Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/4d8207-e7cb-4232-8290-250bec9dcca1/1/jMvQd2Pxfz0Kzw2MHPcj2gRaS_w.roa
File: jMvQd2Pxfz0Kzw2MHPcj2gRaS_w.roa (raw, json)
Hash identifier: ZhXhasV7ecBEftEmtWz6OJUIUz+Hs9fovq1DT4Tneac=
Subject key identifier: 8C:CB:D0:77:63:F1:7F:3D:0A:CF:0D:8C:1C:F7:23:DA:04:5A:4B:FC
Certificate issuer: /CN=5758fcd22fb7a11dea8b37e4c3f622aa7a47b9ee
Certificate serial: 018CC5002A08067DBD329DBBF9C881000EF5
Authority key identifier: 57:58:FC:D2:2F:B7:A1:1D:EA:8B:37:E4:C3:F6:22:AA:7A:47:B9:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1j80i-3oR3qizfkw_YiqnpHue4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/4d8207-e7cb-4232-8290-250bec9dcca1/1/jMvQd2Pxfz0Kzw2MHPcj2gRaS_w.roa
Signing time: Mon 01 Jan 2024 12:29:31 +0000
ROA not before: Mon 01 Jan 2024 12:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207999
IP address blocks: 95.130.0.0/22 maxlen: 22
2a0e:8d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2a:08:06:7d:bd:32:9d:bb:f9:c8:81:00:0e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5758fcd22fb7a11dea8b37e4c3f622aa7a47b9ee
Validity
Not Before: Jan 1 12:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ccbd07763f17f3d0acf0d8c1cf723da045a4bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:26:3a:c0:1c:ca:33:30:86:14:4c:b4:05:98:
b8:8f:a1:a5:ba:1f:4a:72:7b:f6:be:4d:04:d2:d7:
8b:40:bc:d1:f7:d4:e9:6d:54:f0:56:55:e6:83:71:
01:6a:52:74:b4:cc:de:65:ac:c8:7e:2f:a4:d3:11:
30:20:fd:96:3f:e0:11:88:44:de:db:9d:96:aa:0c:
78:0f:d3:31:48:a7:89:bd:38:8f:fd:19:c3:b7:30:
53:f9:f9:83:28:17:ba:3d:ea:5b:6d:19:21:9c:a9:
80:57:ca:07:f2:15:90:2f:fc:1a:0c:95:4c:62:46:
8f:31:5e:8c:e1:5f:7f:68:66:50:c0:d2:3a:60:2f:
d7:f2:c7:58:17:d4:f7:d1:2d:14:9c:c5:17:94:04:
b1:f2:56:1b:6e:7f:2c:cb:cb:aa:50:f6:5a:20:a7:
8b:1e:0e:7d:f2:e4:ce:06:c5:a1:7c:28:fd:8a:de:
bd:77:c3:d1:4f:42:22:2e:da:7f:90:7f:73:31:7c:
5a:75:d0:9d:28:f8:65:9b:f1:90:20:94:f3:fa:5b:
27:14:91:e3:5f:60:77:ab:71:66:c7:27:bf:dc:d5:
03:3d:89:3a:ce:0d:8f:62:fb:c3:21:0d:9b:64:b8:
ff:38:c1:d8:93:40:0d:27:64:d8:13:2a:62:bc:a9:
d9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CB:D0:77:63:F1:7F:3D:0A:CF:0D:8C:1C:F7:23:DA:04:5A:4B:FC
X509v3 Authority Key Identifier:
keyid:57:58:FC:D2:2F:B7:A1:1D:EA:8B:37:E4:C3:F6:22:AA:7A:47:B9:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1j80i-3oR3qizfkw_YiqnpHue4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/4d8207-e7cb-4232-8290-250bec9dcca1/1/jMvQd2Pxfz0Kzw2MHPcj2gRaS_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/4d8207-e7cb-4232-8290-250bec9dcca1/1/V1j80i-3oR3qizfkw_YiqnpHue4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.0.0/22
