Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/af18c4-c044-4485-8ef0-d7812a338183/1/1q9UrBh5JsswcjG3apiBoibGH40.roa
File: 1q9UrBh5JsswcjG3apiBoibGH40.roa (raw, json)
Hash identifier: nlQd1gRXIZ1w7pXKzct5hU+7j2GovYDa1OvUZzdJXTo=
Subject key identifier: D6:AF:54:AC:18:79:26:CB:30:72:31:B7:6A:98:81:A2:26:C6:1F:8D
Certificate issuer: /CN=aa6745519323d8c2d93c1b107bf85f61933c71ca
Certificate serial: 0190B4DC4AA718CBBDD1064E07FFD1041855
Authority key identifier: AA:67:45:51:93:23:D8:C2:D9:3C:1B:10:7B:F8:5F:61:93:3C:71:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmdFUZMj2MLZPBsQe_hfYZM8cco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/af18c4-c044-4485-8ef0-d7812a338183/1/1q9UrBh5JsswcjG3apiBoibGH40.roa
Signing time: Mon 15 Jul 2024 05:27:34 +0000
ROA not before: Mon 15 Jul 2024 05:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 195.95.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jul 2024 19:46:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b4:dc:4a:a7:18:cb:bd:d1:06:4e:07:ff:d1:04:18:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa6745519323d8c2d93c1b107bf85f61933c71ca
Validity
Not Before: Jul 15 05:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6af54ac187926cb307231b76a9881a226c61f8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:54:5b:48:8c:d0:12:e8:9b:9a:e9:ff:7e:a8:
c9:a1:4c:79:82:11:ad:12:77:d9:34:17:a6:be:06:
90:65:60:95:e8:ff:f4:98:93:a9:75:6f:9f:29:60:
8d:34:29:2d:d5:a3:f5:46:14:af:d5:61:04:14:e3:
e8:24:d1:55:dd:bb:ba:3d:26:e6:0b:63:38:b6:52:
2b:d6:e2:65:ae:79:77:18:67:ba:fa:ec:90:90:53:
37:b7:9c:a0:87:8b:b0:43:73:9e:cd:3d:8a:91:a5:
f0:bf:ba:35:8e:a8:1b:40:bf:40:59:83:30:c4:ac:
32:3b:f0:34:f8:15:81:db:d0:e6:ea:cc:95:b7:ea:
cc:eb:25:31:d0:39:59:29:97:07:43:bf:35:6d:18:
f7:f8:1c:df:e5:c6:14:f4:f8:83:0a:81:2f:ee:f0:
04:88:5b:7d:3c:1a:68:4a:1b:f8:27:96:76:2e:e8:
40:96:18:ec:d4:18:61:7d:ae:03:43:79:1a:cc:ae:
27:c0:33:00:5d:22:25:fd:cf:18:86:81:f8:bf:a4:
42:7a:16:da:3d:50:00:5e:e4:f0:6c:ba:81:64:5a:
c3:30:a4:40:9a:d7:19:ca:2c:b7:97:10:87:75:1d:
78:68:b2:47:44:af:b3:1e:5e:de:eb:bc:e2:c0:e4:
3a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AF:54:AC:18:79:26:CB:30:72:31:B7:6A:98:81:A2:26:C6:1F:8D
X509v3 Authority Key Identifier:
keyid:AA:67:45:51:93:23:D8:C2:D9:3C:1B:10:7B:F8:5F:61:93:3C:71:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmdFUZMj2MLZPBsQe_hfYZM8cco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/af18c4-c044-4485-8ef0-d7812a338183/1/1q9UrBh5JsswcjG3apiBoibGH40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/af18c4-c044-4485-8ef0-d7812a338183/1/qmdFUZMj2MLZPBsQe_hfYZM8cco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.144.0/24
