Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/i3Jx9L0N2q2hPO-ZHz-MkhbEzkI.roa
File: i3Jx9L0N2q2hPO-ZHz-MkhbEzkI.roa (raw, json)
Hash identifier: xzn7g70HXE+tF45Ss2soz1uJq0GT+p4fuwVAx//Pdl8=
Subject key identifier: 8B:72:71:F4:BD:0D:DA:AD:A1:3C:EF:99:1F:3F:8C:92:16:C4:CE:42
Certificate issuer: /CN=807709e7b0efba127025c83e5d3194c71ba428c3
Certificate serial: 018CC49296B4D3C4BC5EB514A17DF88741D9
Authority key identifier: 80:77:09:E7:B0:EF:BA:12:70:25:C8:3E:5D:31:94:C7:1B:A4:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/i3Jx9L0N2q2hPO-ZHz-MkhbEzkI.roa
Signing time: Mon 01 Jan 2024 10:29:50 +0000
ROA not before: Mon 01 Jan 2024 10:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 195.238.242.0/23 maxlen: 24
195.238.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:96:b4:d3:c4:bc:5e:b5:14:a1:7d:f8:87:41:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=807709e7b0efba127025c83e5d3194c71ba428c3
Validity
Not Before: Jan 1 10:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b7271f4bd0ddaada13cef991f3f8c9216c4ce42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e8:21:ee:1b:9c:7b:1b:71:3b:b2:75:7f:b7:
9f:66:ba:b9:dc:2a:1b:82:20:e0:2b:37:e9:9d:d0:
a8:c8:c5:13:af:34:7d:d7:a5:6e:4b:4b:76:d0:f6:
fa:fa:8f:43:f6:63:73:42:72:46:06:e9:5e:b0:41:
97:d6:6e:6a:f1:a4:4a:b4:f2:5e:90:cb:5a:e1:74:
37:26:3c:44:ec:55:89:e8:7a:07:48:f2:f4:eb:51:
3e:a2:0b:39:35:b7:bb:6b:16:00:5a:e5:a5:fd:b1:
b2:32:82:54:11:4c:c0:b8:64:40:ad:e2:04:92:b9:
e0:50:e2:b2:b9:3c:a8:21:e6:56:68:6f:1a:57:25:
86:cf:c5:57:12:4b:3c:14:1b:0b:74:08:be:78:68:
cf:6b:7e:4c:f8:df:b7:00:c9:41:1c:08:cb:a7:f6:
22:57:71:6f:c6:61:ff:72:6c:11:30:46:65:bd:44:
16:75:79:ea:d9:55:c6:bf:f3:ab:e4:4c:49:d8:73:
7a:11:6e:72:0a:8f:c9:ae:77:c2:a1:f3:59:5e:18:
77:4c:62:d2:69:1b:48:fa:49:4f:aa:b9:55:59:2e:
1d:5c:5f:72:4c:7f:1d:27:c1:a9:2c:ff:c3:d6:63:
4b:b4:31:84:25:71:7d:e7:81:c7:d5:10:b5:65:b9:
c4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:72:71:F4:BD:0D:DA:AD:A1:3C:EF:99:1F:3F:8C:92:16:C4:CE:42
X509v3 Authority Key Identifier:
keyid:80:77:09:E7:B0:EF:BA:12:70:25:C8:3E:5D:31:94:C7:1B:A4:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/i3Jx9L0N2q2hPO-ZHz-MkhbEzkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/gHcJ57DvuhJwJcg-XTGUxxukKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.95.0/24
195.238.242.0/23
Signature Algorithm: sha256WithRSAEncryption
61:b7:97:3c:ec:5d:d2:11:8c:b8:9a:1f:d2:f8:94:de:76:65:
d0:a6:ee:de:41:6e:03:04:31:d7:3a:98:da:4b:63:fb:7d:69:
2e:f6:b4:e2:f1:70:6e:bc:43:ea:c4:3a:0e:ce:fc:30:00:63:
60:87:3c:db:1c:39:2e:9d:8e:df:b5:3b:bc:80:be:32:92:c5:
2a:9e:44:68:28:43:2e:00:6b:bd:6f:18:eb:ec:9f:bd:2a:86:
d4:6e:95:28:e0:d5:a6:23:03:e0:00:c9:bb:dc:b0:8f:6f:65:
de:8b:70:f6:d5:2f:26:e6:91:0e:cc:9a:26:3c:a4:05:85:26:
6e:da:17:41:e3:e2:ee:81:9b:f1:8f:36:80:60:f8:a2:a0:87:
0d:74:f3:aa:7d:3a:25:2c:af:a1:ea:a3:28:8f:9f:9c:67:36:
c7:0c:50:1a:c2:93:3b:99:53:19:a3:fe:31:c1:e5:1e:16:a9:
40:07:36:ad:dd:9b:5c:a7:2d:c3:2d:8e:ac:02:1f:66:0a:2d:
12:00:15:49:99:1f:a7:24:f8:95:a0:0d:a0:68:f0:07:4e:a3:
9a:37:a8:91:82:56:17:64:53:5f:83:32:31:87:79:9e:89:5e:
a4:e6:13:43:8c:2b:ea:44:35:67:ed:c6:b9:e8:8d:10:72:2c:
a7:d0:80:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkpa008S8XrUUoX34h0HZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzcwOWU3YjBlZmJhMTI3MDI1YzgzZTVkMzE5NGM3MWJh
NDI4YzMwHhcNMjQwMTAxMTAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjcyNzFmNGJkMGRkYWFkYTEzY2VmOTkxZjNmOGM5MjE2YzRjZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOgh7hucextxO7J1f7efZrq53Cob
giDgKzfpndCoyMUTrzR916VuS0t20Pb6+o9D9mNzQnJGBulesEGX1m5q8aRKtPJe
kMta4XQ3JjxE7FWJ6HoHSPL061E+ogs5Nbe7axYAWuWl/bGyMoJUEUzAuGRAreIE
krngUOKyuTyoIeZWaG8aVyWGz8VXEks8FBsLdAi+eGjPa35M+N+3AMlBHAjLp/Yi
V3FvxmH/cmwRMEZlvUQWdXnq2VXGv/Or5ExJ2HN6EW5yCo/JrnfCofNZXhh3TGLS
aRtI+klPqrlVWS4dXF9yTH8dJ8GpLP/D1mNLtDGEJXF954HH1RC1ZbnE0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFItycfS9DdqtoTzvmR8/jJIWxM5CMB8GA1UdIwQY
MBaAFIB3Ceew77oScCXIPl0xlMcbpCjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0hjSjU3RHZ1aEp3SmNnLVhUR1V4eHVrS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jNDI2YzMtNGYwMy00NmJiLTgwMDgt
YmU5YWQyYmY3MjVmLzEvaTNKeDlMME4ycTJoUE8tWkh6LU1raGJFemtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jNDI2YzMtNGYwMy00NmJiLTgwMDgtYmU5YWQyYmY3MjVm
LzEvZ0hjSjU3RHZ1aEp3SmNnLVhUR1V4eHVrS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw+5fAwQB
w+7yMA0GCSqGSIb3DQEBCwUAA4IBAQBht5c87F3SEYy4mh/S+JTedmXQpu7eQW4D
BDHXOpjaS2P7fWku9rTi8XBuvEPqxDoOzvwwAGNghzzbHDkunY7ftTu8gL4yksUq
nkRoKEMuAGu9bxjr7J+9KobUbpUo4NWmIwPgAMm73LCPb2Xei3D21S8m5pEOzJom
PKQFhSZu2hdB4+LugZvxjzaAYPiioIcNdPOqfTolLK+h6qMoj5+cZzbHDFAawpM7
mVMZo/4xweUeFqlABzat3Ztcpy3DLY6sAh9mCi0SABVJmR+nJPiVoA2gaPAHTqOa
N6iRglYXZFNfgzIxh3meiV6k5hNDjCvqRDVn7ca56I0Qciyn0ICL
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:22 2025 by rpki-client