Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/068c4a-76c0-4fbe-a9ee-0df73c2f6a9f/1/DrebwTPkbIKGpUCNFsTKEHXyRiU.roa
File: DrebwTPkbIKGpUCNFsTKEHXyRiU.roa (raw, json)
Hash identifier: Ns4E1vLbWB0ETvLJdxyDHiy2kqGHi8xkkXIgijrApcE=
Subject key identifier: 0E:B7:9B:C1:33:E4:6C:82:86:A5:40:8D:16:C4:CA:10:75:F2:46:25
Certificate issuer: /CN=a15df6cd829d95f63d931d5dcf91cc8ba50f90b0
Certificate serial: 018CC5DCD5D2017522D50B16875AB8EA8EBA
Authority key identifier: A1:5D:F6:CD:82:9D:95:F6:3D:93:1D:5D:CF:91:CC:8B:A5:0F:90:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oV32zYKdlfY9kx1dz5HMi6UPkLA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/068c4a-76c0-4fbe-a9ee-0df73c2f6a9f/1/DrebwTPkbIKGpUCNFsTKEHXyRiU.roa
Signing time: Mon 01 Jan 2024 16:30:33 +0000
ROA not before: Mon 01 Jan 2024 16:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42648
IP address blocks: 195.248.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:d5:d2:01:75:22:d5:0b:16:87:5a:b8:ea:8e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a15df6cd829d95f63d931d5dcf91cc8ba50f90b0
Validity
Not Before: Jan 1 16:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0eb79bc133e46c8286a5408d16c4ca1075f24625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ea:ed:27:52:0e:e1:66:bd:79:10:59:bb:6b:
3b:46:8d:fe:f7:d8:3a:b2:87:da:b2:06:af:e7:3c:
5d:b8:ec:7f:5e:74:d8:23:c0:79:5b:b0:7d:e6:3b:
55:0a:67:92:2c:f1:d1:fb:48:53:3e:22:45:ff:4e:
70:49:9b:da:a4:8c:7d:ce:f7:70:40:31:a7:dc:6b:
26:be:6a:44:15:85:64:d5:23:0f:59:e1:63:c7:2f:
4d:50:fc:e0:95:ea:fa:cd:99:e7:38:73:58:25:63:
6e:59:0c:e3:5b:97:39:48:09:4f:a1:5c:c4:ff:99:
2e:fd:b5:e3:10:2f:c5:fe:3e:b0:fb:05:48:04:2e:
bc:96:dc:e3:31:d0:12:da:9c:7b:81:7f:ae:90:28:
a7:65:8f:b6:11:0d:f5:8f:f1:a9:f5:18:95:7d:ff:
bf:b0:f7:62:14:c6:33:cf:d5:b4:7c:bd:d3:52:eb:
92:48:8d:de:3e:81:c8:b5:a1:f2:7b:ca:77:42:df:
7a:7c:15:ed:d4:2f:52:40:65:1a:16:13:95:d3:4b:
ca:49:08:64:5a:38:d9:48:4a:7b:e7:15:ae:af:a6:
41:17:15:19:22:8a:19:dc:c8:bd:2e:ce:2c:b6:51:
c8:f9:cc:43:b3:7b:69:cf:66:6b:dd:bf:78:f1:a3:
7a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B7:9B:C1:33:E4:6C:82:86:A5:40:8D:16:C4:CA:10:75:F2:46:25
X509v3 Authority Key Identifier:
keyid:A1:5D:F6:CD:82:9D:95:F6:3D:93:1D:5D:CF:91:CC:8B:A5:0F:90:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oV32zYKdlfY9kx1dz5HMi6UPkLA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/068c4a-76c0-4fbe-a9ee-0df73c2f6a9f/1/DrebwTPkbIKGpUCNFsTKEHXyRiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/068c4a-76c0-4fbe-a9ee-0df73c2f6a9f/1/oV32zYKdlfY9kx1dz5HMi6UPkLA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.248.225.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:a7:ef:fe:45:64:d5:67:1a:d1:0c:57:0f:2d:55:5b:62:b5:
