Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/0lPz9qsBo_XExSwdgYEHa3jxuog.roa
File: 0lPz9qsBo_XExSwdgYEHa3jxuog.roa (raw, json)
Hash identifier: yNEkRy2T9CX+FFK5Maf+WwiDaDzqahx4c3WyQoMooMg=
Subject key identifier: D2:53:F3:F6:AB:01:A3:F5:C4:C5:2C:1D:81:81:07:6B:78:F1:BA:88
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019402B3187273F0224C3CF6AD748F041977
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/0lPz9qsBo_XExSwdgYEHa3jxuog.roa
Signing time: Thu 26 Dec 2024 11:21:19 +0000
ROA not before: Thu 26 Dec 2024 11:21:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213780
IP address blocks: 95.182.102.0/24 maxlen: 24
95.182.103.0/24 maxlen: 24
109.248.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:02:b3:18:72:73:f0:22:4c:3c:f6:ad:74:8f:04:19:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Dec 26 11:21:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d253f3f6ab01a3f5c4c52c1d8181076b78f1ba88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:dd:9c:45:6a:eb:56:93:7e:b9:93:35:dc:74:
63:56:4d:5d:46:c6:16:12:d1:b0:05:63:c3:4a:40:
fe:3a:a0:5a:af:d4:6b:2c:4c:53:43:5f:47:f8:49:
d9:53:7b:5c:75:f7:1b:d1:88:db:fd:d3:19:0f:2f:
6c:db:20:49:d3:56:62:26:fc:9b:9e:02:de:8d:bf:
c4:28:de:e4:52:f2:1e:8b:01:9a:4a:03:ee:a3:d5:
0d:87:5d:cc:de:57:2f:9d:d5:5b:c2:2b:93:f2:76:
cc:60:03:31:5a:50:d4:76:67:88:f8:18:41:53:54:
86:51:07:34:03:ac:68:a8:59:81:b1:05:d7:bb:8d:
5a:b7:a6:30:e9:e1:57:80:66:0a:34:a5:3f:4d:cf:
ea:37:22:90:b9:d0:4e:32:14:5e:7a:ac:d5:f8:cd:
3a:ec:61:51:f0:58:23:6d:e9:dd:85:a4:b0:ad:7b:
72:48:85:6a:a7:bf:f5:49:a7:fc:a7:d9:00:c2:71:
31:cf:e3:b2:91:b3:77:fd:08:7d:8d:66:af:7d:53:
e7:35:b5:32:37:ac:fd:cf:2e:c2:a2:02:94:f1:9a:
52:a2:db:51:d9:55:07:4b:fc:df:a5:17:08:71:96:
60:23:06:8a:a3:91:d0:a7:76:8f:7d:64:21:27:3a:
df:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:53:F3:F6:AB:01:A3:F5:C4:C5:2C:1D:81:81:07:6B:78:F1:BA:88
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/0lPz9qsBo_XExSwdgYEHa3jxuog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.102.0/23
109.248.4.0/24
Signature Algorithm: sha256WithRSAEncryption
98:49:ba:96:ae:4b:be:30:10:c6:c1:c7:97:6d:53:f1:f7:dd:
82:27:c7:97:33:9e:4e:f3:e7:72:59:99:cc:89:5c:ad:2c:7e:
25:82:33:a5:4f:50:9c:b0:28:6d:ca:a8:e0:68:59:af:9f:39:
a5:50:2e:9b:93:71:d9:46:ca:0a:e3:39:17:af:2e:cd:88:34:
97:02:c0:32:ac:78:d0:9e:a3:6f:71:3e:37:b3:0d:e5:3e:cf:
b8:8d:11:d3:83:e7:56:3d:44:4f:77:dc:d1:c6:4f:c2:e4:7e:
65:bb:09:7f:db:15:7c:57:ae:89:10:2a:50:7f:6b:49:82:6b:
ad:ac:39:7a:ec:87:70:f2:61:6a:8d:41:de:75:a7:fb:37:ea:
cc:b4:71:e3:58:0b:bb:86:06:aa:a8:c1:95:78:f5:75:23:25:
1a:7a:6d:b2:ab:e5:4f:e9:5b:d9:7c:e2:86:9e:d5:30:bf:d5:
7e:bb:53:4d:f0:4b:1a:1b:bd:9e:87:e7:73:a1:50:dd:39:56:
ed:41:ee:8f:c4:6a:fa:8a:92:b3:6b:b8:b4:6f:b4:06:6a:1b:
18:32:15:50:d2:60:15:d3:0c:22:72:55:29:ea:f1:44:18:86:
15:a4:74:b0:0a:ab:9b:9c:65:8a:75:91:18:53:f8:b1:6c:1b:
a8:07:09:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQCsxhyc/AiTDz2rXSPBBl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQxMjI2MTEyMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjUzZjNmNmFiMDFhM2Y1YzRjNTJjMWQ4MTgxMDc2Yjc4ZjFiYTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0t2cRWrrVpN+uZM13HRjVk1dRsYW
EtGwBWPDSkD+OqBar9RrLExTQ19H+EnZU3tcdfcb0Yjb/dMZDy9s2yBJ01ZiJvyb
ngLejb/EKN7kUvIeiwGaSgPuo9UNh13M3lcvndVbwiuT8nbMYAMxWlDUdmeI+BhB
U1SGUQc0A6xoqFmBsQXXu41at6Yw6eFXgGYKNKU/Tc/qNyKQudBOMhReeqzV+M06
7GFR8FgjbendhaSwrXtySIVqp7/1Saf8p9kAwnExz+OykbN3/Qh9jWavfVPnNbUy
N6z9zy7CogKU8ZpSottR2VUHS/zfpRcIcZZgIwaKo5HQp3aPfWQhJzrfpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNJT8/arAaP1xMUsHYGBB2t48bqIMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvMGxQejlxc0JvX1hFeFN3ZGdZRUhhM2p4dW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBX7ZmAwQA
bfgEMA0GCSqGSIb3DQEBCwUAA4IBAQCYSbqWrku+MBDGwceXbVPx992CJ8eXM55O
8+dyWZnMiVytLH4lgjOlT1CcsChtyqjgaFmvnzmlUC6bk3HZRsoK4zkXry7NiDSX
AsAyrHjQnqNvcT43sw3lPs+4jRHTg+dWPURPd9zRxk/C5H5luwl/2xV8V66JECpQ
f2tJgmutrDl67Idw8mFqjUHedaf7N+rMtHHjWAu7hgaqqMGVePV1IyUaem2yq+VP
6VvZfOKGntUwv9V+u1NN8EsaG72eh+dzoVDdOVbtQe6PxGr6ipKza7i0b7QGahsY
MhVQ0mAV0wwiclUp6vFEGIYVpHSwCqubnGWKdZEYU/ixbBuoBwnV
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:18:53 2025 by rpki-client