Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/APRp7rHpEjYjR8ZrUG2fyAOxowU.roa
File: APRp7rHpEjYjR8ZrUG2fyAOxowU.roa (raw, json)
Hash identifier: bUA1CuSmyE/2BEwa5cuF2WIZQjckyqdMqQVTwHAmqmY=
Subject key identifier: 00:F4:69:EE:B1:E9:12:36:23:47:C6:6B:50:6D:9F:C8:03:B1:A3:05
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 018CC9BC71F0BBFBCEF71570B09217E5F892
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/APRp7rHpEjYjR8ZrUG2fyAOxowU.roa
Signing time: Tue 02 Jan 2024 10:33:39 +0000
ROA not before: Tue 02 Jan 2024 10:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211030
IP address blocks: 195.5.115.0/24 maxlen: 24
2a0d:f407:1030::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:71:f0:bb:fb:ce:f7:15:70:b0:92:17:e5:f8:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 2 10:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00f469eeb1e912362347c66b506d9fc803b1a305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e0:f8:d8:f7:43:ee:5f:0b:48:84:ca:33:3c:
7b:74:b5:7e:71:c5:5b:ce:14:08:50:74:d1:26:12:
aa:0e:48:11:8f:cd:da:7a:cf:61:ce:27:c5:78:b6:
7b:ec:e8:3c:e3:8c:c2:8f:2a:ab:29:db:55:f1:d7:
12:31:1a:71:fd:b8:d9:e5:53:00:ea:b9:0e:69:50:
ec:1a:a8:54:51:0a:79:3d:76:4b:d5:eb:7e:07:b6:
cf:4d:43:29:ed:15:b7:bf:c4:68:5c:df:75:c8:bd:
db:bc:d9:55:9b:4d:7b:22:e4:8e:1a:24:60:ed:9a:
3d:d7:ad:1a:be:53:7c:67:36:25:25:db:0d:06:4b:
12:4a:c7:a3:dd:b1:b9:6a:89:46:02:19:75:95:a3:
85:a2:e6:46:23:0a:fb:aa:cd:d6:3e:59:37:8f:f7:
ab:bb:a8:81:c9:14:e5:e7:e7:21:0a:df:97:d9:5d:
4f:fc:49:9e:20:e6:97:1d:90:9b:31:20:18:32:bb:
59:bb:8d:51:66:12:90:89:c3:61:f4:9e:ff:6f:26:
7e:57:ec:c5:ce:8e:a6:1d:e4:9a:d5:b7:79:43:33:
ff:55:0d:cb:cb:84:16:4c:4a:8e:01:31:01:68:a1:
9d:e3:19:3a:3b:d5:3c:de:f2:aa:9e:d6:9c:a7:97:
1d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F4:69:EE:B1:E9:12:36:23:47:C6:6B:50:6D:9F:C8:03:B1:A3:05
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/APRp7rHpEjYjR8ZrUG2fyAOxowU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.115.0/24
IPv6:
2a0d:f407:1030::/48
Signature Algorithm: sha256WithRSAEncryption
4d:9b:c7:26:17:a1:34:72:72:8c:6c:bb:88:9c:c6:73:4b:56:
c1:a8:2f:b3:16:a5:51:da:b9:6e:8c:ee:ca:c9:93:d4:3c:ea:
b7:a5:81:40:97:60:38:83:a9:c0:ae:26:72:6a:25:40:49:73:
8e:a0:15:24:ce:bd:e7:c2:0d:ea:fb:04:60:ba:fe:cb:e1:09:
02:b8:ce:84:fd:a1:ac:e2:3e:8c:35:0d:89:c8:d9:a7:fe:6b:
ff:7b:d2:f3:12:89:f0:d2:1e:22:6b:17:45:81:50:34:2e:23:
f0:3a:f6:b2:1b:48:41:2b:6c:96:3c:96:b1:31:e6:ac:af:a7:
e9:1a:ab:2f:6b:35:c4:b9:a8:38:0a:49:c5:a4:7b:8b:e4:c8:
fa:21:73:86:25:bd:5c:b3:f0:22:ee:5f:4a:90:09:21:3b:f1:
53:7c:29:2e:11:37:70:d1:f5:57:39:56:80:fa:58:f3:d6:55:
cb:13:7b:01:7b:b9:b1:b6:58:1a:f7:21:09:e8:36:12:1b:98:
df:2b:e2:65:49:75:bb:19:17:30:fa:20:15:34:4d:63:ab:f1:
83:3f:90:5f:07:3c:e8:19:3c:42:d6:3a:47:1e:40:7e:ab:3c:
de:62:39:b8:66:ca:17:50:ca:2c:3e:fc:0d:d2:1e:92:c0:0e:
28:d5:91:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJvHHwu/vO9xVwsJIX5fiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwMTAyMTAzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGY0NjllZWIxZTkxMjM2MjM0N2M2NmI1MDZkOWZjODAzYjFhMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+D42PdD7l8LSITKMzx7dLV+ccVb
zhQIUHTRJhKqDkgRj83aes9hzifFeLZ77Og844zCjyqrKdtV8dcSMRpx/bjZ5VMA
6rkOaVDsGqhUUQp5PXZL1et+B7bPTUMp7RW3v8RoXN91yL3bvNlVm017IuSOGiRg
7Zo9160avlN8ZzYlJdsNBksSSsej3bG5aolGAhl1laOFouZGIwr7qs3WPlk3j/er
u6iByRTl5+chCt+X2V1P/EmeIOaXHZCbMSAYMrtZu41RZhKQicNh9J7/byZ+V+zF
zo6mHeSa1bd5QzP/VQ3Ly4QWTEqOATEBaKGd4xk6O9U83vKqntacp5cd/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAD0ae6x6RI2I0fGa1Btn8gDsaMFMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvQVBScDdySHBFallqUjhaclVHMmZ5QU94b3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwwVzMA8E
AgACMAkDBwAqDfQHEDAwDQYJKoZIhvcNAQELBQADggEBAE2bxyYXoTRycoxsu4ic
xnNLVsGoL7MWpVHauW6M7srJk9Q86relgUCXYDiDqcCuJnJqJUBJc46gFSTOvefC
Der7BGC6/svhCQK4zoT9oaziPow1DYnI2af+a/970vMSifDSHiJrF0WBUDQuI/A6
9rIbSEErbJY8lrEx5qyvp+kaqy9rNcS5qDgKScWke4vkyPohc4YlvVyz8CLuX0qQ
CSE78VN8KS4RN3DR9Vc5VoD6WPPWVcsTewF7ubG2WBr3IQnoNhIbmN8r4mVJdbsZ
FzD6IBU0TWOr8YM/kF8HPOgZPELWOkceQH6rPN5iObhmyhdQyiw+/A3SHpLADijV
kUw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:44 2025 by rpki-client