Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/9dFDT7ClzE37OwxKg4tYPIjGn-8.roa
File: 9dFDT7ClzE37OwxKg4tYPIjGn-8.roa (raw, json)
Hash identifier: UgWLRMJQoJEQJs71EY9MqTz24btrMXBm75L/GyTswkk=
Subject key identifier: F5:D1:43:4F:B0:A5:CC:4D:FB:3B:0C:4A:83:8B:58:3C:88:C6:9F:EF
Certificate issuer: /CN=6c4e7eafe2ffaa90cae9476803034db6da7c1219
Certificate serial: 018CC6B7816F6A2BCCACA5ACD2AA4FD59F5A
Authority key identifier: 6C:4E:7E:AF:E2:FF:AA:90:CA:E9:47:68:03:03:4D:B6:DA:7C:12:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bE5-r-L_qpDK6UdoAwNNttp8Ehk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/9dFDT7ClzE37OwxKg4tYPIjGn-8.roa
Signing time: Mon 01 Jan 2024 20:29:24 +0000
ROA not before: Mon 01 Jan 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8412
IP address blocks: 195.20.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:81:6f:6a:2b:cc:ac:a5:ac:d2:aa:4f:d5:9f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4e7eafe2ffaa90cae9476803034db6da7c1219
Validity
Not Before: Jan 1 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5d1434fb0a5cc4dfb3b0c4a838b583c88c69fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:52:e9:7a:15:d7:3b:4f:af:28:31:d1:ee:a5:
fc:7f:84:70:70:02:ff:cf:ff:62:c5:c3:1a:b0:69:
ff:da:4c:ba:88:b1:de:9e:a5:5a:49:b5:0c:ca:69:
22:63:0d:c0:96:99:d7:c8:6e:36:ef:da:d5:98:81:
54:1b:db:95:63:e5:67:3c:97:a2:81:0c:f5:fd:ea:
3d:ff:fc:76:b5:c9:11:cd:06:9f:e0:e6:b5:73:11:
ab:54:82:c5:5b:cd:22:49:86:c7:43:14:e0:54:06:
4f:8c:01:bd:1b:33:7a:68:cc:d2:57:a4:eb:0f:0c:
ef:50:ba:fc:f8:6c:d8:45:c8:6d:ec:a2:8b:67:2b:
62:87:d9:87:40:6d:f2:21:fa:50:ae:f3:bb:ee:d7:
53:a5:30:37:e9:56:fc:41:75:85:00:c5:65:35:68:
80:d3:da:02:cb:03:78:c1:b7:7c:34:e1:18:7c:99:
5d:cc:43:3f:03:d0:d3:4f:d9:4d:2e:dd:4b:0c:c3:
ae:d2:79:da:4b:8a:4e:9f:6d:cc:21:4e:7b:38:24:
36:a1:62:6f:1c:20:ac:43:de:a3:80:c9:75:89:00:
35:a5:ec:b8:c3:17:b1:13:23:d6:11:a9:b4:0f:fd:
27:37:f9:bc:e8:79:2e:f7:1e:fd:2f:12:f3:5f:d3:
7f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D1:43:4F:B0:A5:CC:4D:FB:3B:0C:4A:83:8B:58:3C:88:C6:9F:EF
X509v3 Authority Key Identifier:
keyid:6C:4E:7E:AF:E2:FF:AA:90:CA:E9:47:68:03:03:4D:B6:DA:7C:12:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bE5-r-L_qpDK6UdoAwNNttp8Ehk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/9dFDT7ClzE37OwxKg4tYPIjGn-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/bE5-r-L_qpDK6UdoAwNNttp8Ehk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.132.0/24
