Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/P7Stq8axPaCJnPn9Iw7gt7fT8D0.roa
File: P7Stq8axPaCJnPn9Iw7gt7fT8D0.roa (raw, json)
Hash identifier: 201uvW25zFb5pa+ncKr3m83sc87fazP73y7ZBlJ6V9U=
Subject key identifier: 3F:B4:AD:AB:C6:B1:3D:A0:89:9C:F9:FD:23:0E:E0:B7:B7:D3:F0:3D
Certificate issuer: /CN=6cff3d899e26fc84fb4379fb325f174b5075ce0d
Certificate serial: 018CC80156B8FC49D933726F25A2CC8511E3
Authority key identifier: 6C:FF:3D:89:9E:26:FC:84:FB:43:79:FB:32:5F:17:4B:50:75:CE:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP89iZ4m_IT7Q3n7Ml8XS1B1zg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/P7Stq8axPaCJnPn9Iw7gt7fT8D0.roa
Signing time: Tue 02 Jan 2024 02:29:40 +0000
ROA not before: Tue 02 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29317
IP address blocks: 195.137.210.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:56:b8:fc:49:d9:33:72:6f:25:a2:cc:85:11:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cff3d899e26fc84fb4379fb325f174b5075ce0d
Validity
Not Before: Jan 2 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fb4adabc6b13da0899cf9fd230ee0b7b7d3f03d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1b:c6:5a:d6:42:26:69:72:87:ff:c0:7d:f1:
a4:12:59:b0:9a:30:ea:f3:3e:39:ff:c4:a3:97:c7:
96:a1:3b:a0:4e:f8:6e:f6:80:e5:67:d9:65:11:a9:
3d:c4:f0:74:46:53:2b:5a:42:4c:38:8c:71:a6:89:
b6:26:6e:14:30:36:fe:f3:f4:ba:dd:f7:f5:29:4f:
a9:72:83:33:ae:2d:30:58:4b:a5:56:07:34:d4:ea:
95:00:78:a2:52:39:b9:a2:41:52:63:d5:83:77:47:
2c:d0:16:44:96:91:76:0c:82:bf:9b:b4:28:93:29:
d5:82:6c:f7:53:de:ea:0a:b2:72:a9:cb:94:75:4d:
77:f2:93:be:26:af:a5:d4:e9:1d:ee:a9:d3:19:a5:
c4:0f:6e:d7:f6:17:4d:50:b2:43:e0:47:4f:a2:7d:
78:b1:b5:3c:ec:fe:6e:dd:3c:ba:78:e8:53:52:12:
fd:83:0d:b1:7b:c9:6e:7d:cc:82:b5:b1:67:04:1f:
60:fa:b8:82:da:d0:84:c9:de:d7:bf:98:d3:b5:43:
17:bd:22:ab:2e:b8:5c:fc:6e:03:f4:1e:de:92:81:
b3:57:b6:0f:26:8e:07:e1:fc:b5:21:a7:17:02:8b:
6a:3b:56:dd:3d:aa:98:ac:7e:4c:f0:fd:92:3f:ec:
69:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B4:AD:AB:C6:B1:3D:A0:89:9C:F9:FD:23:0E:E0:B7:B7:D3:F0:3D
X509v3 Authority Key Identifier:
keyid:6C:FF:3D:89:9E:26:FC:84:FB:43:79:FB:32:5F:17:4B:50:75:CE:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP89iZ4m_IT7Q3n7Ml8XS1B1zg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/P7Stq8axPaCJnPn9Iw7gt7fT8D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/bP89iZ4m_IT7Q3n7Ml8XS1B1zg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.210.0/23
