Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/AdAvm2HFVbjSd8tR4c5CHcK8syk.roa
File: AdAvm2HFVbjSd8tR4c5CHcK8syk.roa (raw, json)
Hash identifier: Nv8jy0wxZP4HUQc23nO7ZoZ1O+WNw8QctjnseqSCRWk=
Subject key identifier: 01:D0:2F:9B:61:C5:55:B8:D2:77:CB:51:E1:CE:42:1D:C2:BC:B3:29
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBCA193A0827E4678CBDBEB9FF88B7
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/AdAvm2HFVbjSd8tR4c5CHcK8syk.roa
Signing time: Tue 02 Jan 2024 10:32:56 +0000
ROA not before: Tue 02 Jan 2024 10:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 195.228.112.0/24 maxlen: 24
195.228.4.0/24 maxlen: 24
84.1.236.0/24 maxlen: 24
195.56.199.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ca:19:3a:08:27:e4:67:8c:bd:be:b9:ff:88:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01d02f9b61c555b8d277cb51e1ce421dc2bcb329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:55:f3:dc:74:97:92:0e:fe:fd:25:6f:fc:d2:
90:d3:b7:76:66:6a:69:88:d1:f4:54:22:86:0d:47:
e5:a7:9a:1c:cd:48:1f:ef:75:81:13:e2:01:d7:fa:
8e:a2:df:87:d2:27:9d:bb:9b:53:b0:28:1a:71:78:
72:24:93:b3:f1:5e:db:36:bc:ea:8a:57:ca:a7:dd:
28:fb:33:25:03:51:62:cf:cd:13:b2:47:15:17:46:
ee:5e:cd:ab:b7:21:d1:89:d0:6f:ee:a2:9b:3b:bc:
3f:74:4e:94:82:6c:31:d1:a3:40:22:b7:87:e2:87:
8f:1b:3e:8b:00:8a:5f:c4:46:8c:5d:67:b8:3e:66:
69:6c:60:fc:6c:c0:b7:e1:63:2b:80:8c:86:de:b3:
f0:1f:10:c6:46:de:c8:c5:b2:11:39:5c:30:c6:7f:
7c:18:68:30:e0:81:1d:67:a2:d2:52:17:48:7c:87:
d7:19:6c:4f:c1:e0:15:ee:2d:f3:57:3a:f3:0c:8b:
9e:3d:04:1b:0f:a7:6e:98:79:cd:4c:c2:01:f4:9c:
ad:01:5e:43:37:32:72:da:43:8b:41:cf:67:bd:89:
42:ca:aa:34:b8:cc:76:e9:67:6b:c7:e4:3d:46:15:
5b:df:f3:13:b7:c4:b9:8d:b0:a3:24:08:65:be:d0:
4e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D0:2F:9B:61:C5:55:B8:D2:77:CB:51:E1:CE:42:1D:C2:BC:B3:29
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/AdAvm2HFVbjSd8tR4c5CHcK8syk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.236.0/24
84.2.54.0/24
195.56.199.0/24
195.228.4.0/24
195.228.112.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:73:7f:94:e6:ab:25:34:3d:e0:65:6e:5f:3c:7d:ab:a8:b8:
33:a5:53:fd:00:76:76:73:b8:60:dc:e8:5a:71:12:fd:dd:8b:
5c:06:8b:ea:34:e0:03:7a:49:d8:05:33:bb:05:a8:94:73:67:
72:0e:7b:23:8a:e0:f1:47:b3:ba:d8:57:7c:11:41:58:4a:38:
7f:96:91:4b:ef:38:d1:c2:ce:3d:e8:ca:f3:fa:60:48:ef:2b:
32:1e:13:11:b5:1b:58:0d:a6:90:3e:5e:f3:35:e7:9b:71:fc:
3e:fb:1a:21:9b:b8:53:86:59:88:d1:c6:98:b7:b6:d4:6a:39:
83:23:ac:45:f5:de:45:a4:31:20:9a:9e:11:30:90:21:78:e9:
85:57:e0:20:81:46:28:52:0f:32:cb:ff:78:0d:5f:45:89:ce:
65:80:fe:1b:3c:fc:da:14:80:cd:39:82:40:93:77:02:8b:e4:
01:1d:82:ea:02:c4:a3:65:cd:97:53:8c:96:44:95:14:e7:38:
2d:43:67:aa:f9:80:0e:1f:c1:18:b3:fa:a9:a0:cd:85:6b:9b:
c4:bd:b9:f6:2b:ca:b7:84:e9:7e:66:ad:92:5c:a9:3e:4d:da:
4a:e4:22:9e:04:f4:fc:f0:88:40:39:61:fe:4f:e1:77:53:e2:
5b:de:e6:d5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJu8oZOggn5GeMvb65/4i3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQwMmY5YjYxYzU1NWI4ZDI3N2NiNTFlMWNlNDIxZGMyYmNiMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1Xz3HSXkg7+/SVv/NKQ07d2Zmpp
iNH0VCKGDUflp5oczUgf73WBE+IB1/qOot+H0iedu5tTsCgacXhyJJOz8V7bNrzq
ilfKp90o+zMlA1Fiz80TskcVF0buXs2rtyHRidBv7qKbO7w/dE6Ugmwx0aNAIreH
4oePGz6LAIpfxEaMXWe4PmZpbGD8bMC34WMrgIyG3rPwHxDGRt7IxbIROVwwxn98
GGgw4IEdZ6LSUhdIfIfXGWxPweAV7i3zVzrzDIuePQQbD6dumHnNTMIB9JytAV5D
NzJy2kOLQc9nvYlCyqo0uMx26Wdrx+Q9RhVb3/MTt8S5jbCjJAhlvtBO2wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAHQL5thxVW40nfLUeHOQh3CvLMpMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvQWRBdm0ySEZWYmpTZDh0UjRjNUNIY0s4c3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVAHsAwQA
VAI2AwQAwzjHAwQAw+QEAwQAw+RwMA0GCSqGSIb3DQEBCwUAA4IBAQAec3+U5qsl
ND3gZW5fPH2rqLgzpVP9AHZ2c7hg3OhacRL93YtcBovqNOADeknYBTO7BaiUc2dy
DnsjiuDxR7O62Fd8EUFYSjh/lpFL7zjRws496Mrz+mBI7ysyHhMRtRtYDaaQPl7z
Neebcfw++xohm7hThlmI0caYt7bUajmDI6xF9d5FpDEgmp4RMJAheOmFV+AggUYo
Ug8yy/94DV9Fic5lgP4bPPzaFIDNOYJAk3cCi+QBHYLqAsSjZc2XU4yWRJUU5zgt
Q2eq+YAOH8EYs/qpoM2Fa5vEvbn2K8q3hOl+Zq2SXKk+TdpK5CKeBPT88IhAOWH+
T+F3U+Jb3ubV
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:33:32 2025 by rpki-client