Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1352S60D6hLXj0gyTNyw3sJlhwA.roa
File: 1352S60D6hLXj0gyTNyw3sJlhwA.roa (raw, json)
Hash identifier: c4XK8vZFcQMSdUeC7u4XDLdRoIRMB/gTMIVp9p3NpEs=
Subject key identifier: D7:7E:76:4B:AD:03:EA:12:D7:8F:48:32:4C:DC:B0:DE:C2:65:87:00
Certificate issuer: /CN=f811fa5eff370bc36d0e3929625e3414081a2392
Certificate serial: 018CC8DD971910927542A86E10DB97088EB1
Authority key identifier: F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1352S60D6hLXj0gyTNyw3sJlhwA.roa
Signing time: Tue 02 Jan 2024 06:30:14 +0000
ROA not before: Tue 02 Jan 2024 06:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59831
IP address blocks: 94.127.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 14:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:97:19:10:92:75:42:a8:6e:10:db:97:08:8e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f811fa5eff370bc36d0e3929625e3414081a2392
Validity
Not Before: Jan 2 06:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d77e764bad03ea12d78f48324cdcb0dec2658700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:65:6d:f2:bf:a5:76:64:95:03:11:ae:ce:d6:
0a:1f:35:ff:a9:30:07:4d:8f:3a:4f:68:8b:68:7e:
7a:87:e1:21:cb:ce:a1:db:ac:de:3a:20:80:8f:4c:
3b:ad:24:fc:58:40:a2:5c:62:7d:1c:8a:7b:1c:4b:
92:cd:41:45:88:28:6b:36:57:3f:a2:c6:5d:d1:aa:
3a:2f:ae:4b:f5:9a:9e:2a:b5:26:7e:48:85:f8:49:
e9:4b:4c:90:5c:08:65:11:a6:69:02:8b:0b:52:20:
d5:6a:98:29:67:20:92:89:af:0b:16:e0:f5:0a:83:
99:e7:8a:ce:7c:b2:93:95:80:98:db:1c:ef:0a:4a:
c4:19:45:f7:af:07:d1:cb:b4:ea:06:a8:34:43:41:
c2:9d:62:5f:c7:c7:86:d4:45:0e:54:0f:30:92:cf:
0e:f6:0f:f9:a9:d4:ed:52:d4:07:a4:ea:a0:39:ec:
8d:74:2d:ca:f1:00:21:82:cf:3b:27:d9:32:a2:0a:
ec:ea:77:f3:f4:ad:c0:7e:d1:2d:94:eb:9c:91:ee:
ce:09:1c:97:b9:e5:17:cb:ba:28:8d:62:90:1e:f4:
d6:5b:2d:0c:c6:26:fd:85:54:86:b9:ee:5a:1f:f6:
b6:05:2c:14:3a:8e:50:b7:a5:c6:22:bb:6b:eb:98:
4e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:7E:76:4B:AD:03:EA:12:D7:8F:48:32:4C:DC:B0:DE:C2:65:87:00
X509v3 Authority Key Identifier:
keyid:F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1352S60D6hLXj0gyTNyw3sJlhwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.95.0/24
Signature Algorithm: sha256WithRSAEncryption
66:eb:c7:fd:0a:cb:e5:7b:45:11:10:e5:68:f0:47:a4:05:47:
25:d9:25:04:2e:12:52:9c:58:de:53:ae:27:9d:36:17:bd:6c:
22:2c:35:5f:fb:80:86:f9:06:26:e2:4f:00:4d:01:b1:96:52:
f4:ec:8a:c2:d5:b8:dc:ac:e3:b3:8b:f8:ab:ca:b1:80:19:aa:
0d:87:60:31:d3:8e:cb:46:71:f8:b0:46:15:45:47:a3:21:a1:
43:3e:91:0a:df:4f:4b:72:b0:45:6c:16:54:fe:18:c9:d4:9a:
e2:b4:29:08:c3:7f:b2:c0:fe:39:97:5c:d9:94:9d:08:13:17:
08:6e:77:20:0c:c0:bd:8d:41:c1:37:52:f5:65:cf:8f:53:8d:
e4:97:86:ae:64:2a:1a:84:44:c0:c6:e7:9d:9d:87:9a:1d:6a:
6f:af:43:13:e7:37:29:6c:2c:15:61:b7:77:40:0a:80:6a:cf:
b0:6d:fc:15:81:c4:55:f9:29:d6:00:2b:ee:33:d2:a9:86:88:
ee:1d:98:ea:d6:7c:71:56:94:1a:68:36:3c:3e:0d:b1:ea:5f:
1a:21:e9:b8:0b:b9:21:17:63:b0:50:db:7e:cf:b7:09:9a:2a:
8b:54:1d:57:aa:e9:f2:34:49:a8:6d:f6:59:cb:22:8f:e6:56:
42:6c:2a:39
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzI3ZcZEJJ1QqhuENuXCI6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTFmYTVlZmYzNzBiYzM2ZDBlMzkyOTYyNWUzNDE0MDgx
YTIzOTIwHhcNMjQwMTAyMDYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzdlNzY0YmFkMDNlYTEyZDc4ZjQ4MzI0Y2RjYjBkZWMyNjU4NzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWVt8r+ldmSVAxGuztYKHzX/qTAH
TY86T2iLaH56h+Ehy86h26zeOiCAj0w7rST8WECiXGJ9HIp7HEuSzUFFiChrNlc/
osZd0ao6L65L9ZqeKrUmfkiF+EnpS0yQXAhlEaZpAosLUiDVapgpZyCSia8LFuD1
CoOZ54rOfLKTlYCY2xzvCkrEGUX3rwfRy7TqBqg0Q0HCnWJfx8eG1EUOVA8wks8O
9g/5qdTtUtQHpOqgOeyNdC3K8QAhgs87J9kyogrs6nfz9K3AftEtlOucke7OCRyX
ueUXy7oojWKQHvTWWy0Mxib9hVSGue5aH/a2BSwUOo5Qt6XGIrtr65hOEwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNd+dkutA+oS149IMkzcsN7CZYcAMB8GA1UdIwQY
MBaAFPgR+l7/NwvDbQ45KWJeNBQIGiOSMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CSDZYdjgzQzhOdERqa3BZbDQwRkFnYUk1SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvNGEyOTNkLTJhZDMtNDExNC1hMmIx
LTFjYzUwNTUwMWEwZi8xLzEzNTJTNjBENmhMWGowZ3lUTnl3M3NKbGh3QS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNGEyOTNkLTJhZDMtNDExNC1hMmIxLTFjYzUwNTUwMWEw
Zi8xLzEtQkg2WHY4M0M4TnREamtwWWw0MEZBZ2FJNUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABef18w
DQYJKoZIhvcNAQELBQADggEBAGbrx/0Ky+V7RREQ5WjwR6QFRyXZJQQuElKcWN5T
riedNhe9bCIsNV/7gIb5BibiTwBNAbGWUvTsisLVuNys47OL+KvKsYAZqg2HYDHT
jstGcfiwRhVFR6MhoUM+kQrfT0tysEVsFlT+GMnUmuK0KQjDf7LA/jmXXNmUnQgT
FwhudyAMwL2NQcE3UvVlz49TjeSXhq5kKhqERMDG552dh5odam+vQxPnNylsLBVh
t3dACoBqz7Bt/BWBxFX5KdYAK+4z0qmGiO4dmOrWfHFWlBpoNjw+DbHqXxoh6bgL
uSEXY7BQ237PtwmaKotUHVeq6fI0Saht9lnLIo/mVkJsKjk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:47 2025 by rpki-client