IPv6:
2a0e:8d80::/29
Signature Algorithm: sha256WithRSAEncryption
25:3c:b3:2b:75:66:16:a4:b6:3a:e7:d2:c3:f9:4f:49:d9:8d:
1b:8c:e0:ce:b3:04:ac:be:b6:f4:95:b0:aa:5b:04:ee:2e:cf:
46:30:d8:20:a2:fa:f7:4c:ec:5b:57:82:8e:cc:7b:27:e4:1b:
89:7a:f9:3a:b0:c4:8e:64:a9:2b:42:a0:58:c6:97:37:53:87:
da:ae:0c:d6:42:ed:c1:3f:02:f3:d3:3f:cf:1a:3a:74:80:73:
b4:63:d9:bf:20:c7:93:5f:e1:92:8c:a2:cd:98:7c:aa:99:f3:
2b:ef:8d:e7:c4:b7:72:84:43:44:50:56:b9:7c:ce:0a:40:17:
19:5f:b2:7f:13:65:bd:c1:a3:c0:a3:34:68:85:3a:44:aa:64:
4d:fc:d0:f8:3d:71:34:1d:fe:f7:1e:69:69:66:6a:a4:5f:1d:
25:5b:58:54:d1:cf:0b:21:9a:15:74:ea:32:6e:ae:d1:15:95:
56:73:ff:a3:7b:bd:4d:ed:ff:fe:2c:68:63:c9:98:30:68:24:
d0:9a:e8:77:ee:ff:d7:ae:e1:c5:57:21:6d:15:59:29:85:01:
a2:63:bd:0f:fe:ba:c8:8c:96:76:df:a6:84:a4:94:62:15:5c:
53:9d:e9:67:91:c6:cd:ec:a0:28:68:2e:88:40:14:c8:a6:56:
8f:fc:8f:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFACoIBn29Mp27+ciBAA71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NThmY2QyMmZiN2ExMWRlYThiMzdlNGMzZjYyMmFhN2E0
N2I5ZWUwHhcNMjQwMTAxMTIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2NiZDA3NzYzZjE3ZjNkMGFjZjBkOGMxY2Y3MjNkYTA0NWE0YmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SY6wBzKMzCGFEy0BZi4j6Gluh9K
cnv2vk0E0teLQLzR99TpbVTwVlXmg3EBalJ0tMzeZazIfi+k0xEwIP2WP+ARiETe
252Wqgx4D9MxSKeJvTiP/RnDtzBT+fmDKBe6PepbbRkhnKmAV8oH8hWQL/waDJVM
YkaPMV6M4V9/aGZQwNI6YC/X8sdYF9T30S0UnMUXlASx8lYbbn8sy8uqUPZaIKeL
Hg598uTOBsWhfCj9it69d8PRT0IiLtp/kH9zMXxaddCdKPhlm/GQIJTz+lsnFJHj
X2B3q3Fmxye/3NUDPYk6zg2PYvvDIQ2bZLj/OMHYk0ANJ2TYEypivKnZKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIzL0Hdj8X89Cs8NjBz3I9oEWkv8MB8GA1UdIwQY
MBaAFFdY/NIvt6Ed6os35MP2Iqp6R7nuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFqODBpLTNvUjNxaXpma3dfWWlxbnBIdWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80ZDgyMDctZTdjYi00MjMyLTgyOTAt
MjUwYmVjOWRjY2ExLzEvak12UWQyUHhmejBLencyTUhQY2oyZ1JhU193LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80ZDgyMDctZTdjYi00MjMyLTgyOTAtMjUwYmVjOWRjY2Ex
LzEvVjFqODBpLTNvUjNxaXpma3dfWWlxbnBIdWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCX4IAMA0E
AgACMAcDBQMqDo2AMA0GCSqGSIb3DQEBCwUAA4IBAQAlPLMrdWYWpLY659LD+U9J
2Y0bjODOswSsvrb0lbCqWwTuLs9GMNggovr3TOxbV4KOzHsn5BuJevk6sMSOZKkr
QqBYxpc3U4fargzWQu3BPwLz0z/PGjp0gHO0Y9m/IMeTX+GSjKLNmHyqmfMr743n
xLdyhENEUFa5fM4KQBcZX7J/E2W9waPAozRohTpEqmRN/ND4PXE0Hf73HmlpZmqk
Xx0lW1hU0c8LIZoVdOoybq7RFZVWc/+je71N7f/+LGhjyZgwaCTQmuh37v/XruHF
VyFtFVkphQGiY70P/rrIjJZ236aEpJRiFVxTnelnkcbN7KAoaC6IQBTIplaP/I+H
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:27:02 2025 by rpki-client