Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/i16bg8EHWqbJOZhM0uFyjw79xMs.roa
File: i16bg8EHWqbJOZhM0uFyjw79xMs.roa (raw, json)
Hash identifier: K8oW5/VRxVPwJZg/lUqB2w27TzYEQ/sVvvpzgghNaIE=
Subject key identifier: 8B:5E:9B:83:C1:07:5A:A6:C9:39:98:4C:D2:E1:72:8F:0E:FD:C4:CB
Certificate issuer: /CN=7b48945b9d716cd47fbde2860d8100fcda987496
Certificate serial: 018CC26CF2B85304106D14424B5D66B21980
Authority key identifier: 7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/i16bg8EHWqbJOZhM0uFyjw79xMs.roa
Signing time: Mon 01 Jan 2024 00:29:29 +0000
ROA not before: Mon 01 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13246
IP address blocks: 185.181.192.0/22 maxlen: 22
185.181.195.0/24 maxlen: 24
95.130.16.0/21 maxlen: 21
95.130.16.0/24 maxlen: 24
95.130.17.0/24 maxlen: 24
95.130.22.0/24 maxlen: 24
95.130.20.0/24 maxlen: 24
2a02:2940::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Jan 2024 08:58:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f2:b8:53:04:10:6d:14:42:4b:5d:66:b2:19:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b48945b9d716cd47fbde2860d8100fcda987496
Validity
Not Before: Jan 1 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b5e9b83c1075aa6c939984cd2e1728f0efdc4cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:87:57:c7:02:13:1f:b1:f7:57:51:d6:65:51:
87:3f:48:aa:e4:e4:8d:aa:af:2c:0a:ac:d1:ef:12:
63:5b:c0:07:74:36:9e:de:50:e3:7c:2d:d0:52:7b:
bf:a1:ed:27:c0:a1:89:85:03:99:2a:6a:60:03:7f:
8e:8b:ca:17:fe:2f:45:7a:43:44:b1:43:e9:fc:5d:
fb:f0:90:98:b8:86:89:43:b3:a1:0f:cf:9e:7b:f7:
ca:d5:78:68:32:66:bd:23:6e:c5:64:99:7b:4d:db:
b0:01:1a:7f:6e:d1:35:1c:70:98:89:7c:38:5d:c2:
3f:1d:4e:27:3e:ae:ac:84:5c:40:53:b9:b0:f0:f7:
f4:64:a2:25:15:01:f6:ad:2f:85:22:67:70:c0:af:
58:0a:9f:88:4e:4a:65:55:48:45:58:0e:92:fe:d4:
8b:ae:e5:36:ce:9c:26:87:31:45:73:7c:73:ef:65:
d5:73:78:98:71:69:6c:7b:00:35:3c:cc:85:0e:fa:
9b:2a:32:5a:8f:71:4d:14:4c:38:2e:c8:d0:00:7c:
e0:2c:fb:d7:9b:60:1f:84:e3:5e:33:5d:00:92:e9:
77:4e:9c:0f:4f:31:1a:16:32:17:cd:1a:f2:2f:f0:
d8:83:49:bc:70:ed:9d:97:c5:32:f0:16:92:ea:9f:
bb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5E:9B:83:C1:07:5A:A6:C9:39:98:4C:D2:E1:72:8F:0E:FD:C4:CB
X509v3 Authority Key Identifier:
keyid:7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/i16bg8EHWqbJOZhM0uFyjw79xMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.16.0/21
185.181.192.0/22
IPv6:
2a02:2940::/32
Signature Algorithm: sha256WithRSAEncryption
1d:ea:30:60:4d:3e:9a:4e:d4:10:e1:1a:fa:6b:09:9a:9f:f6:
fe:f4:f0:e5:f9:91:e4:47:ab:1c:1f:fa:7f:12:0f:4e:91:8b:
d8:e2:8e:df:87:e5:b7:1e:8e:fc:81:9a:c6:94:e4:07:9f:5c:
82:81:e8:2f:4d:b4:7d:ba:8b:a8:04:f9:a2:ca:47:df:8b:1e:
b4:ea:dc:58:78:fe:f1:6a:c5:67:91:77:65:77:9b:53:48:5e:
d0:9a:b9:fd:90:61:e6:d7:29:86:42:6e:98:3f:25:6e:ad:32:
8b:6e:78:48:37:5a:95:3f:d0:20:fe:99:c3:3c:c8:77:d0:8f:
f9:59:bb:d5:78:56:28:06:c7:fd:4f:4d:8c:62:14:15:e9:f8:
9c:d5:a5:7d:21:c8:19:99:55:34:63:bb:43:73:21:13:24:e2:
4e:89:42:62:25:76:9c:a1:88:32:9f:77:5d:9d:6d:01:bf:5e:
33:b1:d5:f3:fc:1a:d9:86:71:c0:85:a4:ec:c6:cc:e5:7b:28:
a3:d6:a2:41:c5:98:db:85:1b:9f:22:fc:94:af:5e:37:49:64:
0d:1b:9d:7a:94:57:1f:12:bd:9e:07:f7:d9:08:72:8c:b0:6b:
66:aa:74:0f:d6:f2:65:3a:3e:c1:d3:8f:ac:a6:9c:c2:33:06:
ed:69:fa:0a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbPK4UwQQbRRCS11mshmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNDg5NDViOWQ3MTZjZDQ3ZmJkZTI4NjBkODEwMGZjZGE5
ODc0OTYwHhcNMjQwMTAxMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjVlOWI4M2MxMDc1YWE2YzkzOTk4NGNkMmUxNzI4ZjBlZmRjNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4dXxwITH7H3V1HWZVGHP0iq5OSN
qq8sCqzR7xJjW8AHdDae3lDjfC3QUnu/oe0nwKGJhQOZKmpgA3+Oi8oX/i9FekNE
sUPp/F378JCYuIaJQ7OhD8+ee/fK1XhoMma9I27FZJl7TduwARp/btE1HHCYiXw4
XcI/HU4nPq6shFxAU7mw8Pf0ZKIlFQH2rS+FImdwwK9YCp+ITkplVUhFWA6S/tSL
ruU2zpwmhzFFc3xz72XVc3iYcWlsewA1PMyFDvqbKjJaj3FNFEw4LsjQAHzgLPvX
m2AfhONeM10Akul3TpwPTzEaFjIXzRryL/DYg0m8cO2dl8Uy8BaS6p+7FQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFItem4PBB1qmyTmYTNLhco8O/cTLMB8GA1UdIwQY
MBaAFHtIlFudcWzUf73ihg2BAPzamHSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2Mt
NGU4NTg5N2YzMDljLzEvaTE2Ymc4RUhXcWJKT1poTTB1Rnlqdzc5eE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2MtNGU4NTg5N2YzMDlj
LzEvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX4IQAwQC
ubXAMA0EAgACMAcDBQAqAilAMA0GCSqGSIb3DQEBCwUAA4IBAQAd6jBgTT6aTtQQ
4Rr6awman/b+9PDl+ZHkR6scH/p/Eg9OkYvY4o7fh+W3Ho78gZrGlOQHn1yCgegv
TbR9uouoBPmiykffix606txYeP7xasVnkXdld5tTSF7Qmrn9kGHm1ymGQm6YPyVu
rTKLbnhIN1qVP9Ag/pnDPMh30I/5WbvVeFYoBsf9T02MYhQV6fic1aV9IcgZmVU0
Y7tDcyETJOJOiUJiJXacoYgyn3ddnW0Bv14zsdXz/BrZhnHAhaTsxszleyij1qJB
xZjbhRufIvyUr143SWQNG516lFcfEr2eB/fZCHKMsGtmqnQP1vJlOj7B04+sppzC
MwbtafoK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:08 2025 by rpki-client