Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/1-a39z7QxSwXINXjEzfHUDUeEco0.roa
File: 1-a39z7QxSwXINXjEzfHUDUeEco0.roa (raw, json)
Hash identifier: XLOBEAzDicgz8NM2DH5SXec99CT5hFVlrdk0nf+Vg1M=
Subject key identifier: F9:AD:FD:CF:B4:31:4B:05:C8:35:78:C4:CD:F1:D4:0D:47:84:72:8D
Certificate issuer: /CN=b2a48af3d96931bd90c3bfd55f1fa3047b356014
Certificate serial: 018CC8DF1F9B42BB12B9AC3DA6200544559F
Authority key identifier: B2:A4:8A:F3:D9:69:31:BD:90:C3:BF:D5:5F:1F:A3:04:7B:35:60:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/1-a39z7QxSwXINXjEzfHUDUeEco0.roa
Signing time: Tue 02 Jan 2024 06:31:55 +0000
ROA not before: Tue 02 Jan 2024 06:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34515
IP address blocks: 185.95.186.0/24 maxlen: 24
185.95.184.0/24 maxlen: 24
185.95.185.0/24 maxlen: 24
185.95.187.0/24 maxlen: 24
2a09:a0c6::/32 maxlen: 32
2a09:a0c1::/32 maxlen: 32
2a09:a0c3::/32 maxlen: 32
2a09:a0c4::/32 maxlen: 32
2a09:a0c7::/32 maxlen: 32
2a09:a0c0::/32 maxlen: 32
2a09:a0c2::/32 maxlen: 32
2a09:a0c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:1f:9b:42:bb:12:b9:ac:3d:a6:20:05:44:55:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2a48af3d96931bd90c3bfd55f1fa3047b356014
Validity
Not Before: Jan 2 06:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9adfdcfb4314b05c83578c4cdf1d40d4784728d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c2:88:47:25:bb:e9:f1:4a:62:5e:6b:07:5c:
fc:45:e1:19:7f:ff:bd:88:c8:8a:c4:67:dc:19:74:
72:49:e5:7a:c8:54:47:03:cc:59:11:ba:14:4a:92:
8c:48:4a:0d:65:57:f7:c3:2c:b1:41:b9:17:eb:ea:
90:da:72:4c:a7:fa:4e:d4:12:83:8c:d6:6d:e3:0c:
28:38:f5:61:6a:db:7f:d1:ec:2a:d0:9f:20:44:af:
94:5d:ee:b1:3b:c0:bb:55:d4:96:37:e0:70:85:33:
5f:fe:f8:22:27:aa:c5:c3:77:26:f4:85:33:06:96:
c4:af:b4:8d:1a:ff:d0:d6:c9:e4:58:61:27:09:10:
e4:94:71:f8:e0:03:f0:48:00:44:dc:3d:24:e9:cb:
da:35:15:c1:94:ef:ae:22:17:04:11:8f:e9:3d:8b:
f9:fa:66:d3:6c:2c:9b:ec:ac:30:05:e9:90:50:18:
3e:a0:b7:ff:f0:50:04:34:86:cb:04:ea:10:f3:42:
14:a5:c6:a6:00:b5:3d:a3:d8:75:d5:ea:fc:83:77:
37:ae:75:d4:3a:4f:e5:5d:cd:fb:b6:04:13:a9:c3:
bc:63:23:1f:ab:67:61:e5:19:50:ea:86:fd:91:66:
3c:16:88:27:4c:64:c3:d9:29:84:8d:ab:a5:9a:1a:
0e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AD:FD:CF:B4:31:4B:05:C8:35:78:C4:CD:F1:D4:0D:47:84:72:8D
X509v3 Authority Key Identifier:
keyid:B2:A4:8A:F3:D9:69:31:BD:90:C3:BF:D5:5F:1F:A3:04:7B:35:60:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/1-a39z7QxSwXINXjEzfHUDUeEco0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.184.0/22
IPv6:
2a09:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
76:fb:c8:55:38:83:fc:f5:af:97:33:fb:28:aa:fa:de:b6:15:
d5:4a:c7:d4:ce:0f:d7:86:53:31:71:56:84:71:c6:1a:ff:be:
0e:08:1c:d0:46:61:9f:b3:64:fb:ec:b7:71:49:b0:86:43:9f:
6c:e8:e3:17:86:4f:a2:a6:15:b6:c0:8b:ca:63:27:06:06:39:
22:36:de:3d:c3:84:c0:cc:e1:db:93:9f:83:09:30:5f:34:7c:
76:52:e0:06:17:98:3f:96:b0:72:45:2f:29:67:11:0b:b1:44:
1f:d6:a4:44:7b:6c:bf:92:45:8a:bc:47:64:92:65:e1:d0:a4:
e8:5a:a4:0c:b7:86:14:25:32:05:67:48:fe:31:82:71:df:bc:
3e:a9:0c:6f:98:52:77:e1:2b:91:a5:a8:c5:5b:79:86:c3:49:
9d:0f:98:d8:a5:87:e7:e6:13:e3:1d:a7:b3:32:75:71:53:07:
fe:60:47:69:fe:d9:9a:46:b7:0b:53:46:c1:80:90:6b:23:40:
bc:88:d1:66:02:cc:d4:3d:97:e1:5d:ca:8c:b9:ab:c6:9a:71:
8f:08:58:db:d3:c0:9d:f5:0c:03:57:04:54:22:77:1b:e9:9a:
44:de:53:83:b2:98:cb:54:c6:f7:10:24:12:91:e8:eb:fc:52:
f7:23:1d:3f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzI3x+bQrsSuaw9piAFRFWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYTQ4YWYzZDk2OTMxYmQ5MGMzYmZkNTVmMWZhMzA0N2Iz
NTYwMTQwHhcNMjQwMTAyMDYzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFkZmRjZmI0MzE0YjA1YzgzNTc4YzRjZGYxZDQwZDQ3ODQ3MjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsKIRyW76fFKYl5rB1z8ReEZf/+9
iMiKxGfcGXRySeV6yFRHA8xZEboUSpKMSEoNZVf3wyyxQbkX6+qQ2nJMp/pO1BKD
jNZt4wwoOPVhatt/0ewq0J8gRK+UXe6xO8C7VdSWN+BwhTNf/vgiJ6rFw3cm9IUz
BpbEr7SNGv/Q1snkWGEnCRDklHH44APwSABE3D0k6cvaNRXBlO+uIhcEEY/pPYv5
+mbTbCyb7KwwBemQUBg+oLf/8FAENIbLBOoQ80IUpcamALU9o9h11er8g3c3rnXU
Ok/lXc37tgQTqcO8YyMfq2dh5RlQ6ob9kWY8FognTGTD2SmEjaulmhoOOwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPmt/c+0MUsFyDV4xM3x1A1HhHKNMB8GA1UdIwQY
MBaAFLKkivPZaTG9kMO/1V8fowR7NWAUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3FTSzg5bHBNYjJRdzdfVlh4LWpCSHMxWUJRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kNTFhZGYtMTQ5Mi00YzE0LTg4MjEt
YjliZDA2NTk0ODNhLzEvMS1hMzl6N1F4U3dYSU5YakV6ZkhVRFVlRWNvMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTAvZDUxYWRmLTE0OTItNGMxNC04ODIxLWI5YmQwNjU5NDgz
YS8xL3NxU0s4OWxwTWIyUXc3X1ZYeC1qQkhzMVlCUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlfuDAN
BAIAAjAHAwUDKgmgwDANBgkqhkiG9w0BAQsFAAOCAQEAdvvIVTiD/PWvlzP7KKr6
3rYV1UrH1M4P14ZTMXFWhHHGGv++Dggc0EZhn7Nk++y3cUmwhkOfbOjjF4ZPoqYV
tsCLymMnBgY5IjbePcOEwMzh25OfgwkwXzR8dlLgBheYP5awckUvKWcRC7FEH9ak
RHtsv5JFirxHZJJl4dCk6FqkDLeGFCUyBWdI/jGCcd+8PqkMb5hSd+ErkaWoxVt5
hsNJnQ+Y2KWH5+YT4x2nszJ1cVMH/mBHaf7Zmka3C1NGwYCQayNAvIjRZgLM1D2X
4V3KjLmrxppxjwhY29PAnfUMA1cEVCJ3G+maRN5Tg7KYy1TG9xAkEpHo6/xS9yMd
Pw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:00 2025 by rpki-client