Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b66d75-a0bb-4960-beea-0117841d255b/1/RIy2Nn2HFcyAuE_g7rQNdJZw40M.roa
File: RIy2Nn2HFcyAuE_g7rQNdJZw40M.roa (raw, json)
Hash identifier: oeN0A1XWuR7Gpt7alqi7tig5sqBtOwwIQkghnbBs478=
Subject key identifier: 44:8C:B6:36:7D:87:15:CC:80:B8:4F:E0:EE:B4:0D:74:96:70:E3:43
Certificate issuer: /CN=078b3739f78d96844a4ef68626dc87ac2eefa50f
Certificate serial: 018CCA9990BCCA6D994C01320A4CAE9548FA
Authority key identifier: 07:8B:37:39:F7:8D:96:84:4A:4E:F6:86:26:DC:87:AC:2E:EF:A5:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B4s3OfeNloRKTvaGJtyHrC7vpQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b66d75-a0bb-4960-beea-0117841d255b/1/RIy2Nn2HFcyAuE_g7rQNdJZw40M.roa
Signing time: Tue 02 Jan 2024 14:35:10 +0000
ROA not before: Tue 02 Jan 2024 14:35:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59488
IP address blocks: 95.215.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:90:bc:ca:6d:99:4c:01:32:0a:4c:ae:95:48:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=078b3739f78d96844a4ef68626dc87ac2eefa50f
Validity
Not Before: Jan 2 14:35:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=448cb6367d8715cc80b84fe0eeb40d749670e343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b6:cb:fc:32:1f:f1:b2:14:e2:27:5a:fb:8c:
87:09:9e:54:66:05:c6:ab:cb:af:3e:8a:d0:12:07:
b7:6a:86:a2:5c:ac:78:a2:f2:75:cd:de:41:c2:cc:
43:ad:2f:9d:4d:d5:af:54:a6:ae:fb:02:b4:e9:a9:
db:19:ed:43:d7:c8:c9:66:b0:81:50:57:a4:34:32:
66:62:24:29:ac:90:7d:a7:04:81:43:3a:66:b4:78:
6b:c5:68:49:da:3e:2c:6d:03:20:5c:01:4e:63:d8:
9a:8c:1c:2e:ee:f4:97:15:82:fe:42:f9:d0:78:fb:
00:3f:d8:98:3c:78:ed:90:f4:ef:af:92:08:77:27:
f0:18:72:17:a1:ad:5c:19:18:d7:a3:ce:57:75:cb:
b7:22:f5:cf:c1:5c:27:e0:c9:52:22:3b:3c:f9:27:
c5:8c:64:e5:65:2d:92:ab:78:93:52:cc:1d:56:81:
40:95:56:2e:c2:5a:80:bf:1b:3b:db:93:c1:5f:3a:
c9:8c:65:ab:93:ba:ba:d4:a3:1e:f8:04:1b:ef:d6:
45:d0:e3:08:bc:60:41:8d:70:4f:e1:54:f9:98:17:
b2:fe:cc:18:06:ee:5d:39:54:c6:a9:6c:51:01:5c:
69:03:cb:43:73:03:a9:ff:01:57:67:ee:93:af:95:
3c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:8C:B6:36:7D:87:15:CC:80:B8:4F:E0:EE:B4:0D:74:96:70:E3:43
X509v3 Authority Key Identifier:
keyid:07:8B:37:39:F7:8D:96:84:4A:4E:F6:86:26:DC:87:AC:2E:EF:A5:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B4s3OfeNloRKTvaGJtyHrC7vpQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b66d75-a0bb-4960-beea-0117841d255b/1/RIy2Nn2HFcyAuE_g7rQNdJZw40M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b66d75-a0bb-4960-beea-0117841d255b/1/B4s3OfeNloRKTvaGJtyHrC7vpQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.222.0/24
