Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/0W8jZnb3kkh4YTk3BIr8bf1sG1g.roa
File: 0W8jZnb3kkh4YTk3BIr8bf1sG1g.roa (raw, json)
Hash identifier: hvknaRUBI3HvaR9+pCcp2mTdGt0WZUCLQHdkfWl5PvQ=
Subject key identifier: D1:6F:23:66:76:F7:92:48:78:61:39:37:04:8A:FC:6D:FD:6C:1B:58
Certificate issuer: /CN=ce1f59ae34548132892fcc89b1595f9b0360198d
Certificate serial: 018CC56DE847983062C952EA06399FB22E7A
Authority key identifier: CE:1F:59:AE:34:54:81:32:89:2F:CC:89:B1:59:5F:9B:03:60:19:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/0W8jZnb3kkh4YTk3BIr8bf1sG1g.roa
Signing time: Mon 01 Jan 2024 14:29:23 +0000
ROA not before: Mon 01 Jan 2024 14:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41104
IP address blocks: 195.95.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e8:47:98:30:62:c9:52:ea:06:39:9f:b2:2e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce1f59ae34548132892fcc89b1595f9b0360198d
Validity
Not Before: Jan 1 14:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d16f236676f7924878613937048afc6dfd6c1b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e5:c1:dd:b2:9d:10:8c:98:d5:59:de:e1:a3:
82:39:2d:ee:09:8a:f3:76:4f:5b:69:6a:23:48:37:
9a:73:61:c2:ac:ee:2d:75:93:68:01:b4:3f:2c:bd:
5e:94:c7:67:d9:49:37:fc:63:88:cb:b9:7b:cc:a3:
5a:d1:64:61:43:36:de:2d:70:9c:63:30:1c:d0:53:
d5:05:02:d6:10:3c:e9:a0:23:91:ce:95:74:41:fe:
db:be:2f:68:48:3e:2f:9a:73:46:e8:fd:0b:67:0f:
44:1f:08:db:8b:66:4f:64:41:e2:0c:fa:16:ca:73:
6e:44:1d:f2:2d:51:57:63:6b:05:10:ab:bd:6d:6c:
56:4c:90:6f:51:26:0a:12:f8:e1:c4:1f:4e:d5:12:
af:66:cb:cf:bb:23:97:fb:55:43:b3:ea:64:57:30:
64:d1:a6:ed:5d:e7:3b:72:69:e4:5e:c9:73:16:8a:
ba:49:01:87:47:cc:a6:39:1c:d9:0c:e1:f5:e9:41:
e6:03:05:18:1d:89:66:a1:85:11:e2:2d:7c:5b:55:
0a:1c:42:c5:eb:db:63:c9:a7:7b:ae:83:74:b4:42:
35:30:e3:7b:96:09:93:1a:f0:16:b8:16:70:62:99:
5d:3e:93:88:7c:cb:e4:e7:c1:bb:e1:9a:8b:be:e1:
a2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:6F:23:66:76:F7:92:48:78:61:39:37:04:8A:FC:6D:FD:6C:1B:58
X509v3 Authority Key Identifier:
keyid:CE:1F:59:AE:34:54:81:32:89:2F:CC:89:B1:59:5F:9B:03:60:19:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/0W8jZnb3kkh4YTk3BIr8bf1sG1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.173.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:69:00:8e:2a:b1:16:d3:19:f6:e7:15:ec:42:fe:ed:21:8d:
bb:4c:40:93:8a:da:59:80:bb:e1:03:f4:ac:dc:72:1d:6c:e3:
f7:ec:e9:7e:fe:ef:0d:d7:f1:90:63:e4:35:95:a6:34:73:38:
af:34:04:9e:db:0a:ea:c3:12:5e:8e:a0:29:eb:fa:ba:88:d5:
8a:aa:8a:35:c2:88:a9:b1:ea:77:16:36:38:44:5a:3e:03:b4:
dc:f3:10:20:db:12:6a:1d:9a:64:b7:0b:8d:42:77:87:e0:b9:
e6:b1:5c:84:dd:42:a7:5d:1a:13:56:2d:2d:15:81:4f:2a:0c:
77:7f:22:a2:3f:b7:92:c8:8d:62:fd:aa:61:48:06:dd:38:d0:
a1:7f:35:19:1a:0f:eb:27:58:09:35:6a:5c:57:62:03:21:0c:
88:83:6e:0b:92:39:8f:46:e0:ff:ca:42:60:a5:31:0b:e0:26:
40:42:6e:26:ed:b1:33:c3:99:20:32:44:bd:35:a3:43:ed:58:
15:d4:8c:75:71:d6:23:26:02:d3:23:79:a0:89:38:51:72:ef:
66:d9:da:d6:b7:2e:b1:47:5c:ed:6d:52:0c:15:18:62:a6:3c:
bf:50:ad:7e:99:34:0d:2a:65:50:66:32:23:84:3e:e0:2e:7e:
ff:d1:3b:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbehHmDBiyVLqBjmfsi56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMWY1OWFlMzQ1NDgxMzI4OTJmY2M4OWIxNTk1ZjliMDM2
MDE5OGQwHhcNMjQwMTAxMTQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTZmMjM2Njc2Zjc5MjQ4Nzg2MTM5MzcwNDhhZmM2ZGZkNmMxYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeXB3bKdEIyY1Vne4aOCOS3uCYrz
dk9baWojSDeac2HCrO4tdZNoAbQ/LL1elMdn2Uk3/GOIy7l7zKNa0WRhQzbeLXCc
YzAc0FPVBQLWEDzpoCORzpV0Qf7bvi9oSD4vmnNG6P0LZw9EHwjbi2ZPZEHiDPoW
ynNuRB3yLVFXY2sFEKu9bWxWTJBvUSYKEvjhxB9O1RKvZsvPuyOX+1VDs+pkVzBk
0abtXec7cmnkXslzFoq6SQGHR8ymORzZDOH16UHmAwUYHYlmoYUR4i18W1UKHELF
69tjyad7roN0tEI1MON7lgmTGvAWuBZwYpldPpOIfMvk58G74ZqLvuGiBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFvI2Z295JIeGE5NwSK/G39bBtYMB8GA1UdIwQY
MBaAFM4fWa40VIEyiS/MibFZX5sDYBmNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemg5WnJqUlVnVEtKTDh5SnNWbGZtd05nR1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni80ZmEyZDgtZDcxZC00OWIxLThlYjAt
YTM1ODlkYTE2Yzg1LzEvMFc4alpuYjNra2g0WVRrM0JJcjhiZjFzRzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni80ZmEyZDgtZDcxZC00OWIxLThlYjAtYTM1ODlkYTE2Yzg1
LzEvemg5WnJqUlVnVEtKTDh5SnNWbGZtd05nR1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1+tMA0G
CSqGSIb3DQEBCwUAA4IBAQBuaQCOKrEW0xn25xXsQv7tIY27TECTitpZgLvhA/Ss
3HIdbOP37Ol+/u8N1/GQY+Q1laY0czivNASe2wrqwxJejqAp6/q6iNWKqoo1woip
sep3FjY4RFo+A7Tc8xAg2xJqHZpktwuNQneH4LnmsVyE3UKnXRoTVi0tFYFPKgx3
fyKiP7eSyI1i/aphSAbdONChfzUZGg/rJ1gJNWpcV2IDIQyIg24LkjmPRuD/ykJg
pTEL4CZAQm4m7bEzw5kgMkS9NaND7VgV1Ix1cdYjJgLTI3mgiThRcu9m2drWty6x
R1ztbVIMFRhipjy/UK1+mTQNKmVQZjIjhD7gLn7/0Tvp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:57 2025 by rpki-client