMD81q+PqAoPmFZNWc/aGq0HNM3FCSXNY5DP9iOCVn
u8Z3a9TQtjBhwel1iekA+f0kK7vfpsf202F9Ni9K2bcreLku+Lf1TzzjKpB9Yd9R
iZxX/2AHHMnvN/B9UFYRgWL2BsiWn3Q/Avi2IAewep/OOo8w4dilqAmRUHD7Ubw3
880N+dkdnBi2+5hP5UtUIQR1Nxp0kL8Ym7h4/NoKiTf8oKLTsOqZt70WnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA5n9nA/EZiMTJ5EJ73/hTLx0AsLMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvRG1mMmNEOFJtSXhNbmtRbnZmLUZNdkhRQ3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUV8nMA0G
CSqGSIb3DQEBCwUAA4IBAQCKEeh0IONHDt/xK0Bgv7be5fKqIf6VWSkdVFPoNACe
eGkJUBBdTcVsvE+9JAE1X5EzF7GsITwOJIcp5sSsK/5znQ8Th8ttflF4shaaUHpa
0jknansW0g8rMdoYvrpFQ+Wih3AAp0vAkh4ccxJTtIy5FWwCIqRceGXBZ+1W8ngK
6DrmxnAtQ5BvZVniK/Cu62U0c6kcSLQMMP9BYwUZPp0IKliexoqgaGtBhIVi9W9s
Kh2w1anh9kuXtHaIOHViyriIpWixwcKRtPUwwKHfrmA8NzpUITwoPlRabQz+8daL
FdpADyachAr/6I65bQRyXPBul0lt+jb2Fk2nqUUOy/8p
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:14:52 2025 by rpki-client