Signature Algorithm: sha256WithRSAEncryption
73:73:6a:a3:0c:70:1d:ec:52:15:7b:91:07:3f:4d:a2:e3:8d:
8d:59:5c:77:07:1c:4e:2f:cc:f2:98:f5:97:64:d9:37:8a:6b:
a2:75:32:e4:bd:2d:58:66:d1:97:bd:06:43:48:9c:ac:b4:9a:
39:91:1b:bf:10:56:b5:de:b6:ab:df:c0:d5:e6:f5:8b:01:91:
7f:8d:ca:e7:93:d6:5a:76:54:5f:21:56:b5:09:e2:3a:27:10:
d6:20:5c:b3:b3:14:22:e0:14:56:fc:52:7c:3e:67:ad:f4:05:
69:7e:10:2f:87:62:28:c0:dd:e3:7c:fd:65:b1:72:bd:65:d4:
8d:f4:c6:61:c2:f3:51:5e:14:d5:bc:28:ae:09:40:e1:5a:0f:
68:40:e5:9c:27:31:e0:79:58:8a:e6:5f:46:16:69:53:53:c5:
f5:65:9f:17:ac:e7:78:7b:19:01:9e:7a:7d:ee:ec:ed:14:53:
7f:8b:a1:79:0c:d1:e1:c9:54:cc:37:99:24:30:24:5d:d3:e6:
28:bd:b5:36:79:02:a7:b1:3e:b8:cb:c4:30:d1:10:3d:46:78:
19:dd:14:c6:e0:6a:55:19:e1:e0:80:be:d7:e3:73:c9:c9:fd:
15:6f:58:4b:d4:35:20:6a:1c:8b:2d:7a:d4:63:b2:f6:23:e2:
fc:a3:c3:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmZC8ym2ZTAEyCkyulUj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3OGIzNzM5Zjc4ZDk2ODQ0YTRlZjY4NjI2ZGM4N2FjMmVl
ZmE1MGYwHhcNMjQwMTAyMTQzNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDhjYjYzNjdkODcxNWNjODBiODRmZTBlZWI0MGQ3NDk2NzBlMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7bL/DIf8bIU4ida+4yHCZ5UZgXG
q8uvPorQEge3aoaiXKx4ovJ1zd5BwsxDrS+dTdWvVKau+wK06anbGe1D18jJZrCB
UFekNDJmYiQprJB9pwSBQzpmtHhrxWhJ2j4sbQMgXAFOY9iajBwu7vSXFYL+QvnQ
ePsAP9iYPHjtkPTvr5IIdyfwGHIXoa1cGRjXo85Xdcu3IvXPwVwn4MlSIjs8+SfF
jGTlZS2Sq3iTUswdVoFAlVYuwlqAvxs725PBXzrJjGWrk7q61KMe+AQb79ZF0OMI
vGBBjXBP4VT5mBey/swYBu5dOVTGqWxRAVxpA8tDcwOp/wFXZ+6Tr5U8zwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESMtjZ9hxXMgLhP4O60DXSWcONDMB8GA1UdIwQY
MBaAFAeLNzn3jZaESk72hibch6wu76UPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjRzM09mZU5sb1JLVHZhR0p0eUhyQzd2cFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iNjZkNzUtYTBiYi00OTYwLWJlZWEt
MDExNzg0MWQyNTViLzEvUkl5Mk5uMkhGY3lBdUVfZzdyUU5kSlp3NDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iNjZkNzUtYTBiYi00OTYwLWJlZWEtMDExNzg0MWQyNTVi
LzEvQjRzM09mZU5sb1JLVHZhR0p0eUhyQzd2cFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9feMA0G
CSqGSIb3DQEBCwUAA4IBAQBzc2qjDHAd7FIVe5EHP02i442NWVx3BxxOL8zymPWX
ZNk3imuidTLkvS1YZtGXvQZDSJystJo5kRu/EFa13rar38DV5vWLAZF/jcrnk9Za
dlRfIVa1CeI6JxDWIFyzsxQi4BRW/FJ8Pmet9AVpfhAvh2IowN3jfP1lsXK9ZdSN
9MZhwvNRXhTVvCiuCUDhWg9oQOWcJzHgeViK5l9GFmlTU8X1ZZ8XrOd4exkBnnp9
7uztFFN/i6F5DNHhyVTMN5kkMCRd0+YovbU2eQKnsT64y8Qw0RA9RngZ3RTG4GpV
GeHggL7X43PJyf0Vb1hL1DUgahyLLXrUY7L2I+L8o8Mc
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:50:48 2025 by rpki-client