Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/k65KQJhJ_hWBHJoDafUlJGdOnAw.roa
File: k65KQJhJ_hWBHJoDafUlJGdOnAw.roa (raw, json)
Hash identifier: a0CwIRon8FV/BSHe0w3HZKjvo/0liZh5tk1/dO5mays=
Subject key identifier: 93:AE:4A:40:98:49:FE:15:81:1C:9A:03:69:F5:25:24:67:4E:9C:0C
Certificate issuer: /CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Certificate serial: 01954D5CC3BAC775D29BC18702AB83E26B62
Authority key identifier: E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/k65KQJhJ_hWBHJoDafUlJGdOnAw.roa
Signing time: Fri 28 Feb 2025 16:21:19 +0000
ROA not before: Fri 28 Feb 2025 16:21:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28924
IP address blocks: 195.90.98.0/24 maxlen: 24
195.90.99.0/24 maxlen: 24
195.90.114.0/23 maxlen: 23
195.90.114.0/24 maxlen: 24
212.52.160.0/19 maxlen: 19
212.52.160.0/22 maxlen: 22
212.52.160.0/24 maxlen: 24
212.52.161.0/24 maxlen: 24
212.52.162.0/24 maxlen: 24
212.52.163.0/24 maxlen: 24
212.52.164.0/24 maxlen: 24
212.52.165.0/24 maxlen: 24
212.52.166.0/24 maxlen: 24
212.52.167.0/24 maxlen: 24
212.52.168.0/22 maxlen: 22
212.52.168.0/24 maxlen: 24
212.52.169.0/24 maxlen: 24
212.52.170.0/24 maxlen: 24
212.52.171.0/24 maxlen: 24
212.52.172.0/24 maxlen: 24
212.52.173.0/24 maxlen: 24
212.52.174.0/24 maxlen: 24
212.52.175.0/24 maxlen: 24
212.52.176.0/24 maxlen: 24
212.52.177.0/24 maxlen: 24
212.52.178.0/24 maxlen: 24
212.52.179.0/24 maxlen: 24
212.52.180.0/24 maxlen: 24
212.52.181.0/24 maxlen: 24
212.52.182.0/24 maxlen: 24
212.52.183.0/24 maxlen: 24
212.52.184.0/24 maxlen: 24
212.52.185.0/24 maxlen: 24
212.52.186.0/24 maxlen: 24
212.52.187.0/24 maxlen: 24
212.52.188.0/24 maxlen: 24
212.52.189.0/24 maxlen: 24
212.52.190.0/24 maxlen: 24
212.52.191.0/24 maxlen: 24
2a01:7d80::/36 maxlen: 36
2a01:7d80:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Sat 01 Mar 2025 07:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:5c:c3:ba:c7:75:d2:9b:c1:87:02:ab:83:e2:6b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Validity
Not Before: Feb 28 16:21:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93ae4a409849fe15811c9a0369f52524674e9c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ff:8b:3e:7c:73:7b:a6:88:cd:03:1c:c3:34:
0a:8e:d4:dc:9b:0b:d5:17:82:74:e2:92:f9:33:fc:
87:c7:a8:b9:64:6d:9f:3b:f2:7b:9e:3c:e6:f0:17:
fd:58:f5:a3:19:c9:54:47:44:75:99:1f:0c:d0:a9:
5b:6b:5c:46:50:78:0b:78:2c:4a:ef:c3:88:22:11:
ea:ce:d6:91:67:fd:ce:62:08:27:85:03:75:6c:b5:
3c:8f:37:aa:36:48:70:4f:1d:6e:61:a8:b3:0a:d7:
0b:3f:34:a8:c7:e8:df:d1:63:86:c5:94:60:b4:48:
c7:b2:31:6d:f2:e2:7c:1a:8e:71:bf:68:1d:fb:da:
b7:32:17:d8:6d:5b:44:88:bb:5a:b1:0b:25:85:ad:
16:00:59:6f:47:45:69:66:3d:f8:35:e9:97:eb:3d:
e0:43:22:3d:f3:0d:6a:1a:af:fe:1d:2d:98:51:2e:
98:26:98:ce:56:24:67:a9:cb:e3:71:64:38:6b:e1:
87:d8:c8:0f:17:21:f9:46:8c:14:75:20:46:58:7d:
1d:a2:f2:06:00:da:b4:11:57:06:38:86:12:50:c5:
a6:24:17:3b:09:42:30:4e:e0:36:a5:ac:f5:18:a1:
ae:10:20:42:87:53:ab:5c:78:a7:78:17:b1:44:54:
ea:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:AE:4A:40:98:49:FE:15:81:1C:9A:03:69:F5:25:24:67:4E:9C:0C
X509v3 Authority Key Identifier:
keyid:E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/k65KQJhJ_hWBHJoDafUlJGdOnAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.90.98.0/23
195.90.114.0/23
212.52.160.0/19
IPv6:
2a01:7d80::/35
Signature Algorithm: sha256WithRSAEncryption
43:e5:68:23:73:7a:10:74:cf:0b:1f:d6:53:06:93:85:fc:cd:
98:df:c0:80:6c:65:a0:c1:3e:45:44:e0:37:e0:53:4f:bf:dd:
70:95:c6:3a:2a:63:95:b1:91:02:41:82:ec:ce:0b:29:0b:e0:
6b:d4:fb:70:ae:53:43:1a:5b:b0:44:a0:ec:6d:d5:d1:ba:3b:
9a:b1:6c:fc:88:76:ea:7e:d4:07:20:78:29:a6:d9:74:15:a2:
10:82:ca:e9:f2:75:23:36:c7:d3:a9:b5:c9:87:0b:5d:e7:f1:
77:ce:51:35:c9:1c:10:11:22:dc:71:ac:b9:05:8a:bb:d3:4a:
be:84:18:ed:d6:bb:10:43:ba:88:7b:ae:b9:c9:96:64:ed:1c:
0b:71:58:44:a2:70:bc:42:8a:65:17:85:87:3e:bd:66:09:49:
b8:0b:d3:51:5b:ed:9d:fe:17:7c:42:84:14:7d:af:55:d6:ba:
17:79:c4:ee:05:c8:51:37:9b:b8:e1:8d:eb:ba:97:86:e5:8d:
5c:b0:45:4c:8d:9f:f0:96:a3:43:3d:72:97:ba:2b:74:e2:2a:
46:05:2c:66:a1:ea:26:47:39:be:e4:3b:95:60:f2:fe:05:a2:
05:cd:bb:70:6e:af:6e:2f:c6:83:35:e7:53:32:e6:a2:47:b6:
cf:05:de:ef
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZVNXMO6x3XSm8GHAquD4mtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThmNDFmNmIwMmI5M2Y4NWQxYTdiNDhiNDhjZmEzMjJm
MDg4ZjgwHhcNMjUwMjI4MTYyMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2FlNGE0MDk4NDlmZTE1ODExYzlhMDM2OWY1MjUyNDY3NGU5YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwf+LPnxze6aIzQMcwzQKjtTcmwvV
F4J04pL5M/yHx6i5ZG2fO/J7njzm8Bf9WPWjGclUR0R1mR8M0Klba1xGUHgLeCxK
78OIIhHqztaRZ/3OYggnhQN1bLU8jzeqNkhwTx1uYaizCtcLPzSox+jf0WOGxZRg
tEjHsjFt8uJ8Go5xv2gd+9q3MhfYbVtEiLtasQslha0WAFlvR0VpZj34NemX6z3g
QyI98w1qGq/+HS2YUS6YJpjOViRnqcvjcWQ4a+GH2MgPFyH5RowUdSBGWH0dovIG
ANq0EVcGOIYSUMWmJBc7CUIwTuA2paz1GKGuECBCh1OrXHineBexRFTqGQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJOuSkCYSf4VgRyaA2n1JSRnTpwMMB8GA1UdIwQY
MBaAFOHo9B9rArk/hdGntItIz6Mi8Ij4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUt
NTM3YTJiMGI0ZGRhLzEvazY1S1FKaEpfaFdCSEpvRGFmVWxKR2RPbkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUtNTM3YTJiMGI0ZGRh
LzEvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQBw1piAwQB
w1pyAwQF1DSgMA4EAgACMAgDBgUqAX2AADANBgkqhkiG9w0BAQsFAAOCAQEAQ+Vo
I3N6EHTPCx/WUwaThfzNmN/AgGxloME+RUTgN+BTT7/dcJXGOipjlbGRAkGC7M4L
KQvga9T7cK5TQxpbsESg7G3V0bo7mrFs/Ih26n7UByB4KabZdBWiEILK6fJ1IzbH
06m1yYcLXefxd85RNckcEBEi3HGsuQWKu9NKvoQY7da7EEO6iHuuucmWZO0cC3FY
RKJwvEKKZReFhz69ZglJuAvTUVvtnf4XfEKEFH2vVda6F3nE7gXIUTebuOGN67qX
huWNXLBFTI2f8JajQz1yl7ordOIqRgUsZqHqJkc5vuQ7lWDy/gWiBc27cG6vbi/G
gzXnUzLmoke2zwXe7w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:31:21 2025 by rpki-client