Signature Algorithm: sha256WithRSAEncryption
81:90:77:8c:0f:58:b4:e4:71:97:15:e6:4b:53:3a:d7:51:df:
94:59:ba:0c:eb:10:4a:30:8e:9d:ac:65:95:ca:ea:38:ee:5c:
1c:49:de:d4:f5:a0:2c:8a:d5:1f:d5:f9:bb:22:0c:fd:ea:23:
79:0c:d5:7c:b8:d3:2d:c7:d7:52:59:9c:1c:14:1b:3e:2c:aa:
0c:9f:f8:73:ac:5d:a4:94:df:e2:68:40:84:1c:36:17:d6:bc:
27:b7:f4:bf:ee:b3:ad:bd:22:6d:fd:01:28:3a:35:53:51:9f:
17:5b:5b:4d:95:4b:fc:53:c8:c3:ba:fe:1b:fb:8e:54:86:7d:
20:e0:aa:34:2d:46:4d:aa:19:71:be:60:ed:59:5c:5d:82:dc:
05:6e:15:0d:81:46:42:08:a4:a9:ef:b0:77:5e:9e:86:94:6e:
a4:c2:6a:5a:65:ae:65:64:f9:d2:3c:0f:c6:23:38:5d:cb:2f:
e2:0d:8e:fb:2c:9b:9f:c3:de:07:af:b6:f3:6a:4f:97:21:38:
2f:81:32:25:76:c3:1e:3d:05:6f:3a:c5:13:dd:74:d6:2b:a3:
94:57:cf:86:0e:ca:8e:c9:72:96:13:5b:7b:1a:b5:f0:e4:a2:
7b:38:31:14:cc:73:f6:80:28:ac:66:71:bc:8e:bb:37:bf:81:
da:16:8d:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC03EqnGMu90QZOB//RBBhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNjc0NTUxOTMyM2Q4YzJkOTNjMWIxMDdiZjg1ZjYxOTMz
YzcxY2EwHhcNMjQwNzE1MDUyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmFmNTRhYzE4NzkyNmNiMzA3MjMxYjc2YTk4ODFhMjI2YzYxZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1RbSIzQEuibmun/fqjJoUx5ghGt
EnfZNBemvgaQZWCV6P/0mJOpdW+fKWCNNCkt1aP1RhSv1WEEFOPoJNFV3bu6PSbm
C2M4tlIr1uJlrnl3GGe6+uyQkFM3t5ygh4uwQ3OezT2KkaXwv7o1jqgbQL9AWYMw
xKwyO/A0+BWB29Dm6syVt+rM6yUx0DlZKZcHQ781bRj3+Bzf5cYU9PiDCoEv7vAE
iFt9PBpoShv4J5Z2LuhAlhjs1Bhhfa4DQ3kazK4nwDMAXSIl/c8YhoH4v6RCehba
PVAAXuTwbLqBZFrDMKRAmtcZyiy3lxCHdR14aLJHRK+zHl7e67ziwOQ6ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNavVKwYeSbLMHIxt2qYgaImxh+NMB8GA1UdIwQY
MBaAFKpnRVGTI9jC2TwbEHv4X2GTPHHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW1kRlVaTWoyTUxaUEJzUWVfaGZZWk04Y2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9hZjE4YzQtYzA0NC00NDg1LThlZjAt
ZDc4MTJhMzM4MTgzLzEvMXE5VXJCaDVKc3N3Y2pHM2FwaUJvaWJHSDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9hZjE4YzQtYzA0NC00NDg1LThlZjAtZDc4MTJhMzM4MTgz
LzEvcW1kRlVaTWoyTUxaUEJzUWVfaGZZWk04Y2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1+QMA0G
CSqGSIb3DQEBCwUAA4IBAQCBkHeMD1i05HGXFeZLUzrXUd+UWboM6xBKMI6drGWV
yuo47lwcSd7U9aAsitUf1fm7Igz96iN5DNV8uNMtx9dSWZwcFBs+LKoMn/hzrF2k
lN/iaECEHDYX1rwnt/S/7rOtvSJt/QEoOjVTUZ8XW1tNlUv8U8jDuv4b+45Uhn0g
4Ko0LUZNqhlxvmDtWVxdgtwFbhUNgUZCCKSp77B3Xp6GlG6kwmpaZa5lZPnSPA/G
Izhdyy/iDY77LJufw94Hr7bzak+XITgvgTIldsMePQVvOsUT3XTWK6OUV8+GDsqO
yXKWE1t7GrXw5KJ7ODEUzHP2gCisZnG8jrs3v4HaFo0k
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:47 2025 by rpki-client