Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/8cHVdPPZPgl0vmoJSWl6vfSm4B8.roa
File: 8cHVdPPZPgl0vmoJSWl6vfSm4B8.roa (raw, json)
Hash identifier: Bi6X/TK9jUkvUGJGBQ2waV7gFuqxYp7mXuXQaP33N/k=
Subject key identifier: F1:C1:D5:74:F3:D9:3E:09:74:BE:6A:09:49:69:7A:BD:F4:A6:E0:1F
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 019514E19428147EDD2B9A6AE3FC7C42C58A
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/8cHVdPPZPgl0vmoJSWl6vfSm4B8.roa
Signing time: Mon 17 Feb 2025 17:08:02 +0000
ROA not before: Mon 17 Feb 2025 17:08:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197068
IP address blocks: 195.43.92.0/23 maxlen: 24
195.43.92.0/24 maxlen: 24
2a03:70c1::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Feb 2025 20:41:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:14:e1:94:28:14:7e:dd:2b:9a:6a:e3:fc:7c:42:c5:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Feb 17 17:08:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1c1d574f3d93e0974be6a0949697abdf4a6e01f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:26:10:57:49:fc:52:1b:21:ed:45:af:ef:20:
4b:4e:a9:92:57:34:63:96:61:ba:a0:4b:13:3a:42:
75:1f:30:65:2f:d7:5d:09:3e:83:36:e6:2e:f3:28:
e3:57:60:cd:c0:39:07:c3:51:52:54:89:35:5d:05:
b8:ea:e1:f0:de:67:0a:ae:74:4d:18:80:85:f0:ce:
5e:25:c2:c2:78:f2:c2:44:c4:28:3d:62:4c:95:15:
a7:e8:f9:dd:cb:87:f7:29:19:2d:4f:ff:24:60:e0:
fa:ef:55:33:24:90:c7:c6:b0:51:27:ec:cf:33:83:
da:f2:2f:89:b9:da:fa:b7:4a:d1:f6:6c:5e:cf:fd:
d0:ea:5f:84:95:be:9a:0a:87:21:44:f3:0b:02:98:
29:7e:23:91:6a:9d:48:e6:7c:39:fb:3f:6e:6b:e3:
ad:7b:01:22:b2:9f:72:69:41:bd:19:ec:01:b1:9c:
5a:bc:f9:56:a5:c9:60:0e:55:b9:5d:3f:8b:6f:22:
0a:c9:6e:cf:14:dc:89:1c:9d:ab:73:be:c1:2c:47:
7b:d8:36:82:96:b5:2c:87:50:57:f1:82:47:85:79:
ba:a3:3c:cb:66:c6:01:12:2a:72:47:fd:78:fc:c0:
22:90:04:07:ce:6f:98:65:86:a6:5f:64:c4:74:0e:
33:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C1:D5:74:F3:D9:3E:09:74:BE:6A:09:49:69:7A:BD:F4:A6:E0:1F
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/8cHVdPPZPgl0vmoJSWl6vfSm4B8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.92.0/23
IPv6:
2a03:70c1::/32
Signature Algorithm: sha256WithRSAEncryption
aa:b0:19:51:af:9b:f1:d1:46:5a:1e:6a:d6:a1:06:12:1a:8c:
8a:7e:20:dc:30:a1:b6:25:5d:c1:07:a3:a9:59:50:40:21:a2:
5c:f2:d7:77:d1:ba:5f:b1:b6:13:03:d2:67:32:4b:51:a5:87:
d4:db:5f:d3:40:2a:81:fa:b7:bc:a3:cb:ae:c9:84:c6:e3:9e:
19:46:f4:66:3f:02:65:21:f3:25:e9:69:3d:3f:1c:16:60:c9:
de:11:d5:cb:c9:c8:3e:02:51:aa:64:91:19:e5:ce:67:c1:fa:
86:8e:70:70:ff:48:56:de:4f:4a:e7:de:50:8c:bb:48:7a:7d:
a9:43:aa:2d:b7:7c:66:1b:82:af:85:89:66:66:6d:92:2d:0c:
b4:3a:6e:d3:01:fe:81:33:99:fd:d1:1a:56:17:b7:59:9c:84:
3b:1c:e7:68:88:4a:35:85:b8:72:05:80:db:4d:8e:89:56:15:
25:93:20:3b:37:1d:cf:93:61:61:b6:0f:68:79:d0:11:9a:d9:
a9:97:26:a8:4a:f5:1b:2f:c8:87:5b:cc:cf:d9:aa:d8:10:e6:
0e:8c:30:d0:fd:ce:05:c0:f5:6b:07:21:e8:84:4e:bc:a1:e7:
04:03:bf:4b:80:e9:0a:3d:3b:0d:27:53:97:6e:8f:85:1a:f7:
ec:5a:a4:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZUU4ZQoFH7dK5pq4/x8QsWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjYxMGNkNDNiYWZjZWQ5MTQ4MGZhYmZkY2FhZTgyMDQ5
ZmJmNzEwHhcNMjUwMjE3MTcwODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWMxZDU3NGYzZDkzZTA5NzRiZTZhMDk0OTY5N2FiZGY0YTZlMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CYQV0n8Uhsh7UWv7yBLTqmSVzRj
lmG6oEsTOkJ1HzBlL9ddCT6DNuYu8yjjV2DNwDkHw1FSVIk1XQW46uHw3mcKrnRN
GICF8M5eJcLCePLCRMQoPWJMlRWn6Pndy4f3KRktT/8kYOD671UzJJDHxrBRJ+zP
M4Pa8i+Judr6t0rR9mxez/3Q6l+Elb6aCochRPMLApgpfiORap1I5nw5+z9ua+Ot
ewEisp9yaUG9GewBsZxavPlWpclgDlW5XT+LbyIKyW7PFNyJHJ2rc77BLEd72DaC
lrUsh1BX8YJHhXm6ozzLZsYBEipyR/14/MAikAQHzm+YZYamX2TEdA4z6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPHB1XTz2T4JdL5qCUlper30puAfMB8GA1UdIwQY
MBaAFAK2EM1DuvztkUgPq/3KroIEn79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEt
OTAxM2NhOTk2YjE2LzEvOGNIVmRQUFpQZ2wwdm1vSlNXbDZ2ZlNtNEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEtOTAxM2NhOTk2YjE2
LzEvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwytcMA0E
AgACMAcDBQAqA3DBMA0GCSqGSIb3DQEBCwUAA4IBAQCqsBlRr5vx0UZaHmrWoQYS
GoyKfiDcMKG2JV3BB6OpWVBAIaJc8td30bpfsbYTA9JnMktRpYfU21/TQCqB+re8
o8uuyYTG454ZRvRmPwJlIfMl6Wk9PxwWYMneEdXLycg+AlGqZJEZ5c5nwfqGjnBw
/0hW3k9K595QjLtIen2pQ6ott3xmG4KvhYlmZm2SLQy0Om7TAf6BM5n90RpWF7dZ
nIQ7HOdoiEo1hbhyBYDbTY6JVhUlkyA7Nx3Pk2Fhtg9oedARmtmplyaoSvUbL8iH
W8zP2arYEOYOjDDQ/c4FwPVrByHohE68oecEA79LgOkKPTsNJ1OXbo+FGvfsWqQm
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:54:39 2025 by rpki-client