Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/4da5d5-3152-4f54-a0a9-a95aef9c91d9/1/4wffgHQFfKECOnxxKoh258wJP9E.roa
File: 4wffgHQFfKECOnxxKoh258wJP9E.roa (raw, json)
Hash identifier: 6vPZmXVQntsC5v8nouejqxsTqhCWVUGDTd4emOIAe9o=
Subject key identifier: E3:07:DF:80:74:05:7C:A1:02:3A:7C:71:2A:88:76:E7:CC:09:3F:D1
Certificate issuer: /CN=745e643d021ec6d21b475ae460ddedcf7e6b3f66
Certificate serial: 018D11CD7580006B4A251D20E39C624FDFA5
Authority key identifier: 74:5E:64:3D:02:1E:C6:D2:1B:47:5A:E4:60:DD:ED:CF:7E:6B:3F:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dF5kPQIextIbR1rkYN3tz35rP2Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/4da5d5-3152-4f54-a0a9-a95aef9c91d9/1/4wffgHQFfKECOnxxKoh258wJP9E.roa
Signing time: Tue 16 Jan 2024 10:24:54 +0000
ROA not before: Tue 16 Jan 2024 10:24:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50393
IP address blocks: 95.128.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 14:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:cd:75:80:00:6b:4a:25:1d:20:e3:9c:62:4f:df:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=745e643d021ec6d21b475ae460ddedcf7e6b3f66
Validity
Not Before: Jan 16 10:24:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e307df8074057ca1023a7c712a8876e7cc093fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:01:6c:73:8d:f3:4a:a7:32:f7:e0:fa:d7:3b:
c5:dd:82:3c:c7:a0:16:eb:9d:aa:74:60:9e:ba:d9:
16:47:bd:9f:13:f2:7a:0d:0f:6c:e5:9a:24:be:9c:
34:14:13:9e:aa:be:fd:ec:4a:e2:29:5e:b9:2d:af:
ef:f2:32:39:6e:91:f5:a3:51:69:a7:c1:22:70:43:
fd:48:79:33:97:a2:61:74:83:63:50:2f:86:e8:81:
92:49:08:1b:16:1f:20:21:a3:46:d2:0d:ab:51:1a:
33:55:c6:bb:f9:22:46:61:85:17:9e:98:03:d0:cf:
32:10:f4:c0:6e:17:f8:18:0e:b9:6a:43:9f:3c:f4:
6b:23:d7:31:11:3e:8b:49:cf:b7:ed:74:74:fb:ac:
f6:b0:2e:1b:30:06:6f:7b:1c:60:2f:62:27:81:4d:
13:7b:29:9d:0c:20:7e:9f:54:4c:d2:af:b1:12:7c:
89:46:89:a6:5b:1f:1f:65:8f:c7:44:81:68:ec:e1:
58:03:f3:d1:4d:55:bb:fc:ae:6e:4c:99:58:e2:86:
c7:72:a0:99:2d:f9:f5:09:7d:2f:1a:81:13:df:be:
40:f8:bb:09:d7:45:33:d8:52:03:08:60:32:84:23:
ea:5a:92:65:07:41:77:16:61:67:c1:9a:f3:78:5b:
cf:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:07:DF:80:74:05:7C:A1:02:3A:7C:71:2A:88:76:E7:CC:09:3F:D1
X509v3 Authority Key Identifier:
keyid:74:5E:64:3D:02:1E:C6:D2:1B:47:5A:E4:60:DD:ED:CF:7E:6B:3F:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dF5kPQIextIbR1rkYN3tz35rP2Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4da5d5-3152-4f54-a0a9-a95aef9c91d9/1/4wffgHQFfKECOnxxKoh258wJP9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4da5d5-3152-4f54-a0a9-a95aef9c91d9/1/dF5kPQIextIbR1rkYN3tz35rP2Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.199.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:45:c0:8a:16:ac:8e:8b:01:36:0c:91:10:a3:3a:06:6a:3f:
91:5c:cf:86:f2:6e:0c:2f:3c:1b:18:56:3b:0f:b7:f5:44:34:
74:c0:d6:63:57:3b:6b:7e:f8:13:e8:e2:f3:e4:98:c6:5d:cb:
0e:b8:97:a7:21:d2:98:e1:c7:41:ea:42:bb:6e:9d:49:84:a7:
35:e9:6b:1b:58:ca:0c:fd:4a:68:be:19:44:b3:8e:a0:31:ce:
5a:31:0d:04:2a:c1:a3:88:c4:4c:5c:fb:8a:66:f3:cc:04:0b:
f5:33:c7:53:b5:bf:a6:db:bc:d0:7e:7c:fc:07:79:34:aa:6f:
36:60:89:b8:b9:24:fd:60:04:46:a3:02:18:8a:e2:d0:f7:a1:
27:a5:00:f1:27:c4:9d:0f:15:c9:80:81:f7:63:20:63:da:f2:
ac:0a:5a:d3:36:7a:a3:7f:e3:26:88:f7:cc:4b:55:39:f2:f8:
25:42:07:fa:0f:40:01:3c:d7:6d:77:9b:62:c3:a9:3c:5d:55:
fa:18:c2:a2:8d:0d:e8:5a:7d:9b:0b:55:97:f1:21:f6:cb:11:
01:78:f9:7d:84:49:58:3a:1a:c9:ce:a0:a1:c6:ca:42:94:37:
d2:3a:eb:e8:be:75:7a:cb:e2:65:b0:1f:57:35:e2:72:69:fd:
aa:65:9f:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0RzXWAAGtKJR0g45xiT9+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NWU2NDNkMDIxZWM2ZDIxYjQ3NWFlNDYwZGRlZGNmN2U2
YjNmNjYwHhcNMjQwMTE2MTAyNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzA3ZGY4MDc0MDU3Y2ExMDIzYTdjNzEyYTg4NzZlN2NjMDkzZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAFsc43zSqcy9+D61zvF3YI8x6AW
652qdGCeutkWR72fE/J6DQ9s5Zokvpw0FBOeqr797EriKV65La/v8jI5bpH1o1Fp
p8EicEP9SHkzl6JhdINjUC+G6IGSSQgbFh8gIaNG0g2rURozVca7+SJGYYUXnpgD
0M8yEPTAbhf4GA65akOfPPRrI9cxET6LSc+37XR0+6z2sC4bMAZvexxgL2IngU0T
eymdDCB+n1RM0q+xEnyJRommWx8fZY/HRIFo7OFYA/PRTVW7/K5uTJlY4obHcqCZ
Lfn1CX0vGoET375A+LsJ10Uz2FIDCGAyhCPqWpJlB0F3FmFnwZrzeFvPaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMH34B0BXyhAjp8cSqIdufMCT/RMB8GA1UdIwQY
MBaAFHReZD0CHsbSG0da5GDd7c9+az9mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEY1a1BRSWV4dEliUjFya1lOM3R6MzVyUDJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80ZGE1ZDUtMzE1Mi00ZjU0LWEwYTkt
YTk1YWVmOWM5MWQ5LzEvNHdmZmdIUUZmS0VDT254eEtvaDI1OHdKUDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80ZGE1ZDUtMzE1Mi00ZjU0LWEwYTktYTk1YWVmOWM5MWQ5
LzEvZEY1a1BRSWV4dEliUjFya1lOM3R6MzVyUDJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4DHMA0G
CSqGSIb3DQEBCwUAA4IBAQCmRcCKFqyOiwE2DJEQozoGaj+RXM+G8m4MLzwbGFY7
D7f1RDR0wNZjVztrfvgT6OLz5JjGXcsOuJenIdKY4cdB6kK7bp1JhKc16WsbWMoM
/UpovhlEs46gMc5aMQ0EKsGjiMRMXPuKZvPMBAv1M8dTtb+m27zQfnz8B3k0qm82
YIm4uST9YARGowIYiuLQ96EnpQDxJ8SdDxXJgIH3YyBj2vKsClrTNnqjf+MmiPfM
S1U58vglQgf6D0ABPNdtd5tiw6k8XVX6GMKijQ3oWn2bC1WX8SH2yxEBePl9hElY
OhrJzqChxspClDfSOuvovnV6y+JlsB9XNeJyaf2qZZ9y
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:16:14 2025 by rpki-client