Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/yiH1CPRLoK24oFC8HqS2Wv99nzE.roa
File: yiH1CPRLoK24oFC8HqS2Wv99nzE.roa (raw, json)
Hash identifier: JIKe6pS70ZKmwsbr/nLLmBL5vdgiIusftWMcFuSKTEU=
Subject key identifier: CA:21:F5:08:F4:4B:A0:AD:B8:A0:50:BC:1E:A4:B6:5A:FF:7D:9F:31
Certificate issuer: /CN=807709e7b0efba127025c83e5d3194c71ba428c3
Certificate serial: 01931F11A3FEA34FF00E842DC29490D82813
Authority key identifier: 80:77:09:E7:B0:EF:BA:12:70:25:C8:3E:5D:31:94:C7:1B:A4:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/yiH1CPRLoK24oFC8HqS2Wv99nzE.roa
Signing time: Tue 12 Nov 2024 06:31:10 +0000
ROA not before: Tue 12 Nov 2024 06:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3758
IP address blocks: 195.238.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:11:a3:fe:a3:4f:f0:0e:84:2d:c2:94:90:d8:28:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=807709e7b0efba127025c83e5d3194c71ba428c3
Validity
Not Before: Nov 12 06:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca21f508f44ba0adb8a050bc1ea4b65aff7d9f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0f:1b:98:58:3f:18:84:a7:5e:0a:29:ec:1a:
eb:dc:38:85:92:52:7a:db:cb:a2:da:f0:40:5d:69:
d6:4f:9d:17:57:3f:76:52:88:1a:ce:73:3a:ab:55:
62:e7:fa:9c:f3:0b:2f:df:f9:7c:eb:1b:fc:9f:a6:
66:04:1e:03:0c:c4:10:ef:66:af:9a:24:ab:1e:b1:
7d:fc:13:18:c7:c5:2a:f6:b6:e4:39:f9:80:42:29:
60:2b:cf:71:94:f3:2b:93:0c:ef:61:71:c8:90:54:
06:be:fe:20:1a:46:00:17:38:c5:f6:a8:70:d6:87:
53:63:ec:79:58:a5:c6:35:4d:14:c3:2f:f7:88:50:
7a:a2:69:cc:00:09:c7:e3:e7:e8:c6:c9:7e:2d:2f:
89:18:3c:bb:50:d5:3a:09:ce:6e:d2:bd:61:f5:dc:
3f:1f:38:d5:4b:b6:5f:85:bf:ae:a8:b6:fe:5b:17:
b8:35:d3:dd:41:a0:12:3e:87:30:2f:d2:59:0e:8e:
e3:64:d6:17:56:e8:ff:11:10:1b:a8:4d:61:07:a4:
5a:4a:75:54:1a:35:fd:8a:4d:9e:fd:6d:c1:28:bd:
79:89:5b:93:ed:32:71:58:4f:ce:86:b8:0e:b4:d6:
45:40:43:63:9a:6a:35:74:0a:85:e9:a7:e0:08:c2:
eb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:21:F5:08:F4:4B:A0:AD:B8:A0:50:BC:1E:A4:B6:5A:FF:7D:9F:31
X509v3 Authority Key Identifier:
keyid:80:77:09:E7:B0:EF:BA:12:70:25:C8:3E:5D:31:94:C7:1B:A4:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/yiH1CPRLoK24oFC8HqS2Wv99nzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/gHcJ57DvuhJwJcg-XTGUxxukKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.94.0/24
Signature Algorithm: sha256WithRSAEncryption
06:12:e4:03:32:46:38:35:00:7b:52:9b:14:e1:16:cf:01:59:
b7:94:e6:46:85:73:fd:ec:85:9a:c4:d0:68:71:8f:03:34:6a:
f0:43:5a:bc:81:a2:3e:ad:17:96:1a:c3:53:0a:98:b1:ac:b6:
60:9c:39:37:02:30:3f:9d:da:21:cb:84:68:96:4b:c0:48:7c:
e5:ce:d4:36:51:5e:2a:da:95:ba:89:65:7a:18:a1:e8:fd:ef:
ad:38:be:8d:8b:75:45:93:18:d6:fd:76:36:20:34:b0:5f:ad:
bf:91:19:b6:5b:d2:b9:bf:e5:33:aa:7a:82:76:3f:3c:a8:99:
bc:3f:ff:c2:49:88:31:20:91:64:b8:93:4e:59:5b:09:b9:e2:
d8:5c:61:9d:d9:c5:68:c8:28:13:c7:7b:be:75:c2:b6:f2:d0:
df:d2:4a:6d:c6:f9:dc:51:7f:fe:2b:d2:61:97:7b:ae:3f:e5:
e9:4e:b0:0b:22:26:9b:99:2c:57:0c:c7:85:fd:fa:fd:51:a9:
89:76:30:bf:90:f2:f7:ca:79:25:26:04:47:86:73:25:0d:10:
0e:bc:77:c8:c3:9b:ca:80:07:a6:ec:57:0b:bf:5c:86:28:b6:
84:34:0b:bb:e5:69:54:cf:85:53:5f:63:aa:f1:18:d9:67:50:
5b:fe:86:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMfEaP+o0/wDoQtwpSQ2CgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzcwOWU3YjBlZmJhMTI3MDI1YzgzZTVkMzE5NGM3MWJh
NDI4YzMwHhcNMjQxMTEyMDYzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTIxZjUwOGY0NGJhMGFkYjhhMDUwYmMxZWE0YjY1YWZmN2Q5ZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw8bmFg/GISnXgop7Brr3DiFklJ6
28ui2vBAXWnWT50XVz92UogaznM6q1Vi5/qc8wsv3/l86xv8n6ZmBB4DDMQQ72av
miSrHrF9/BMYx8Uq9rbkOfmAQilgK89xlPMrkwzvYXHIkFQGvv4gGkYAFzjF9qhw
1odTY+x5WKXGNU0Uwy/3iFB6omnMAAnH4+foxsl+LS+JGDy7UNU6Cc5u0r1h9dw/
HzjVS7Zfhb+uqLb+Wxe4NdPdQaASPocwL9JZDo7jZNYXVuj/ERAbqE1hB6RaSnVU
GjX9ik2e/W3BKL15iVuT7TJxWE/OhrgOtNZFQENjmmo1dAqF6afgCMLr5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMoh9Qj0S6CtuKBQvB6ktlr/fZ8xMB8GA1UdIwQY
MBaAFIB3Ceew77oScCXIPl0xlMcbpCjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0hjSjU3RHZ1aEp3SmNnLVhUR1V4eHVrS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jNDI2YzMtNGYwMy00NmJiLTgwMDgt
YmU5YWQyYmY3MjVmLzEveWlIMUNQUkxvSzI0b0ZDOEhxUzJXdjk5bnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jNDI2YzMtNGYwMy00NmJiLTgwMDgtYmU5YWQyYmY3MjVm
LzEvZ0hjSjU3RHZ1aEp3SmNnLVhUR1V4eHVrS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+5eMA0G
CSqGSIb3DQEBCwUAA4IBAQAGEuQDMkY4NQB7UpsU4RbPAVm3lOZGhXP97IWaxNBo
cY8DNGrwQ1q8gaI+rReWGsNTCpixrLZgnDk3AjA/ndohy4RolkvASHzlztQ2UV4q
2pW6iWV6GKHo/e+tOL6Ni3VFkxjW/XY2IDSwX62/kRm2W9K5v+UzqnqCdj88qJm8
P//CSYgxIJFkuJNOWVsJueLYXGGd2cVoyCgTx3u+dcK28tDf0kptxvncUX/+K9Jh
l3uuP+XpTrALIiabmSxXDMeF/fr9UamJdjC/kPL3ynklJgRHhnMlDRAOvHfIw5vK
gAem7FcLv1yGKLaENAu75WlUz4VTX2Oq8RjZZ1Bb/ob3
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:22:35 2025 by rpki-client