Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/6cb72d-690a-406f-8add-80e7bbb041b2/1/9W9GexccxcsFndnrz6bnFerKh-4.roa
File: 9W9GexccxcsFndnrz6bnFerKh-4.roa (raw, json)
Hash identifier: hXD6vG7uFRXfvvZtaLy0p3yxzEUh5H5mMHn4MHQOxCU=
Subject key identifier: F5:6F:46:7B:17:1C:C5:CB:05:9D:D9:EB:CF:A6:E7:15:EA:CA:87:EE
Certificate issuer: /CN=c3037d2e7b09a0fbd108168a44874f6bd1689b60
Certificate serial: 018CC726FC4FFF6C3580CFE884B26F599655
Authority key identifier: C3:03:7D:2E:7B:09:A0:FB:D1:08:16:8A:44:87:4F:6B:D1:68:9B:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wwN9LnsJoPvRCBaKRIdPa9Fom2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/6cb72d-690a-406f-8add-80e7bbb041b2/1/9W9GexccxcsFndnrz6bnFerKh-4.roa
Signing time: Mon 01 Jan 2024 22:31:10 +0000
ROA not before: Mon 01 Jan 2024 22:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24929
IP address blocks: 195.144.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:fc:4f:ff:6c:35:80:cf:e8:84:b2:6f:59:96:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3037d2e7b09a0fbd108168a44874f6bd1689b60
Validity
Not Before: Jan 1 22:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f56f467b171cc5cb059dd9ebcfa6e715eaca87ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a2:9d:fd:41:a9:b7:06:90:4c:af:d3:fb:a6:
ed:30:f3:40:19:ab:26:06:4a:35:40:53:cb:79:c3:
41:da:8f:09:36:be:47:10:08:d4:ef:69:ac:e3:c5:
05:8d:e7:38:d6:03:16:2b:fe:34:01:9a:b6:12:b2:
7d:ba:32:cd:31:68:12:27:26:a4:79:31:45:93:f8:
08:f3:8d:12:fe:84:a4:07:de:0f:74:9c:48:c8:2a:
c4:6a:15:b9:be:94:44:95:22:06:02:d8:cc:1a:b9:
b2:ed:86:22:80:86:66:bb:bb:75:68:79:4e:1e:ee:
00:85:47:f2:9e:ff:de:4a:1e:3b:49:86:83:a2:e4:
24:55:45:54:e0:ff:d5:21:1d:57:83:77:52:4c:09:
ba:90:ff:5b:66:ea:a0:bf:e5:97:fc:6c:2a:58:81:
c0:a0:03:8e:78:9f:be:36:33:29:d7:7f:7f:09:ed:
1d:72:80:a7:28:d1:0d:96:e7:a1:2d:95:92:e3:b5:
cf:ff:48:8f:51:e7:3f:cf:a1:3f:93:f4:a4:40:17:
4f:15:75:4c:a2:d3:85:f2:39:6b:bf:8e:0f:42:ed:
fd:21:b0:ac:09:56:0b:8e:70:13:e4:cf:7b:5a:a4:
b8:ee:26:ca:8a:72:ce:b5:7a:2e:3d:ac:4b:71:97:
19:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:6F:46:7B:17:1C:C5:CB:05:9D:D9:EB:CF:A6:E7:15:EA:CA:87:EE
X509v3 Authority Key Identifier:
keyid:C3:03:7D:2E:7B:09:A0:FB:D1:08:16:8A:44:87:4F:6B:D1:68:9B:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wwN9LnsJoPvRCBaKRIdPa9Fom2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6cb72d-690a-406f-8add-80e7bbb041b2/1/9W9GexccxcsFndnrz6bnFerKh-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6cb72d-690a-406f-8add-80e7bbb041b2/1/wwN9LnsJoPvRCBaKRIdPa9Fom2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.144.9.0/24
