Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/StB1UFEtCDyFdBk9HlyRT4BiwUk.roa
File: StB1UFEtCDyFdBk9HlyRT4BiwUk.roa (raw, json)
Hash identifier: ct9iISW5+oa4TKmVnU9Tll+2mtNtAhknET/NdBKdXN0=
Subject key identifier: 4A:D0:75:50:51:2D:08:3C:85:74:19:3D:1E:5C:91:4F:80:62:C1:49
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01942D9AACAB1C5E8AB503F4BAD4B03892D3
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/StB1UFEtCDyFdBk9HlyRT4BiwUk.roa
Signing time: Fri 03 Jan 2025 19:18:18 +0000
ROA not before: Fri 03 Jan 2025 19:18:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137517
IP address blocks: 195.39.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 09:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2d:9a:ac:ab:1c:5e:8a:b5:03:f4:ba:d4:b0:38:92:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 3 19:18:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ad07550512d083c8574193d1e5c914f8062c149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ac:d3:bf:11:8f:5b:70:ef:c9:70:cd:06:b2:
5a:62:e0:26:90:5e:75:82:3d:42:31:24:c3:a3:bc:
b9:ca:e8:51:81:f9:5e:63:3c:10:ad:f4:db:32:02:
f5:5a:c4:08:3c:8b:39:6f:cf:39:69:d3:5a:1f:b8:
e1:b8:9f:32:aa:9f:b1:ad:82:e6:65:aa:2c:55:85:
a8:25:57:c4:e8:cd:e9:f3:e8:cc:32:84:0c:ff:c2:
98:0e:7a:2f:0b:a1:45:14:37:16:d4:ad:b4:fb:dc:
bc:e8:03:19:48:0a:23:ab:f2:4e:d8:12:f9:00:c6:
ab:b8:01:88:35:2e:c2:8b:23:a7:b2:ee:9b:60:98:
e9:80:79:d0:68:d3:35:6e:67:c8:78:f7:b5:e5:9f:
bb:89:48:32:23:20:5d:73:5a:c2:ec:94:6a:4e:af:
5c:e8:90:ac:7e:46:d6:95:d2:95:3e:52:6f:2a:37:
b3:91:eb:c8:02:09:7d:05:dd:02:b7:79:58:23:b5:
15:6d:bd:15:ed:8b:13:85:87:b8:db:ed:cb:36:6b:
99:2c:5c:e9:26:ca:c8:2b:74:1f:2a:de:93:d8:a4:
ce:9c:5f:d1:47:20:d9:64:22:a9:98:77:26:4c:72:
92:69:f5:f2:7d:8c:20:9d:9f:f1:95:a2:81:32:38:
d1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D0:75:50:51:2D:08:3C:85:74:19:3D:1E:5C:91:4F:80:62:C1:49
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/StB1UFEtCDyFdBk9HlyRT4BiwUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.39.215.0/24
Signature Algorithm: sha256WithRSAEncryption
61:f0:7a:4f:9a:de:c6:0d:6c:21:46:61:2e:02:39:c6:29:83:
7a:04:e7:a1:03:d9:16:77:4e:c3:b9:15:98:22:57:be:f7:e0:
82:2d:0b:22:d6:72:65:f0:58:83:40:34:ca:ac:da:21:ee:97:
75:c6:a3:42:c8:9c:bd:29:97:2b:32:04:05:a1:c5:90:c8:4f:
1d:76:52:ed:34:0d:38:40:f6:cf:21:d5:8c:ac:90:66:1b:0a:
2e:4f:ae:59:d1:9c:8e:ca:02:76:ef:da:f1:ce:5e:e4:48:d1:
0c:07:17:cd:a8:38:58:9f:84:f0:28:44:0d:29:40:5f:de:b6:
6d:83:38:ee:22:ca:c6:02:a0:ac:c3:91:cf:b2:9c:8c:e5:2a:
b6:e7:5f:10:89:2f:39:91:b8:52:e4:a3:2d:97:3d:b7:de:fd:
4b:32:84:75:f1:02:d5:19:fc:3d:50:fe:d5:41:c7:a2:36:0a:
6f:46:99:ad:a3:c3:01:a3:83:61:21:37:a2:67:8f:51:cd:8e:
01:b1:05:8c:f6:10:68:40:c9:9a:2d:a6:25:e8:bc:3c:93:2a:
7b:fd:78:52:1d:1f:b7:93:8a:8c:8c:3b:65:c8:f7:95:c4:fa:
2d:13:43:9d:8e:93:8a:3d:f1:99:54:ec:2c:6f:33:6b:1b:b2:
e1:65:2f:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQtmqyrHF6KtQP0utSwOJLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwMTAzMTkxODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQwNzU1MDUxMmQwODNjODU3NDE5M2QxZTVjOTE0ZjgwNjJjMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsazTvxGPW3DvyXDNBrJaYuAmkF51
gj1CMSTDo7y5yuhRgfleYzwQrfTbMgL1WsQIPIs5b885adNaH7jhuJ8yqp+xrYLm
ZaosVYWoJVfE6M3p8+jMMoQM/8KYDnovC6FFFDcW1K20+9y86AMZSAojq/JO2BL5
AMaruAGINS7CiyOnsu6bYJjpgHnQaNM1bmfIePe15Z+7iUgyIyBdc1rC7JRqTq9c
6JCsfkbWldKVPlJvKjezkevIAgl9Bd0Ct3lYI7UVbb0V7YsThYe42+3LNmuZLFzp
JsrIK3QfKt6T2KTOnF/RRyDZZCKpmHcmTHKSafXyfYwgnZ/xlaKBMjjRrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFErQdVBRLQg8hXQZPR5ckU+AYsFJMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvU3RCMVVGRXRDRHlGZEJrOUhseVJUNEJpd1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyfXMA0G
CSqGSIb3DQEBCwUAA4IBAQBh8HpPmt7GDWwhRmEuAjnGKYN6BOehA9kWd07DuRWY
Ile+9+CCLQsi1nJl8FiDQDTKrNoh7pd1xqNCyJy9KZcrMgQFocWQyE8ddlLtNA04
QPbPIdWMrJBmGwouT65Z0ZyOygJ279rxzl7kSNEMBxfNqDhYn4TwKEQNKUBf3rZt
gzjuIsrGAqCsw5HPspyM5Sq2518QiS85kbhS5KMtlz233v1LMoR18QLVGfw9UP7V
QceiNgpvRpmto8MBo4NhITeiZ49RzY4BsQWM9hBoQMmaLaYl6Lw8kyp7/XhSHR+3
k4qMjDtlyPeVxPotE0OdjpOKPfGZVOwsbzNrG7LhZS8J
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:07:48 2025 by rpki-client