Signature Algorithm: sha256WithRSAEncryption
98:f0:09:eb:4e:1b:e8:19:bb:f0:c3:f5:1d:5c:f6:3e:21:53:
2f:a9:c5:6f:e6:15:42:ef:7c:ad:e2:7a:a9:e7:28:65:d1:70:
22:2c:b2:9b:8f:32:87:5d:56:3e:6d:00:24:1b:3f:85:d5:fb:
27:4c:3c:8c:c0:59:2e:f9:a3:12:f1:95:d3:a6:a9:94:9e:ee:
93:72:c0:75:83:5f:eb:7a:7e:9f:87:8c:42:06:86:47:8a:db:
db:c4:14:8c:9b:64:83:ba:49:7b:78:73:c4:9e:e0:ef:47:b0:
00:f5:78:64:2a:1a:6f:b6:c4:72:a0:80:e6:71:6d:f5:95:20:
48:cc:3a:c3:2f:63:78:aa:45:37:50:a0:80:44:7c:a1:5a:c1:
f6:90:b5:86:d0:c4:69:c9:56:ea:e0:77:42:e9:85:de:95:59:
24:d3:b8:0d:eb:6e:14:d9:d6:6a:9f:8a:e5:bf:0b:9c:87:8a:
4e:0b:48:46:3c:ef:a2:93:33:d3:4e:cf:4a:7c:68:5a:59:f4:
bd:d5:77:d7:75:8f:ff:bf:56:38:2b:fc:ef:aa:87:64:32:03:
86:78:df:13:81:52:45:36:9f:c1:0f:f8:4a:f3:29:6e:41:e6:
4f:a3:45:a9:ce:cd:03:a0:0b:5c:54:20:a5:6a:9d:bf:43:c7:
a5:78:58:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt4FvaivMrKWs0qpP1Z9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGU3ZWFmZTJmZmFhOTBjYWU5NDc2ODAzMDM0ZGI2ZGE3
YzEyMTkwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQxNDM0ZmIwYTVjYzRkZmIzYjBjNGE4MzhiNTgzYzg4YzY5ZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1LpehXXO0+vKDHR7qX8f4RwcAL/
z/9ixcMasGn/2ky6iLHenqVaSbUMymkiYw3AlpnXyG4279rVmIFUG9uVY+VnPJei
gQz1/eo9//x2tckRzQaf4Oa1cxGrVILFW80iSYbHQxTgVAZPjAG9GzN6aMzSV6Tr
DwzvULr8+GzYRcht7KKLZytih9mHQG3yIfpQrvO77tdTpTA36Vb8QXWFAMVlNWiA
09oCywN4wbd8NOEYfJldzEM/A9DTT9lNLt1LDMOu0nnaS4pOn23MIU57OCQ2oWJv
HCCsQ96jgMl1iQA1pey4wxexEyPWEam0D/0nN/m86Hku9x79LxLzX9N/TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXRQ0+wpcxN+zsMSoOLWDyIxp/vMB8GA1UdIwQY
MBaAFGxOfq/i/6qQyulHaAMDTbbafBIZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkU1LXItTF9xcERLNlVkb0F3Tk50dHA4RWhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zZGVhZTQtNzIwZC00ZWFlLWIzZDkt
YjIxZGQzZjY4YWJhLzEvOWRGRFQ3Q2x6RTM3T3d4S2c0dFlQSWpHbi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8zZGVhZTQtNzIwZC00ZWFlLWIzZDktYjIxZGQzZjY4YWJh
LzEvYkU1LXItTF9xcERLNlVkb0F3Tk50dHA4RWhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxSEMA0G
CSqGSIb3DQEBCwUAA4IBAQCY8AnrThvoGbvww/UdXPY+IVMvqcVv5hVC73yt4nqp
5yhl0XAiLLKbjzKHXVY+bQAkGz+F1fsnTDyMwFku+aMS8ZXTpqmUnu6TcsB1g1/r
en6fh4xCBoZHitvbxBSMm2SDukl7eHPEnuDvR7AA9XhkKhpvtsRyoIDmcW31lSBI
zDrDL2N4qkU3UKCARHyhWsH2kLWG0MRpyVbq4HdC6YXelVkk07gN624U2dZqn4rl
vwuch4pOC0hGPO+ikzPTTs9KfGhaWfS91XfXdY//v1Y4K/zvqodkMgOGeN8TgVJF
Np/BD/hK8yluQeZPo0Wpzs0DoAtcVCClap2/Q8eleFjI
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:00:33 2025 by rpki-client