Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/afcbad-c126-4f8e-bd22-492b60343a70/1/_x1raXc6k-9dwFbkqxwrrT_4_2I.roa
File: _x1raXc6k-9dwFbkqxwrrT_4_2I.roa (raw, json)
Hash identifier: s9y1rnuMIZ69Pz/kQsdnJkn4lQfBippanLO/H8B5hLc=
Subject key identifier: FF:1D:6B:69:77:3A:93:EF:5D:C0:56:E4:AB:1C:2B:AD:3F:F8:FF:62
Certificate issuer: /CN=a22c5278c4bbb026e12ffd760beac59fc155fc25
Certificate serial: 018CC94E255900BE6D7BD94F82C8B8A7EA5D
Authority key identifier: A2:2C:52:78:C4:BB:B0:26:E1:2F:FD:76:0B:EA:C5:9F:C1:55:FC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oixSeMS7sCbhL_12C-rFn8FV_CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/afcbad-c126-4f8e-bd22-492b60343a70/1/_x1raXc6k-9dwFbkqxwrrT_4_2I.roa
Signing time: Tue 02 Jan 2024 08:33:10 +0000
ROA not before: Tue 02 Jan 2024 08:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41799
IP address blocks: 195.242.127.0/24 maxlen: 24
195.242.126.0/23 maxlen: 23
195.242.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:25:59:00:be:6d:7b:d9:4f:82:c8:b8:a7:ea:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a22c5278c4bbb026e12ffd760beac59fc155fc25
Validity
Not Before: Jan 2 08:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff1d6b69773a93ef5dc056e4ab1c2bad3ff8ff62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:07:fa:1e:d4:8f:fc:ca:8d:39:d6:13:e9:a4:
d8:70:15:c4:93:42:90:4c:51:43:bc:44:00:7f:8a:
7c:df:4f:38:aa:6c:75:4d:0f:e4:c7:ab:56:68:16:
b7:94:e1:0b:69:da:b1:04:d5:5e:28:53:b6:91:fd:
23:d3:74:67:e2:21:1e:29:5d:1f:f0:91:ba:8b:30:
38:f8:50:fb:f5:d6:ca:18:51:8b:ed:83:16:cb:21:
80:87:20:f8:a0:a7:df:51:fa:b9:2e:61:88:35:d9:
f5:cb:fe:99:bd:ec:b5:0e:64:9d:eb:0c:81:1e:31:
8c:99:b0:d0:bd:39:36:9c:ca:e0:fd:5c:6b:fb:bc:
b1:fd:37:9d:80:f5:4b:d4:84:a4:df:27:00:8c:b6:
d2:b2:f8:79:9e:7b:ef:d1:7f:22:10:26:06:66:49:
bb:95:9e:5f:20:4b:ae:5b:52:17:db:12:42:06:da:
f6:41:2b:ee:b7:b1:23:f8:46:03:fa:44:e6:e6:be:
79:0f:26:e1:5d:02:5e:90:41:98:6f:16:cf:f7:03:
76:88:bc:38:b1:cd:62:82:39:8b:9a:0c:73:75:13:
27:8e:9a:2f:39:e3:ad:bb:ff:ce:c7:7d:a5:88:69:
fd:86:75:1a:1e:3d:16:c5:b1:06:e8:fc:34:aa:df:
a7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1D:6B:69:77:3A:93:EF:5D:C0:56:E4:AB:1C:2B:AD:3F:F8:FF:62
X509v3 Authority Key Identifier:
keyid:A2:2C:52:78:C4:BB:B0:26:E1:2F:FD:76:0B:EA:C5:9F:C1:55:FC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oixSeMS7sCbhL_12C-rFn8FV_CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/afcbad-c126-4f8e-bd22-492b60343a70/1/_x1raXc6k-9dwFbkqxwrrT_4_2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/afcbad-c126-4f8e-bd22-492b60343a70/1/oixSeMS7sCbhL_12C-rFn8FV_CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.126.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:12:f2:fd:2e:7f:93:3b:32:ae:66:62:b0:4a:f7:8f:79:8c:
2f:0f:3f:d0:cb:6c:46:84:49:44:c7:42:f5:31:85:1d:d9:b6:
f7:9f:3e:56:9f:e8:51:28:0b:b3:f1:b5:26:a1:0d:84:e2:54:
63:3f:65:cf:49:f6:c7:d7:c5:27:f0:53:de:30:41:3b:0a:c4:
68:b0:67:0d:8c:a7:42:de:fe:ec:de:2a:9a:8d:c3:d3:33:35:
e3:97:3c:9a:93:4d:17:71:dd:18:df:36:f5:79:86:d8:94:67:
3c:d3:e7:8e:a2:e3:d8:d4:09:c2:c0:43:85:6a:d1:d4:08:48:
38:3a:41:6e:0e:46:86:bf:db:a3:62:0f:26:af:87:a1:74:36:
0c:8f:99:2b:ae:fd:38:3d:bd:9f:ef:c9:9b:77:59:43:c4:ee:
68:25:92:b1:81:54:b8:cd:2e:a8:64:d0:5e:fe:b3:7b:da:52:
59:a1:0c:d4:fc:2e:77:7c:e5:80:f3:13:b9:4c:a1:ef:82:5d:
63:f7:18:8b:8a:b1:ee:c0:2b:8e:f4:80:b0:67:d7:b7:2d:9b:
9b:14:cd:f7:05:57:f3:10:9d:4e:a2:54:b0:cd:6c:27:c5:fb:
54:cf:e0:a9:f4:49:0c:9f:5d:70:44:a1:8e:5d:e7:6d:37:27:
2f:22:00:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTiVZAL5te9lPgsi4p+pdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMmM1Mjc4YzRiYmIwMjZlMTJmZmQ3NjBiZWFjNTlmYzE1
NWZjMjUwHhcNMjQwMTAyMDgzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjFkNmI2OTc3M2E5M2VmNWRjMDU2ZTRhYjFjMmJhZDNmZjhmZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAf6HtSP/MqNOdYT6aTYcBXEk0KQ
TFFDvEQAf4p83084qmx1TQ/kx6tWaBa3lOELadqxBNVeKFO2kf0j03Rn4iEeKV0f
8JG6izA4+FD79dbKGFGL7YMWyyGAhyD4oKffUfq5LmGINdn1y/6Zvey1DmSd6wyB
HjGMmbDQvTk2nMrg/Vxr+7yx/TedgPVL1ISk3ycAjLbSsvh5nnvv0X8iECYGZkm7
lZ5fIEuuW1IX2xJCBtr2QSvut7Ej+EYD+kTm5r55DybhXQJekEGYbxbP9wN2iLw4
sc1igjmLmgxzdRMnjpovOeOtu//Ox32liGn9hnUaHj0WxbEG6Pw0qt+nawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8da2l3OpPvXcBW5KscK60/+P9iMB8GA1UdIwQY
MBaAFKIsUnjEu7Am4S/9dgvqxZ/BVfwlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2l4U2VNUzdzQ2JoTF8xMkMtckZuOEZWX0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9hZmNiYWQtYzEyNi00ZjhlLWJkMjIt
NDkyYjYwMzQzYTcwLzEvX3gxcmFYYzZrLTlkd0Zia3F4d3JyVF80XzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9hZmNiYWQtYzEyNi00ZjhlLWJkMjItNDkyYjYwMzQzYTcw
LzEvb2l4U2VNUzdzQ2JoTF8xMkMtckZuOEZWX0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/J+MA0G
CSqGSIb3DQEBCwUAA4IBAQChEvL9Ln+TOzKuZmKwSvePeYwvDz/Qy2xGhElEx0L1
MYUd2bb3nz5Wn+hRKAuz8bUmoQ2E4lRjP2XPSfbH18Un8FPeMEE7CsRosGcNjKdC
3v7s3iqajcPTMzXjlzyak00Xcd0Y3zb1eYbYlGc80+eOouPY1AnCwEOFatHUCEg4
OkFuDkaGv9ujYg8mr4ehdDYMj5krrv04Pb2f78mbd1lDxO5oJZKxgVS4zS6oZNBe
/rN72lJZoQzU/C53fOWA8xO5TKHvgl1j9xiLirHuwCuO9ICwZ9e3LZubFM33BVfz
EJ1OolSwzWwnxftUz+Cp9EkMn11wRKGOXedtNycvIgAo
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:10:14 2025 by rpki-client