Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/NKvD7dWzJyl94jet9t6Za4d6Q2E.roa
File: NKvD7dWzJyl94jet9t6Za4d6Q2E.roa (raw, json)
Hash identifier: APhtdoDNbRZ278hdn2mfToQe+aDKzPJo9sexZBY+TYw=
Subject key identifier: 34:AB:C3:ED:D5:B3:27:29:7D:E2:37:AD:F6:DE:99:6B:87:7A:43:61
Certificate issuer: /CN=f501b9e20616d686b405da906afa597635063640
Certificate serial: 018CC79511580E25855B6B1FCF96260604F9
Authority key identifier: F5:01:B9:E2:06:16:D6:86:B4:05:DA:90:6A:FA:59:76:35:06:36:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QG54gYW1oa0BdqQavpZdjUGNkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/NKvD7dWzJyl94jet9t6Za4d6Q2E.roa
Signing time: Tue 02 Jan 2024 00:31:24 +0000
ROA not before: Tue 02 Jan 2024 00:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34204
IP address blocks: 195.95.223.0/24 maxlen: 24
195.95.222.0/23 maxlen: 23
195.95.222.0/24 maxlen: 24
195.135.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:11:58:0e:25:85:5b:6b:1f:cf:96:26:06:04:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f501b9e20616d686b405da906afa597635063640
Validity
Not Before: Jan 2 00:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34abc3edd5b327297de237adf6de996b877a4361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bd:4e:92:d4:79:98:e7:b4:ff:c1:4d:4e:2c:
aa:41:39:ce:64:a8:c4:7a:47:43:8e:58:e5:41:aa:
88:80:ac:72:29:f8:fa:d3:53:b8:38:61:71:c4:10:
ee:24:5c:7f:da:c1:97:9c:17:02:12:02:ce:d4:53:
ca:2e:09:fb:e5:a9:58:e9:0e:b7:80:43:9d:a6:c2:
f7:d1:40:b5:37:2c:ef:93:2c:27:7e:e5:a7:89:f7:
5b:04:0f:e3:48:4f:c9:b8:8a:c0:6d:c1:e7:a2:12:
1e:ce:92:51:06:c4:27:99:03:0d:18:41:eb:cb:7d:
2e:f2:33:52:55:d2:41:91:ba:94:f2:29:11:51:87:
46:c4:ad:65:f8:87:61:ec:14:2f:3b:f8:5d:79:cd:
b7:f2:6e:bd:39:0b:08:70:17:b2:e9:2a:d8:c9:78:
7d:65:b0:2b:f6:b5:7d:a1:a3:dd:e0:ce:d6:2a:b7:
dd:fb:af:70:6d:76:68:41:24:e0:7e:6c:a6:01:c5:
df:26:12:09:f3:23:ef:ab:1d:1d:62:ca:91:1f:a5:
95:28:8e:e5:6f:5b:53:b2:cd:0b:0d:22:3e:27:6d:
1c:4b:a2:89:d7:bf:4f:56:e9:58:42:9f:5a:f1:2f:
ad:90:43:8c:76:b9:17:7d:e0:c7:d4:05:01:84:a3:
3f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AB:C3:ED:D5:B3:27:29:7D:E2:37:AD:F6:DE:99:6B:87:7A:43:61
X509v3 Authority Key Identifier:
keyid:F5:01:B9:E2:06:16:D6:86:B4:05:DA:90:6A:FA:59:76:35:06:36:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QG54gYW1oa0BdqQavpZdjUGNkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/NKvD7dWzJyl94jet9t6Za4d6Q2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/9QG54gYW1oa0BdqQavpZdjUGNkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.222.0/23
