Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/EKSHjsIN4Zne4gJT5_o_zMlnmu0.roa
File: EKSHjsIN4Zne4gJT5_o_zMlnmu0.roa (raw, json)
Hash identifier: KFjZk5tIDRwiJFWxHdumzcBOJhVM7Y0ZQLmqGbNfBYM=
Subject key identifier: 10:A4:87:8E:C2:0D:E1:99:DE:E2:02:53:E7:FA:3F:CC:C9:67:9A:ED
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 018CC56E94B05621DC347B715517CBB75F32
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/EKSHjsIN4Zne4gJT5_o_zMlnmu0.roa
Signing time: Mon 01 Jan 2024 14:30:07 +0000
ROA not before: Mon 01 Jan 2024 14:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60027
IP address blocks: 195.214.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:94:b0:56:21:dc:34:7b:71:55:17:cb:b7:5f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 14:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10a4878ec20de199dee20253e7fa3fccc9679aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6c:1b:5c:75:75:56:45:a4:31:a0:cd:85:fb:
d1:5a:2a:65:b3:fe:29:ed:8f:00:fd:d7:b4:9a:d4:
03:37:a3:25:11:08:71:1b:2d:2f:f3:88:87:23:c3:
bd:8a:2a:38:e6:cd:c8:55:8a:fd:33:ff:ac:8f:c3:
63:ea:ae:27:73:72:54:ff:df:25:46:ee:90:a6:93:
b9:ca:4d:90:d7:23:c9:15:eb:ea:b9:66:f9:07:f9:
ab:5b:91:cf:09:d1:d4:75:07:6f:8f:a7:74:44:c6:
03:2a:9d:5e:c7:e1:e7:dd:81:c4:e1:ce:cb:88:10:
46:22:99:66:34:c3:f9:e1:cc:e9:3d:cd:a9:35:89:
2d:e7:74:21:6d:2e:56:a1:ec:f9:35:c0:4d:00:1c:
ba:03:e4:d2:4b:78:0a:af:ac:e7:f1:23:4d:36:70:
27:ba:c8:37:52:3d:e0:df:1d:c1:fa:b8:9f:39:ef:
82:6f:d6:35:bf:ee:e0:6a:e3:b9:7d:03:63:e8:42:
0f:55:a5:22:9c:6f:ef:c7:83:ce:16:14:8e:c0:e1:
43:3d:58:2b:e3:47:9e:3a:76:fc:14:fc:97:63:a2:
ac:7a:ab:7b:c8:44:ac:22:1a:2e:ca:41:d6:da:63:
8e:bd:13:aa:3d:80:49:22:ef:b9:87:13:db:fd:60:
0f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A4:87:8E:C2:0D:E1:99:DE:E2:02:53:E7:FA:3F:CC:C9:67:9A:ED
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/EKSHjsIN4Zne4gJT5_o_zMlnmu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.214.154.0/24
Signature Algorithm: sha256WithRSAEncryption
63:f5:b1:fa:90:11:f1:1f:82:bb:10:e8:94:d3:81:e1:78:1e:
03:55:20:e7:48:6a:59:c9:1f:97:3a:b1:85:ae:a7:e4:87:1a:
93:26:e4:4e:53:73:fb:04:ad:7a:7c:51:26:f6:a5:98:1c:ec:
a2:e9:85:c7:44:83:9d:6a:2a:24:02:51:0c:c9:89:b5:39:1d:
e2:15:4a:53:5d:52:ca:7c:5b:09:36:ca:93:6f:64:8c:4a:ca:
b6:ce:9d:bc:25:1b:26:0f:d6:09:12:05:61:f1:b9:2a:3d:00:
a8:87:f8:81:61:75:1d:5a:a3:e8:36:6a:e1:05:ec:e5:13:f0:
9a:7a:16:dc:d9:b8:7a:ac:5a:b4:1b:8b:1b:cb:7c:c9:64:92:
f8:dd:70:f2:8e:6e:ab:d5:07:ef:04:cc:e5:64:71:cc:45:48:
56:60:f9:5f:2a:9a:23:17:4d:73:c9:81:53:3c:e9:d7:25:11:
ca:cd:06:71:02:3a:2f:e3:b6:ab:0a:84:43:c7:32:30:31:ab:
c1:a9:ac:86:b8:a3:65:14:a1:a9:d9:9e:bd:4f:27:13:76:07:
1e:92:e3:be:e9:4a:86:5f:4e:74:08:5f:6c:45:92:c7:4b:b7:
34:c0:7f:be:fe:fc:25:a9:bd:c3:c3:d5:68:bc:4a:81:3c:86:
ee:51:c4:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbpSwViHcNHtxVRfLt18yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjQwMTAxMTQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGE0ODc4ZWMyMGRlMTk5ZGVlMjAyNTNlN2ZhM2ZjY2M5Njc5YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2wbXHV1VkWkMaDNhfvRWipls/4p
7Y8A/de0mtQDN6MlEQhxGy0v84iHI8O9iio45s3IVYr9M/+sj8Nj6q4nc3JU/98l
Ru6QppO5yk2Q1yPJFevquWb5B/mrW5HPCdHUdQdvj6d0RMYDKp1ex+Hn3YHE4c7L
iBBGIplmNMP54czpPc2pNYkt53QhbS5Woez5NcBNABy6A+TSS3gKr6zn8SNNNnAn
usg3Uj3g3x3B+rifOe+Cb9Y1v+7gauO5fQNj6EIPVaUinG/vx4POFhSOwOFDPVgr
40eeOnb8FPyXY6Kseqt7yESsIhouykHW2mOOvROqPYBJIu+5hxPb/WAPjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCkh47CDeGZ3uICU+f6P8zJZ5rtMB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEvRUtTSGpzSU40Wm5lNGdKVDVfb196TWxubXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9aaMA0G
CSqGSIb3DQEBCwUAA4IBAQBj9bH6kBHxH4K7EOiU04HheB4DVSDnSGpZyR+XOrGF
rqfkhxqTJuROU3P7BK16fFEm9qWYHOyi6YXHRIOdaiokAlEMyYm1OR3iFUpTXVLK
fFsJNsqTb2SMSsq2zp28JRsmD9YJEgVh8bkqPQCoh/iBYXUdWqPoNmrhBezlE/Ca
ehbc2bh6rFq0G4sby3zJZJL43XDyjm6r1QfvBMzlZHHMRUhWYPlfKpojF01zyYFT
POnXJRHKzQZxAjov47arCoRDxzIwMavBqayGuKNlFKGp2Z69TycTdgcekuO+6UqG
X050CF9sRZLHS7c0wH++/vwlqb3Dw9VovEqBPIbuUcS+
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:50:18 2025 by rpki-client