5d:5c:99:6c:f3:f5:8f:db:6e:5b:23:d6:17:a0:22:78:99:52:
e4:96:a6:17:fd:86:e0:00:5b:cb:0b:34:1f:90:5a:61:5f:72:
8f:8e:36:10:c5:e7:3f:11:1b:6b:2b:91:fb:68:f3:98:25:66:
ac:80:03:a1:65:0b:35:d9:ad:59:ea:11:90:1d:60:d9:df:47:
b0:e4:b8:f3:1c:58:f4:9c:e1:aa:45:c3:d8:72:c6:af:27:40:
ad:f4:ee:e6:89:4e:37:f9:30:55:0a:ad:27:f9:78:4f:14:a3:
9b:9a:5d:c4:24:2d:11:2e:fd:c7:de:79:43:74:5b:cc:ce:6e:
95:9b:92:c3:a6:9b:c2:d6:73:ad:5d:74:a1:0b:60:28:a3:c9:
17:b8:f7:4d:78:4b:99:81:cb:e2:14:a9:28:22:ee:a9:86:25:
c4:20:7e:0b:ad:b3:51:d6:4c:5d:94:5c:fc:46:81:db:e8:ee:
98:e5:3f:cc:c3:7e:32:5d:31:76:72:4d:7b:36:31:9b:69:e0:
f6:0a:87:18:b6:93:ef:d9:83:6a:8e:75:de:03:cf:31:21:8c:
03:4b:6b:bf:74:ca:cc:de:f7:3a:25:24:e5:db:91:40:b4:d7:
a3:35:69:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3NXSAXUi1QsWh1q46o66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNWRmNmNkODI5ZDk1ZjYzZDkzMWQ1ZGNmOTFjYzhiYTUw
ZjkwYjAwHhcNMjQwMTAxMTYzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWI3OWJjMTMzZTQ2YzgyODZhNTQwOGQxNmM0Y2ExMDc1ZjI0NjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOrtJ1IO4Wa9eRBZu2s7Ro3+99g6
sofasgav5zxduOx/XnTYI8B5W7B95jtVCmeSLPHR+0hTPiJF/05wSZvapIx9zvdw
QDGn3GsmvmpEFYVk1SMPWeFjxy9NUPzgler6zZnnOHNYJWNuWQzjW5c5SAlPoVzE
/5ku/bXjEC/F/j6w+wVIBC68ltzjMdAS2px7gX+ukCinZY+2EQ31j/Gp9RiVff+/
sPdiFMYzz9W0fL3TUuuSSI3ePoHItaHye8p3Qt96fBXt1C9SQGUaFhOV00vKSQhk
WjjZSEp75xWur6ZBFxUZIooZ3Mi9Ls4stlHI+cxDs3tpz2Zr3b948aN6HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA63m8Ez5GyChqVAjRbEyhB18kYlMB8GA1UdIwQY
MBaAFKFd9s2CnZX2PZMdXc+RzIulD5CwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1YzMnpZS2RsZlk5a3gxZHo1SE1pNlVQa0xBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wNjhjNGEtNzZjMC00ZmJlLWE5ZWUt
MGRmNzNjMmY2YTlmLzEvRHJlYndUUGtiSUtHcFVDTkZzVEtFSFh5UmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wNjhjNGEtNzZjMC00ZmJlLWE5ZWUtMGRmNzNjMmY2YTlm
LzEvb1YzMnpZS2RsZlk5a3gxZHo1SE1pNlVQa0xBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/jhMA0G
CSqGSIb3DQEBCwUAA4IBAQB9p+/+RWTVZxrRDFcPLVVbYrVdXJls8/WP225bI9YX
oCJ4mVLklqYX/YbgAFvLCzQfkFphX3KPjjYQxec/ERtrK5H7aPOYJWasgAOhZQs1
2a1Z6hGQHWDZ30ew5LjzHFj0nOGqRcPYcsavJ0Ct9O7miU43+TBVCq0n+XhPFKOb
ml3EJC0RLv3H3nlDdFvMzm6Vm5LDppvC1nOtXXShC2Aoo8kXuPdNeEuZgcviFKko
Iu6phiXEIH4LrbNR1kxdlFz8RoHb6O6Y5T/Mw34yXTF2ck17NjGbaeD2CocYtpPv
2YNqjnXeA88xIYwDS2u/dMrM3vc6JSTl25FAtNejNWn+
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:35 2025 by rpki-client