Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/3SxyreWjWwl6-nky2_TKu2_Kvdg.roa
File: 3SxyreWjWwl6-nky2_TKu2_Kvdg.roa (raw, json)
Hash identifier: Dm33VJNSUImdDCtpessjJkX0klPdGuOEmfgnbYGF5hE=
Subject key identifier: DD:2C:72:AD:E5:A3:5B:09:7A:FA:79:32:DB:F4:CA:BB:6F:CA:BD:D8
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D5ECBD2B802DEF1700FBBA23AC44B
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/3SxyreWjWwl6-nky2_TKu2_Kvdg.roa
Signing time: Mon 01 Jan 2024 00:29:56 +0000
ROA not before: Mon 01 Jan 2024 00:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196801
IP address blocks: 95.87.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5e:cb:d2:b8:02:de:f1:70:0f:bb:a2:3a:c4:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd2c72ade5a35b097afa7932dbf4cabb6fcabdd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cb:8e:42:16:3e:65:e8:1f:4b:55:2a:f9:f3:
86:96:93:60:89:db:6a:04:e8:50:7b:ef:0a:85:d0:
bb:cf:a1:d1:3e:cd:7e:95:8b:bd:58:e1:e2:1f:3e:
77:5f:de:69:d4:69:40:c9:2e:14:1a:cf:8e:14:99:
4a:30:6f:4a:1e:d6:30:dc:dc:10:14:fa:8f:ae:17:
04:f7:b2:87:d0:9f:31:14:75:3e:44:1a:72:0d:fd:
19:74:d3:b9:2a:6f:2d:d6:ce:45:0f:47:2b:9c:ce:
6d:b8:39:ab:71:1f:3c:58:62:55:56:b8:4f:e2:0d:
74:d5:70:04:c7:24:aa:8a:cd:fb:26:f0:05:5d:69:
a3:2e:f4:ee:87:33:10:3e:0d:e9:2a:83:d8:89:ef:
1d:8f:10:7e:9d:17:6f:fa:52:94:94:47:84:fb:83:
80:84:b2:ac:6e:ab:5c:c5:10:a5:2b:52:65:8e:9e:
39:2c:36:98:40:2d:4d:8a:9c:27:cb:81:1b:b6:cc:
1d:74:96:36:7f:a5:bb:0f:f5:20:de:15:8c:11:10:
72:dc:20:fb:03:f5:f3:10:a6:48:ba:db:70:e7:29:
53:fe:82:8c:91:3d:fc:4a:d1:05:da:50:d3:cb:e1:
b8:e2:31:af:2c:53:c5:33:23:7b:33:01:c7:fe:7e:
37:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2C:72:AD:E5:A3:5B:09:7A:FA:79:32:DB:F4:CA:BB:6F:CA:BD:D8
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/3SxyreWjWwl6-nky2_TKu2_Kvdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.87.251.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:4a:83:61:bd:7d:47:e2:1b:44:cc:69:a2:0b:42:92:7d:ee:
44:57:e8:2e:69:99:25:a7:ee:79:88:59:66:15:c8:e9:d5:b2:
a1:0e:26:64:29:50:8c:66:2f:8f:1c:ef:58:50:2d:80:38:de:
a2:5f:d0:40:20:b6:f3:74:b1:0a:85:87:72:44:36:a4:eb:10:
c5:4c:90:da:4b:97:9b:a3:80:b0:75:f0:da:24:12:03:aa:b1:
08:b7:0c:32:41:d3:3e:4f:4b:5e:19:f2:7e:63:af:05:63:c8:
6d:da:38:d1:bd:f1:eb:13:d5:f9:b1:39:5d:d6:79:a1:60:10:
aa:53:8d:eb:17:03:6a:5a:94:ad:77:a3:03:9c:df:68:7b:26:
95:98:6b:67:4e:7e:b2:d3:d0:f4:56:27:4d:a8:b1:32:1a:7d:
54:79:f7:bb:0e:dd:47:1c:03:04:c3:62:14:6b:d9:56:fa:10:
54:89:a1:52:75:74:6d:9f:f7:63:9c:9c:eb:25:d6:c4:bc:65:
5a:dc:d1:02:c3:f0:e4:4a:ef:9d:b9:b7:39:e0:89:30:cd:3b:
4f:8d:c7:61:d7:bf:56:12:d9:b4:3a:75:a0:e5:62:4e:63:d5:
b8:5b:72:bc:f5:b7:01:2e:31:17:1a:a6:d6:3a:49:5f:5f:05:
b6:24:5b:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbV7L0rgC3vFwD7uiOsRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJjNzJhZGU1YTM1YjA5N2FmYTc5MzJkYmY0Y2FiYjZmY2FiZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcuOQhY+ZegfS1Uq+fOGlpNgidtq
BOhQe+8KhdC7z6HRPs1+lYu9WOHiHz53X95p1GlAyS4UGs+OFJlKMG9KHtYw3NwQ
FPqPrhcE97KH0J8xFHU+RBpyDf0ZdNO5Km8t1s5FD0crnM5tuDmrcR88WGJVVrhP
4g101XAExySqis37JvAFXWmjLvTuhzMQPg3pKoPYie8djxB+nRdv+lKUlEeE+4OA
hLKsbqtcxRClK1Jljp45LDaYQC1Nipwny4EbtswddJY2f6W7D/Ug3hWMERBy3CD7
A/XzEKZIuttw5ylT/oKMkT38StEF2lDTy+G44jGvLFPFMyN7MwHH/n43RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0scq3lo1sJevp5Mtv0yrtvyr3YMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvM1N4eXJlV2pXd2w2LW5reTJfVEt1Ml9LdmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX1f7MA0G
CSqGSIb3DQEBCwUAA4IBAQClSoNhvX1H4htEzGmiC0KSfe5EV+guaZklp+55iFlm
Fcjp1bKhDiZkKVCMZi+PHO9YUC2AON6iX9BAILbzdLEKhYdyRDak6xDFTJDaS5eb
o4CwdfDaJBIDqrEItwwyQdM+T0teGfJ+Y68FY8ht2jjRvfHrE9X5sTld1nmhYBCq
U43rFwNqWpStd6MDnN9oeyaVmGtnTn6y09D0VidNqLEyGn1Uefe7Dt1HHAMEw2IU
a9lW+hBUiaFSdXRtn/djnJzrJdbEvGVa3NECw/DkSu+dubc54IkwzTtPjcdh179W
Etm0OnWg5WJOY9W4W3K89bcBLjEXGqbWOklfXwW2JFug
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:47 2025 by rpki-client