Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/c2-DBgTgN11Q1hnPFsgc7jtKs7s.roa
File: c2-DBgTgN11Q1hnPFsgc7jtKs7s.roa (raw, json)
Hash identifier: /ycD5uAOLHalWwRwqNtvno5MQQQa18lRRz3IU1ubkz0=
Subject key identifier: 73:6F:83:06:04:E0:37:5D:50:D6:19:CF:16:C8:1C:EE:3B:4A:B3:BB
Certificate issuer: /CN=0bd7e70c005f556a8254e7b12b0eb3d3314d45e2
Certificate serial: 018CCA2A27739A82FEEC93F3C91209D7AC54
Authority key identifier: 0B:D7:E7:0C:00:5F:55:6A:82:54:E7:B1:2B:0E:B3:D3:31:4D:45:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C9fnDABfVWqCVOexKw6z0zFNReI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/c2-DBgTgN11Q1hnPFsgc7jtKs7s.roa
Signing time: Tue 02 Jan 2024 12:33:29 +0000
ROA not before: Tue 02 Jan 2024 12:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35024
IP address blocks: 195.225.34.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:27:73:9a:82:fe:ec:93:f3:c9:12:09:d7:ac:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bd7e70c005f556a8254e7b12b0eb3d3314d45e2
Validity
Not Before: Jan 2 12:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=736f830604e0375d50d619cf16c81cee3b4ab3bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9a:85:57:b2:99:20:10:9e:43:8b:3d:4e:91:
a0:cc:18:63:49:25:5c:d2:28:57:b4:eb:e8:55:a0:
d8:64:69:99:b3:5b:35:28:7f:bd:66:29:96:b7:a2:
9c:6d:ca:ac:70:85:4e:c5:96:44:80:ac:14:09:8c:
44:6e:ff:d8:0a:a6:a5:96:9a:33:67:28:41:4d:9c:
e9:2f:c3:2f:f8:04:d3:cf:44:54:33:c9:50:7c:ef:
2a:8b:5a:21:ee:f0:00:85:d7:f3:60:8d:0a:e2:30:
84:b9:f1:57:30:ca:60:9d:4a:a8:98:6a:e6:76:f1:
ef:5e:79:83:7d:17:8d:b0:aa:71:20:ea:c6:01:4b:
96:58:e1:3a:78:da:50:33:b1:dc:b3:08:72:d3:51:
40:60:ef:c7:12:31:84:c5:fb:b7:6d:f5:76:5d:33:
f5:ac:e5:3a:e5:7f:45:4f:d3:5f:b9:96:5c:14:1c:
de:c5:58:1f:eb:f5:16:94:58:26:f7:ea:e1:e8:95:
0e:2b:26:ac:b1:a3:b5:f4:69:aa:64:e5:88:fe:aa:
c9:e7:79:a5:c3:05:5c:94:b5:f0:44:3f:9b:6e:0f:
8b:ba:0a:20:da:79:67:67:88:99:b1:1d:44:5a:1c:
ab:e3:ba:aa:cd:94:9e:42:49:96:c5:ea:0d:df:3a:
8d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:6F:83:06:04:E0:37:5D:50:D6:19:CF:16:C8:1C:EE:3B:4A:B3:BB
X509v3 Authority Key Identifier:
keyid:0B:D7:E7:0C:00:5F:55:6A:82:54:E7:B1:2B:0E:B3:D3:31:4D:45:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C9fnDABfVWqCVOexKw6z0zFNReI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/c2-DBgTgN11Q1hnPFsgc7jtKs7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/4cffef-9a97-4546-bddd-bb3cc7c944ad/1/C9fnDABfVWqCVOexKw6z0zFNReI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.34.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:5f:e8:de:0f:a5:60:4d:70:7f:47:25:c1:a6:94:f4:5b:c7:
