Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/rdcJSKAKjyGfddmBsvJqJ4UE2Bs.roa
File: rdcJSKAKjyGfddmBsvJqJ4UE2Bs.roa (raw, json)
Hash identifier: uBMk6Zx3zGUqMiYnk8dlCfgL2rlXoYS00WghZsBife8=
Subject key identifier: AD:D7:09:48:A0:0A:8F:21:9F:75:D9:81:B2:F2:6A:27:85:04:D8:1B
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 018CC5DBEA07035B3E7C1D3D579DE9A9BB05
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/rdcJSKAKjyGfddmBsvJqJ4UE2Bs.roa
Signing time: Mon 01 Jan 2024 16:29:32 +0000
ROA not before: Mon 01 Jan 2024 16:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198682
IP address blocks: 95.170.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ea:07:03:5b:3e:7c:1d:3d:57:9d:e9:a9:bb:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Jan 1 16:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=add70948a00a8f219f75d981b2f26a278504d81b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a4:da:6c:86:66:6c:ab:66:b9:36:f9:7c:c5:
c3:0d:85:d8:08:ac:4b:ac:55:fc:da:d4:6e:df:8b:
71:b9:76:18:86:29:5d:aa:9a:4b:8d:46:eb:66:66:
1f:18:cd:72:09:d1:9c:51:a3:f3:8a:41:77:fe:ce:
c5:c2:a0:e7:8c:e6:71:dc:99:43:1d:e1:66:4a:42:
9e:05:41:60:c8:76:1a:53:62:28:1f:39:9d:df:eb:
4a:bd:22:f7:ee:21:09:7c:0c:82:cf:2b:b9:34:7b:
47:35:2e:a7:23:d1:b8:20:cb:f0:81:7c:17:66:8c:
e6:45:48:e5:32:75:af:eb:23:e9:7c:8f:80:51:a0:
24:e7:c8:50:cd:ef:f1:d9:ce:68:e6:54:31:69:9e:
75:10:94:98:7e:18:72:c2:68:3d:9e:9b:2c:dc:0e:
0e:60:ff:e5:a2:1b:25:9d:66:46:45:df:ce:fd:16:
ea:e5:32:d8:8b:3f:05:11:21:f0:75:9d:15:cc:6f:
a2:34:8a:16:fd:3b:1c:82:65:0c:af:82:5f:29:a7:
e3:b0:8c:e2:e4:c0:05:19:5a:e1:36:9c:6d:82:08:
89:a8:53:35:10:ee:58:5e:8f:bd:5f:84:7e:31:a1:
8a:5e:ce:65:8f:be:8c:e5:ee:26:cb:be:ad:32:c3:
ca:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D7:09:48:A0:0A:8F:21:9F:75:D9:81:B2:F2:6A:27:85:04:D8:1B
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/rdcJSKAKjyGfddmBsvJqJ4UE2Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.4.0/24
Signature Algorithm: sha256WithRSAEncryption
18:25:bc:05:20:97:96:ca:e2:ff:f4:43:7b:47:57:22:8c:b5:
b4:28:f5:2e:28:b1:ae:38:f1:b9:dc:25:09:4d:06:7d:d6:bf:
ad:8a:ab:7f:35:2e:0c:2e:e9:f9:b6:a4:5f:f4:e5:4f:97:32:
ed:60:5a:34:5c:8d:b3:43:d1:dc:c6:0f:a1:a3:8b:ef:0e:f0:
0d:d3:b5:ef:b3:bc:3d:dd:16:70:99:25:50:9b:9f:9e:67:0c:
b4:a1:6f:32:76:9d:69:5d:d0:7d:67:85:92:fa:c4:ca:20:fa:
d7:c7:ab:b2:eb:3a:7d:90:61:4c:2d:b1:07:cd:53:ed:01:74:
91:32:88:10:06:7e:8d:d9:a9:e2:6c:b9:93:4f:2e:c5:0e:27:
d8:a5:0d:28:53:b5:46:76:86:17:a1:86:42:ba:cd:59:05:98:
f4:38:48:69:71:38:df:2e:0f:e7:60:d6:c2:d8:14:f6:45:32:
61:ed:bf:ec:3b:26:8e:2b:b4:15:31:87:e5:ff:9d:4e:dd:6f:
33:e3:ca:83:ec:12:7f:15:c4:69:25:20:a6:8b:0f:47:c9:68:
63:47:fa:71:b9:9e:4f:6f:98:93:44:31:95:f9:4c:e5:ac:19:
19:9c:e5:f5:97:95:04:e5:81:e0:29:c6:d5:6d:5a:fb:73:3b:
33:0b:ec:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2+oHA1s+fB09V53pqbsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjQwMTAxMTYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQ3MDk0OGEwMGE4ZjIxOWY3NWQ5ODFiMmYyNmEyNzg1MDRkODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6TabIZmbKtmuTb5fMXDDYXYCKxL
rFX82tRu34txuXYYhildqppLjUbrZmYfGM1yCdGcUaPzikF3/s7FwqDnjOZx3JlD
HeFmSkKeBUFgyHYaU2IoHzmd3+tKvSL37iEJfAyCzyu5NHtHNS6nI9G4IMvwgXwX
ZozmRUjlMnWv6yPpfI+AUaAk58hQze/x2c5o5lQxaZ51EJSYfhhywmg9npss3A4O
YP/lohslnWZGRd/O/Rbq5TLYiz8FESHwdZ0VzG+iNIoW/TscgmUMr4JfKafjsIzi
5MAFGVrhNpxtggiJqFM1EO5YXo+9X4R+MaGKXs5lj76M5e4my76tMsPKiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK3XCUigCo8hn3XZgbLyaieFBNgbMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEvcmRjSlNLQUtqeUdmZGRtQnN2SnFKNFVFMkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6oEMA0G
CSqGSIb3DQEBCwUAA4IBAQAYJbwFIJeWyuL/9EN7R1cijLW0KPUuKLGuOPG53CUJ
TQZ91r+tiqt/NS4MLun5tqRf9OVPlzLtYFo0XI2zQ9Hcxg+ho4vvDvAN07Xvs7w9
3RZwmSVQm5+eZwy0oW8ydp1pXdB9Z4WS+sTKIPrXx6uy6zp9kGFMLbEHzVPtAXSR
MogQBn6N2anibLmTTy7FDifYpQ0oU7VGdoYXoYZCus1ZBZj0OEhpcTjfLg/nYNbC
2BT2RTJh7b/sOyaOK7QVMYfl/51O3W8z48qD7BJ/FcRpJSCmiw9HyWhjR/pxuZ5P
b5iTRDGV+UzlrBkZnOX1l5UE5YHgKcbVbVr7czszC+xD
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:04:18 2025 by rpki-client