Signature Algorithm: sha256WithRSAEncryption
21:22:c2:37:bb:6e:f6:10:b3:a5:9b:2d:82:38:ce:c8:df:ef:
56:8a:22:03:12:8a:73:4d:ad:34:5b:3b:69:d7:fb:39:c1:38:
ef:4e:2c:c0:df:d9:9c:c8:4b:38:c6:20:8d:b0:61:c9:fb:c6:
f5:8c:a8:7e:02:6e:27:c7:e7:a0:41:03:ab:a9:81:36:9d:a0:
75:28:24:e5:41:73:bc:2e:69:d9:97:4d:03:70:23:58:b1:7e:
a4:25:99:49:25:85:c8:f6:21:90:b7:e0:23:b6:37:3a:aa:ec:
1b:b2:14:ec:68:cd:57:f4:8c:b0:05:81:66:c6:7f:b2:54:36:
1d:26:2a:d3:73:4c:f9:fd:1a:92:87:c2:ec:02:ad:05:4a:d7:
07:bb:8d:e7:47:21:c6:81:65:dd:98:78:1d:26:c0:d6:be:19:
37:6a:b4:67:63:ce:c7:88:2a:38:89:e4:9a:8b:8d:ab:20:07:
03:f9:33:da:32:ff:5f:fb:9a:35:01:ba:e4:6b:02:2e:07:9c:
d2:be:40:70:0a:29:40:f6:f3:51:41:a6:7f:1b:7a:97:5d:77:
9f:cf:88:c6:d7:7f:f8:23:46:e1:75:aa:71:35:b5:fd:fe:d3:
dc:f5:78:7f:74:96:95:49:39:8a:c2:3b:06:81:bd:c2:48:73:
3f:28:78:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJvxP/2w1gM/ohLJvWZZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMDM3ZDJlN2IwOWEwZmJkMTA4MTY4YTQ0ODc0ZjZiZDE2
ODliNjAwHhcNMjQwMTAxMjIzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTZmNDY3YjE3MWNjNWNiMDU5ZGQ5ZWJjZmE2ZTcxNWVhY2E4N2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6Kd/UGptwaQTK/T+6btMPNAGasm
Bko1QFPLecNB2o8JNr5HEAjU72ms48UFjec41gMWK/40AZq2ErJ9ujLNMWgSJyak
eTFFk/gI840S/oSkB94PdJxIyCrEahW5vpRElSIGAtjMGrmy7YYigIZmu7t1aHlO
Hu4AhUfynv/eSh47SYaDouQkVUVU4P/VIR1Xg3dSTAm6kP9bZuqgv+WX/GwqWIHA
oAOOeJ++NjMp139/Ce0dcoCnKNENluehLZWS47XP/0iPUec/z6E/k/SkQBdPFXVM
otOF8jlrv44PQu39IbCsCVYLjnAT5M97WqS47ibKinLOtXouPaxLcZcZCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPVvRnsXHMXLBZ3Z68+m5xXqyofuMB8GA1UdIwQY
MBaAFMMDfS57CaD70QgWikSHT2vRaJtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3dOOUxuc0pvUHZSQ0JhS1JJZFBhOUZvbTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS82Y2I3MmQtNjkwYS00MDZmLThhZGQt
ODBlN2JiYjA0MWIyLzEvOVc5R2V4Y2N4Y3NGbmRucno2Ym5GZXJLaC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS82Y2I3MmQtNjkwYS00MDZmLThhZGQtODBlN2JiYjA0MWIy
LzEvd3dOOUxuc0pvUHZSQ0JhS1JJZFBhOUZvbTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5AJMA0G
CSqGSIb3DQEBCwUAA4IBAQAhIsI3u272ELOlmy2COM7I3+9WiiIDEopzTa00Wztp
1/s5wTjvTizA39mcyEs4xiCNsGHJ+8b1jKh+Am4nx+egQQOrqYE2naB1KCTlQXO8
LmnZl00DcCNYsX6kJZlJJYXI9iGQt+Ajtjc6quwbshTsaM1X9IywBYFmxn+yVDYd
JirTc0z5/RqSh8LsAq0FStcHu43nRyHGgWXdmHgdJsDWvhk3arRnY87HiCo4ieSa
i42rIAcD+TPaMv9f+5o1AbrkawIuB5zSvkBwCilA9vNRQaZ/G3qXXXefz4jG13/4
I0bhdapxNbX9/tPc9Xh/dJaVSTmKwjsGgb3CSHM/KHjt
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:03:40 2025 by rpki-client