Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pQKAPIk4SzTUcRyy_gXRDRFSeSQ.roa
File: pQKAPIk4SzTUcRyy_gXRDRFSeSQ.roa (raw, json)
Hash identifier: mno7mqmdczh2QUiqRRtjEqpn7LimKWQjqvEM27ZcDRI=
Subject key identifier: A5:02:80:3C:89:38:4B:34:D4:71:1C:B2:FE:05:D1:0D:11:52:79:24
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 01944B03FA362B40B8C883A35962DE835D62
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pQKAPIk4SzTUcRyy_gXRDRFSeSQ.roa
Signing time: Thu 09 Jan 2025 12:22:19 +0000
ROA not before: Thu 09 Jan 2025 12:22:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34879
IP address blocks: 195.208.64.0/24 maxlen: 24
195.209.72.0/23 maxlen: 24
195.209.74.0/24 maxlen: 24
195.209.77.0/24 maxlen: 24
195.209.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Feb 2025 10:18:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4b:03:fa:36:2b:40:b8:c8:83:a3:59:62:de:83:5d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 9 12:22:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a502803c89384b34d4711cb2fe05d10d11527924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:de:d5:a7:09:ab:c8:6f:3e:e4:b0:d6:4f:24:
e7:03:5c:ae:a3:55:3a:9e:58:c8:a1:6a:da:2d:61:
11:9e:8c:12:86:c3:b9:cd:4e:9c:54:12:59:9b:1e:
0b:6c:ff:54:a0:4f:b2:0b:e4:2c:73:00:6a:69:93:
db:2c:0c:aa:7a:eb:5e:cb:31:f4:dc:6e:be:3c:27:
c4:37:09:d7:9e:52:a9:ce:84:c1:9a:68:6d:8e:71:
54:88:e7:23:81:59:c9:07:98:29:04:5f:fe:24:d4:
5c:0a:3e:3c:a0:e2:81:16:2e:03:db:5d:c6:67:c9:
84:8a:86:49:c5:98:65:e1:c6:51:7c:25:71:97:07:
09:f4:72:56:b9:e3:00:3c:91:23:7f:2a:c0:d3:90:
a7:ef:6c:d7:26:10:3e:2f:80:a4:19:cd:fc:1c:66:
7f:16:a3:df:36:c8:8e:95:68:ee:dd:9f:13:f1:8e:
eb:00:e3:60:1f:5a:ce:0e:cf:5b:14:8d:4c:3c:b5:
9c:b5:d3:11:43:0b:95:6b:07:d8:ed:5b:c4:a6:f7:
b9:f8:c1:26:88:08:6c:18:ad:95:ee:3d:d5:24:86:
91:b9:88:e6:ec:01:33:2f:90:8b:f5:f1:ba:7d:eb:
8c:b0:40:ed:22:2b:c5:44:9f:5e:dc:71:5a:68:d5:
f4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:02:80:3C:89:38:4B:34:D4:71:1C:B2:FE:05:D1:0D:11:52:79:24
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pQKAPIk4SzTUcRyy_gXRDRFSeSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.208.64.0/24
195.209.72.0-195.209.74.255
195.209.77.0/24
195.209.84.0/24
Signature Algorithm: sha256WithRSAEncryption
23:4d:80:c7:59:69:26:ad:11:17:88:3f:69:ab:d5:d6:47:c3:
07:06:52:22:d1:4a:e8:b8:72:b6:83:74:f2:e7:86:21:73:f2:
fd:72:ec:72:1b:da:5d:48:f3:2a:11:e3:ec:eb:94:9c:94:3d:
0b:15:a1:94:78:f7:49:7b:a8:c7:a9:20:c0:5a:bb:40:27:80:
39:06:ce:16:ee:2c:6d:f9:f1:7e:35:82:3f:ed:17:60:3c:8c:
98:5e:4f:53:b1:9d:8b:b0:a1:26:eb:c2:3d:d9:22:2c:32:74:
53:46:cc:b8:92:5f:07:d7:74:40:01:2e:15:ae:11:14:d5:3a:
d8:81:26:32:8b:93:43:df:bf:66:e6:f2:39:92:bf:58:61:28:
b2:c0:af:9b:a9:78:57:ba:a9:7d:d6:12:e5:52:36:64:3f:8e:
e6:93:e4:f3:8d:4a:fa:ac:e1:2e:88:16:9d:98:07:e1:bf:10:
42:d3:64:a1:84:90:14:8a:f9:ec:2c:24:74:b4:60:0b:22:30:
2d:f0:94:3d:08:72:ed:f0:84:97:5c:9a:ed:0b:db:01:5b:a8:
75:3a:ff:cb:0d:e3:b1:f8:df:c9:cb:e7:85:71:86:f2:ce:a2:
82:a0:f0:00:e6:2e:44:e4:d5:56:c9:08:e0:61:f8:04:ee:7d:
17:28:a3:9f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZRLA/o2K0C4yIOjWWLeg11iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTA5MTIyMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTAyODAzYzg5Mzg0YjM0ZDQ3MTFjYjJmZTA1ZDEwZDExNTI3OTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN7VpwmryG8+5LDWTyTnA1yuo1U6
nljIoWraLWERnowShsO5zU6cVBJZmx4LbP9UoE+yC+QscwBqaZPbLAyqeuteyzH0
3G6+PCfENwnXnlKpzoTBmmhtjnFUiOcjgVnJB5gpBF/+JNRcCj48oOKBFi4D213G
Z8mEioZJxZhl4cZRfCVxlwcJ9HJWueMAPJEjfyrA05Cn72zXJhA+L4CkGc38HGZ/
FqPfNsiOlWju3Z8T8Y7rAONgH1rODs9bFI1MPLWctdMRQwuVawfY7VvEpve5+MEm
iAhsGK2V7j3VJIaRuYjm7AEzL5CL9fG6feuMsEDtIivFRJ9e3HFaaNX0ZwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKUCgDyJOEs01HEcsv4F0Q0RUnkkMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvcFFLQVBJazRTelRVY1J5eV9nWFJEUkZTZVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAw9BAMAwD
BAPD0UgDBADD0UoDBADD0U0DBADD0VQwDQYJKoZIhvcNAQELBQADggEBACNNgMdZ
aSatEReIP2mr1dZHwwcGUiLRSui4craDdPLnhiFz8v1y7HIb2l1I8yoR4+zrlJyU
PQsVoZR490l7qMepIMBau0AngDkGzhbuLG358X41gj/tF2A8jJheT1OxnYuwoSbr
wj3ZIiwydFNGzLiSXwfXdEABLhWuERTVOtiBJjKLk0Pfv2bm8jmSv1hhKLLAr5up
eFe6qX3WEuVSNmQ/juaT5PONSvqs4S6IFp2YB+G/EELTZKGEkBSK+ewsJHS0YAsi
MC3wlD0Icu3whJdcmu0L2wFbqHU6/8sN47H438nL54VxhvLOooKg8ADmLkTk1VbJ
COBh+ATufRcoo58=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:39:19 2025 by rpki-client