Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pg3VsQmAywzr06Z3euCbF1rkg_0.roa
File: pg3VsQmAywzr06Z3euCbF1rkg_0.roa (raw, json)
Hash identifier: yLmvgD4CM4PhjHmnKB42CKffElcFTaQszZpOfGuDTvU=
Subject key identifier: A6:0D:D5:B1:09:80:CB:0C:EB:D3:A6:77:7A:E0:9B:17:5A:E4:83:FD
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD51FE47B9CCA7E26B412C1714129B
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pg3VsQmAywzr06Z3euCbF1rkg_0.roa
Signing time: Thu 02 Jan 2025 07:49:06 +0000
ROA not before: Thu 02 Jan 2025 07:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34879
IP address blocks: 195.209.72.0/23 maxlen: 24
195.209.74.0/24 maxlen: 24
195.209.77.0/24 maxlen: 24
195.209.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 12:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:51:fe:47:b9:cc:a7:e2:6b:41:2c:17:14:12:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a60dd5b10980cb0cebd3a6777ae09b175ae483fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6c:11:da:4b:13:7e:44:55:63:42:17:7d:59:
fe:31:7c:42:11:1b:53:b4:d7:11:dc:ef:70:27:0f:
43:c8:f8:cb:0d:b0:77:d0:70:3a:56:fd:53:df:79:
ed:1d:e7:07:3d:92:8d:15:73:aa:37:bc:ae:4b:80:
20:bd:78:a7:04:fb:ad:3c:e8:ff:19:d9:8d:9c:1a:
9a:9c:57:7a:56:d2:db:fe:82:4a:14:7a:3b:ce:e1:
68:7a:fe:c1:98:a0:cd:dc:7b:3a:0c:b6:c4:a5:92:
cd:2c:9b:28:51:83:d8:1b:44:7b:83:44:cc:46:82:
65:6d:5c:b2:44:8c:8b:b7:a6:83:9e:17:65:19:07:
05:de:3b:0e:b7:99:dd:a1:7a:5c:7b:4b:85:65:91:
f2:8d:c3:b3:a9:2e:23:08:d0:97:cc:b5:80:af:cf:
95:86:cf:9f:af:e1:b5:72:f6:39:db:72:73:d8:d6:
f8:7b:00:b0:05:3b:43:b6:f7:9e:7e:23:ad:49:64:
75:ec:12:3b:16:db:a6:3a:be:e8:f7:ad:3a:39:d0:
9e:b3:04:7f:f5:da:38:20:cc:59:37:bc:ca:82:6a:
28:4b:39:26:cb:24:80:ed:91:38:c5:a2:36:60:64:
10:1c:c0:84:25:34:d5:80:4c:2a:2b:25:0a:a0:66:
94:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:0D:D5:B1:09:80:CB:0C:EB:D3:A6:77:7A:E0:9B:17:5A:E4:83:FD
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pg3VsQmAywzr06Z3euCbF1rkg_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.209.72.0-195.209.74.255
195.209.77.0/24
195.209.84.0/24
Signature Algorithm: sha256WithRSAEncryption
01:07:f7:98:d3:8d:51:8e:f5:c3:c1:62:ed:53:72:97:74:44:
e6:f2:e4:85:c8:ab:93:5a:02:fe:0a:44:1b:41:0c:37:89:8b:
15:0f:f0:07:f7:76:47:2a:f9:f4:0c:2e:af:1f:e2:6b:dc:35:
6c:6b:c0:a8:1a:af:a5:ca:a4:c8:16:ca:c4:3c:58:0c:0e:1a:
3e:51:ee:ee:48:3c:34:5b:20:15:91:e0:8a:d1:4d:dc:04:30:
9b:61:63:ca:95:8b:b9:b6:a6:38:d4:fd:9e:9f:71:41:9b:67:
2c:9d:0a:1e:97:2f:eb:ab:8a:66:e3:25:36:e3:87:8d:dd:6b:
a9:49:7b:55:43:39:0f:46:6e:04:31:28:ed:22:a8:56:2c:ac:
4c:80:9f:30:c9:71:7b:45:d2:72:9a:06:5f:ce:a7:f7:f6:89:
c8:78:35:2d:b9:b9:3f:5b:68:be:54:ab:25:7b:47:fa:a6:7a:
f7:ba:6f:e2:96:2e:8a:f9:9e:fb:82:3c:d1:9c:d4:e0:7a:fc:
ed:f1:eb:58:a5:50:21:4f:ff:9c:e1:05:de:84:dd:9c:ad:20:
4f:39:ad:27:7c:6f:7a:b1:09:31:1d:5d:04:ba:55:fa:bd:b1:
28:fe:03:31:28:b1:99:07:ed:90:a2:e4:16:24:b1:f3:20:60:
70:f4:93:0a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQl/VH+R7nMp+JrQSwXFBKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjBkZDViMTA5ODBjYjBjZWJkM2E2Nzc3YWUwOWIxNzVhZTQ4M2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmwR2ksTfkRVY0IXfVn+MXxCERtT
tNcR3O9wJw9DyPjLDbB30HA6Vv1T33ntHecHPZKNFXOqN7yuS4AgvXinBPutPOj/
GdmNnBqanFd6VtLb/oJKFHo7zuFoev7BmKDN3Hs6DLbEpZLNLJsoUYPYG0R7g0TM
RoJlbVyyRIyLt6aDnhdlGQcF3jsOt5ndoXpce0uFZZHyjcOzqS4jCNCXzLWAr8+V
hs+fr+G1cvY523Jz2Nb4ewCwBTtDtveefiOtSWR17BI7FtumOr7o9606OdCeswR/
9do4IMxZN7zKgmooSzkmyySA7ZE4xaI2YGQQHMCEJTTVgEwqKyUKoGaUpQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKYN1bEJgMsM69Omd3rgmxda5IP9MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvcGczVnNRbUF5d3pyMDZaM2V1Q2JGMXJrZ18wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAPD0UgD
BADD0UoDBADD0U0DBADD0VQwDQYJKoZIhvcNAQELBQADggEBAAEH95jTjVGO9cPB
Yu1Tcpd0ROby5IXIq5NaAv4KRBtBDDeJixUP8Af3dkcq+fQMLq8f4mvcNWxrwKga
r6XKpMgWysQ8WAwOGj5R7u5IPDRbIBWR4IrRTdwEMJthY8qVi7m2pjjU/Z6fcUGb
ZyydCh6XL+urimbjJTbjh43da6lJe1VDOQ9GbgQxKO0iqFYsrEyAnzDJcXtF0nKa
Bl/Op/f2ich4NS25uT9baL5UqyV7R/qmeve6b+KWLor5nvuCPNGc1OB6/O3x61il
UCFP/5zhBd6E3ZytIE85rSd8b3qxCTEdXQS6Vfq9sSj+AzEosZkH7ZCi5BYksfMg
YHD0kwo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:23 2025 by rpki-client