83:9c:c5:a0:13:e0:f2:5f:cb:0d:a9:dc:a9:90:68:db:6f:e9:
04:15:bc:0c:41:c6:ab:7d:3d:ad:7b:93:a5:55:ee:f4:37:57:
e7:23:56:b9:37:56:91:e9:65:22:f7:50:f8:0b:46:09:e6:d6:
e4:8e:56:84:25:30:f1:2a:1d:7b:ce:0e:62:09:ca:29:fe:08:
74:a7:bd:87:ab:41:bb:1e:4f:e9:a2:59:b8:80:43:c2:c9:f0:
43:28:e5:98:4d:96:f6:76:93:15:c5:2d:28:b2:99:fc:d8:1b:
4a:73:33:2b:a1:a8:11:88:a5:4c:7b:aa:8b:98:8c:79:29:27:
b3:fe:b9:87:59:5a:5f:00:f0:f5:54:26:11:13:9a:d1:c1:74:
24:e0:02:83:78:41:bb:5a:2e:60:81:c1:58:ab:24:1b:9f:fe:
51:1c:e5:4c:a8:ec:e8:e2:d4:c1:38:57:98:54:cd:11:13:55:
3c:b9:09:5a:b5:05:32:0a:75:3c:72:16:cb:ee:e6:ea:4a:27:
3d:13:37:4e:07:25:d2:0d:07:28:97:c5:c3:64:d4:3d:68:35:
40:ba:46:3a:48:a1:19:43:94:bb:73:b2:64:56:0a:9c:5d:7c:
49:25:98:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKidzmoL+7JPzyRIJ16xUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZDdlNzBjMDA1ZjU1NmE4MjU0ZTdiMTJiMGViM2QzMzE0
ZDQ1ZTIwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzZmODMwNjA0ZTAzNzVkNTBkNjE5Y2YxNmM4MWNlZTNiNGFiM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5qFV7KZIBCeQ4s9TpGgzBhjSSVc
0ihXtOvoVaDYZGmZs1s1KH+9ZimWt6KcbcqscIVOxZZEgKwUCYxEbv/YCqallpoz
ZyhBTZzpL8Mv+ATTz0RUM8lQfO8qi1oh7vAAhdfzYI0K4jCEufFXMMpgnUqomGrm
dvHvXnmDfReNsKpxIOrGAUuWWOE6eNpQM7Hcswhy01FAYO/HEjGExfu3bfV2XTP1
rOU65X9FT9NfuZZcFBzexVgf6/UWlFgm9+rh6JUOKyassaO19GmqZOWI/qrJ53ml
wwVclLXwRD+bbg+Lugog2nlnZ4iZsR1EWhyr47qqzZSeQkmWxeoN3zqNlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHNvgwYE4DddUNYZzxbIHO47SrO7MB8GA1UdIwQY
MBaAFAvX5wwAX1VqglTnsSsOs9MxTUXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzlmbkRBQmZWV3FDVk9leEt3NnowekZOUmVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80Y2ZmZWYtOWE5Ny00NTQ2LWJkZGQt
YmIzY2M3Yzk0NGFkLzEvYzItREJnVGdOMTFRMWhuUEZzZ2M3anRLczdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi80Y2ZmZWYtOWE5Ny00NTQ2LWJkZGQtYmIzY2M3Yzk0NGFk
LzEvQzlmbkRBQmZWV3FDVk9leEt3NnowekZOUmVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+EiMA0G
CSqGSIb3DQEBCwUAA4IBAQBvX+jeD6VgTXB/RyXBppT0W8eDnMWgE+DyX8sNqdyp
kGjbb+kEFbwMQcarfT2te5OlVe70N1fnI1a5N1aR6WUi91D4C0YJ5tbkjlaEJTDx
Kh17zg5iCcop/gh0p72Hq0G7Hk/polm4gEPCyfBDKOWYTZb2dpMVxS0ospn82BtK
czMroagRiKVMe6qLmIx5KSez/rmHWVpfAPD1VCYRE5rRwXQk4AKDeEG7Wi5ggcFY
qyQbn/5RHOVMqOzo4tTBOFeYVM0RE1U8uQlatQUyCnU8chbL7ubqSic9EzdOByXS
DQcol8XDZNQ9aDVAukY6SKEZQ5S7c7JkVgqcXXxJJZj+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:09 2025 by rpki-client