Signature Algorithm: sha256WithRSAEncryption
76:91:a2:4d:ae:97:e0:7e:2c:24:98:31:f7:3b:93:c0:6f:da:
18:bd:bc:9c:85:70:14:4f:1c:d2:ad:ae:45:48:48:26:8c:47:
dc:e4:51:06:e3:39:be:10:97:61:b5:97:73:23:39:8b:a1:e9:
a6:16:4f:e2:97:d5:52:37:1e:38:29:0e:9f:7a:21:54:67:40:
a9:29:a6:b3:5a:f6:a5:2e:6d:61:c2:77:f2:09:94:cd:44:d3:
b8:52:f0:8b:3b:73:50:5a:70:a3:56:c8:66:ce:f0:b2:95:ae:
87:93:5f:9f:3c:4c:c1:06:26:5f:c1:e6:97:8b:a7:30:83:bf:
94:e2:7a:20:9a:c3:e2:d2:9d:8b:28:28:07:db:9f:99:34:61:
90:24:13:84:90:72:70:aa:35:f7:84:bf:89:50:a7:fe:15:c8:
76:2f:7d:82:7a:fd:42:aa:ae:1e:a8:c9:90:65:d7:68:65:ee:
c5:d5:8f:8a:45:a4:5c:07:87:a7:4b:e8:70:0d:c3:55:bb:45:
0f:b0:18:9c:bc:a3:99:4c:00:ae:22:53:4b:3f:72:dd:a1:98:
5b:17:b2:48:8c:7e:13:d8:67:9e:96:40:05:88:1b:14:f3:2f:
12:e6:3c:43:9c:00:ca:42:15:91:32:9d:6b:e6:eb:34:25:14:
7f:72:47:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAVa4/EnZM3JvJaLMhRHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmYzZDg5OWUyNmZjODRmYjQzNzlmYjMyNWYxNzRiNTA3
NWNlMGQwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmI0YWRhYmM2YjEzZGEwODk5Y2Y5ZmQyMzBlZTBiN2I3ZDNmMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBvGWtZCJmlyh//AffGkElmwmjDq
8z45/8Sjl8eWoTugTvhu9oDlZ9llEak9xPB0RlMrWkJMOIxxpom2Jm4UMDb+8/S6
3ff1KU+pcoMzri0wWEulVgc01OqVAHiiUjm5okFSY9WDd0cs0BZElpF2DIK/m7Qo
kynVgmz3U97qCrJyqcuUdU138pO+Jq+l1Okd7qnTGaXED27X9hdNULJD4EdPon14
sbU87P5u3Ty6eOhTUhL9gw2xe8lufcyCtbFnBB9g+riC2tCEyd7Xv5jTtUMXvSKr
Lrhc/G4D9B7ekoGzV7YPJo4H4fy1IacXAotqO1bdPaqYrH5M8P2SP+xpuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD+0ravGsT2giZz5/SMO4Le30/A9MB8GA1UdIwQY
MBaAFGz/PYmeJvyE+0N5+zJfF0tQdc4NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlA4OWlaNG1fSVQ3UTNuN01sOFhTMUIxemcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iMGM4NzUtMjRlMS00NDRkLWIwMWQt
NTQwOGY4ZDlkZmIxLzEvUDdTdHE4YXhQYUNKblBuOUl3N2d0N2ZUOEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iMGM4NzUtMjRlMS00NDRkLWIwMWQtNTQwOGY4ZDlkZmIx
LzEvYlA4OWlaNG1fSVQ3UTNuN01sOFhTMUIxemcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4nSMA0G
CSqGSIb3DQEBCwUAA4IBAQB2kaJNrpfgfiwkmDH3O5PAb9oYvbychXAUTxzSra5F
SEgmjEfc5FEG4zm+EJdhtZdzIzmLoemmFk/il9VSNx44KQ6feiFUZ0CpKaazWval
Lm1hwnfyCZTNRNO4UvCLO3NQWnCjVshmzvCyla6Hk1+fPEzBBiZfweaXi6cwg7+U
4nogmsPi0p2LKCgH25+ZNGGQJBOEkHJwqjX3hL+JUKf+Fch2L32Cev1Cqq4eqMmQ
ZddoZe7F1Y+KRaRcB4enS+hwDcNVu0UPsBicvKOZTACuIlNLP3LdoZhbF7JIjH4T
2GeelkAFiBsU8y8S5jxDnADKQhWRMp1r5us0JRR/ckeR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:46 2025 by rpki-client