195.135.244.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:99:cb:f4:60:7c:88:39:73:40:b9:72:91:ff:7f:58:d0:78:
67:7d:c0:6e:bb:0f:25:8a:16:c7:4a:c0:67:04:f2:87:7c:c4:
68:59:46:91:6f:7e:68:3f:e2:2a:e2:c1:e6:85:11:8f:53:f2:
0d:02:70:d9:3e:cc:8d:02:75:13:6c:a5:9a:73:0d:6f:fc:58:
86:55:5b:08:27:03:59:9b:fb:69:12:68:73:84:95:7c:07:25:
4f:a5:9f:d7:4d:90:6d:86:1c:c7:71:be:0d:1a:a3:65:45:f4:
c1:9e:69:8e:12:17:53:2d:d8:ab:5c:ed:cd:4f:8f:28:c5:df:
2a:43:eb:62:e5:18:97:ca:8e:63:10:42:8c:41:2c:7b:4a:4a:
94:ba:cf:d4:af:26:12:0a:da:5f:98:ed:3b:fd:a6:8b:3a:0b:
0b:0c:6d:09:5b:d9:64:86:c4:d2:48:6b:d0:47:dc:da:00:b2:
2e:17:b7:d9:aa:b0:94:a4:40:c8:14:55:59:88:9c:b4:81:9e:
bc:0c:fa:43:ff:58:81:0b:30:34:5e:68:b6:c4:89:33:8b:96:
ba:d1:0e:88:ba:49:95:05:a1:dd:55:03:2b:1a:60:69:f0:26:
62:8f:2b:d5:51:c9:c2:7a:38:59:76:62:00:58:4c:f8:fa:b4:
ae:38:48:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlRFYDiWFW2sfz5YmBgT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MDFiOWUyMDYxNmQ2ODZiNDA1ZGE5MDZhZmE1OTc2MzUw
NjM2NDAwHhcNMjQwMTAyMDAzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGFiYzNlZGQ1YjMyNzI5N2RlMjM3YWRmNmRlOTk2Yjg3N2E0MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr1OktR5mOe0/8FNTiyqQTnOZKjE
ekdDjljlQaqIgKxyKfj601O4OGFxxBDuJFx/2sGXnBcCEgLO1FPKLgn75alY6Q63
gEOdpsL30UC1NyzvkywnfuWnifdbBA/jSE/JuIrAbcHnohIezpJRBsQnmQMNGEHr
y30u8jNSVdJBkbqU8ikRUYdGxK1l+Idh7BQvO/hdec238m69OQsIcBey6SrYyXh9
ZbAr9rV9oaPd4M7WKrfd+69wbXZoQSTgfmymAcXfJhIJ8yPvqx0dYsqRH6WVKI7l
b1tTss0LDSI+J20cS6KJ179PVulYQp9a8S+tkEOMdrkXfeDH1AUBhKM/GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDSrw+3VsycpfeI3rfbemWuHekNhMB8GA1UdIwQY
MBaAFPUBueIGFtaGtAXakGr6WXY1BjZAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVFHNTRnWVcxb2EwQmRxUWF2cFpkalVHTmtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83YWZjZTQtMjE4Yi00N2VkLTk1YWIt
NzVkNTg0M2FhNDg5LzEvTkt2RDdkV3pKeWw5NGpldDl0NlphNGQ2UTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83YWZjZTQtMjE4Yi00N2VkLTk1YWItNzVkNTg0M2FhNDg5
LzEvOVFHNTRnWVcxb2EwQmRxUWF2cFpkalVHTmtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw1/eAwQC
w4f0MA0GCSqGSIb3DQEBCwUAA4IBAQCtmcv0YHyIOXNAuXKR/39Y0HhnfcBuuw8l
ihbHSsBnBPKHfMRoWUaRb35oP+Iq4sHmhRGPU/INAnDZPsyNAnUTbKWacw1v/FiG
VVsIJwNZm/tpEmhzhJV8ByVPpZ/XTZBthhzHcb4NGqNlRfTBnmmOEhdTLdirXO3N
T48oxd8qQ+ti5RiXyo5jEEKMQSx7SkqUus/UryYSCtpfmO07/aaLOgsLDG0JW9lk
hsTSSGvQR9zaALIuF7fZqrCUpEDIFFVZiJy0gZ68DPpD/1iBCzA0Xmi2xIkzi5a6
0Q6IukmVBaHdVQMrGmBp8CZijyvVUcnCejhZdmIAWEz4+rSuOEiv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:42 2025 by rpki-client