Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/ckWi3LMUdnUEUWwy0NfCSpa-BwU.roa
File: ckWi3LMUdnUEUWwy0NfCSpa-BwU.roa (raw, json)
Hash identifier: X28VppvEB+iiJ9UiOtUnqTcUs8arX5syMaOrL1/RK+k=
Subject key identifier: 72:45:A2:DC:B3:14:76:75:04:51:6C:32:D0:D7:C2:4A:96:BE:07:05
Certificate issuer: /CN=03f3fe6075082be8e588329b43d761bf6e7b01d0
Certificate serial: 018DC01905ECCBBD22AEA585BAA28C575E72
Authority key identifier: 03:F3:FE:60:75:08:2B:E8:E5:88:32:9B:43:D7:61:BF:6E:7B:01:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/ckWi3LMUdnUEUWwy0NfCSpa-BwU.roa
Signing time: Mon 19 Feb 2024 06:41:21 +0000
ROA not before: Mon 19 Feb 2024 06:41:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209823
IP address blocks: 195.24.245.0/24 maxlen: 24
2a12:5541:1::/48 maxlen: 48
2a12:5541:2::/48 maxlen: 48
2a12:5541:a::/48 maxlen: 48
2a12:5542::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 21 May 2024 05:20:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:19:05:ec:cb:bd:22:ae:a5:85:ba:a2:8c:57:5e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03f3fe6075082be8e588329b43d761bf6e7b01d0
Validity
Not Before: Feb 19 06:41:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7245a2dcb314767504516c32d0d7c24a96be0705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:00:83:cf:9c:fe:78:01:b7:53:44:e6:e8:86:
09:18:36:cf:b0:b0:0e:4b:6d:72:c2:e1:b6:8b:b7:
a1:26:38:0f:b5:5a:41:0f:29:b4:52:9a:00:64:1a:
9c:2c:7e:8e:6a:9c:8d:53:02:23:44:ab:e1:e3:fc:
32:76:69:55:fd:19:43:7d:15:c9:89:13:c5:cf:bf:
43:61:79:04:7d:4a:2b:ca:e0:40:cc:77:f3:f4:e4:
17:f9:22:3a:b5:de:ee:21:c4:8d:af:07:26:f1:54:
7e:8f:80:c2:0b:39:83:e4:19:47:f3:6c:6e:ee:95:
a1:6f:cb:c1:3e:31:ed:76:78:eb:2f:d4:6a:62:7f:
f9:ec:0a:b9:74:03:9d:29:76:43:1f:c3:7f:8a:2f:
5c:97:98:ca:25:d4:25:4e:90:5a:6b:2f:9e:58:de:
d4:52:c6:cb:24:0a:d5:a2:bc:e7:71:8c:94:3d:c7:
a3:54:d9:03:27:15:6b:65:70:07:2a:1f:7c:61:50:
12:7b:2a:0a:d2:4b:a4:30:3f:87:1f:1a:bc:c2:9d:
36:3f:8e:d2:62:0f:1f:ac:2d:d6:3a:4b:3e:4f:d5:
46:ac:fa:aa:a0:9b:00:ab:e2:29:b9:f5:22:4d:79:
b2:3a:d9:c7:fe:94:16:61:d6:67:ad:89:2c:df:f4:
1b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:45:A2:DC:B3:14:76:75:04:51:6C:32:D0:D7:C2:4A:96:BE:07:05
X509v3 Authority Key Identifier:
keyid:03:F3:FE:60:75:08:2B:E8:E5:88:32:9B:43:D7:61:BF:6E:7B:01:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/ckWi3LMUdnUEUWwy0NfCSpa-BwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.24.245.0/24
IPv6:
2a12:5541:1::-2a12:5541:2:ffff:ffff:ffff:ffff:ffff
2a12:5541:a::/48
2a12:5542::/32
Signature Algorithm: sha256WithRSAEncryption
63:34:e6:26:8e:67:84:e9:49:d8:22:4b:e8:9b:19:62:90:a8:
1e:db:92:b0:e0:91:fc:48:a1:f8:4d:4a:ab:4b:ea:3c:02:54:
66:ec:17:48:d6:d6:a8:f7:8f:b4:90:1d:7d:1f:47:c6:85:60:
ca:ca:0e:ef:9d:bd:8e:05:7b:38:6c:05:40:2c:e7:e3:69:50:
72:1a:63:f3:6b:02:05:df:f2:bc:eb:63:78:65:84:6d:31:59:
da:12:87:c3:99:61:bc:f6:bc:83:5a:79:ff:d0:17:ea:65:b1:
bf:75:d7:3e:e8:c8:18:7f:21:41:09:bd:02:7e:6b:b3:dd:9a:
4d:82:d3:c2:10:26:45:db:08:56:3a:4d:88:d0:ed:34:58:21:
dd:08:bb:83:89:0c:9c:d3:c1:5e:cb:c2:03:88:52:ae:b0:be:
4c:f9:3a:27:69:1e:56:68:f9:46:eb:cc:f4:f2:f1:9d:fe:db:
f4:33:81:b6:4b:61:eb:f7:b5:66:2d:69:a0:46:00:60:96:f3:
4d:33:46:e4:35:27:43:e8:ba:f5:ed:39:f9:8d:cc:63:89:78:
ca:34:84:b5:c7:35:34:a0:46:75:b0:2a:f8:ee:84:f4:c0:04:
2e:a4:7f:40:0a:b1:8b:a9:4f:cb:c4:8b:fd:d8:7d:74:97:12:
6a:99:f5:c5
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY3AGQXsy70irqWFuqKMV15yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZjNmZTYwNzUwODJiZThlNTg4MzI5YjQzZDc2MWJmNmU3
YjAxZDAwHhcNMjQwMjE5MDY0MTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQ1YTJkY2IzMTQ3Njc1MDQ1MTZjMzJkMGQ3YzI0YTk2YmUwNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArACDz5z+eAG3U0Tm6IYJGDbPsLAO
S21ywuG2i7ehJjgPtVpBDym0UpoAZBqcLH6OapyNUwIjRKvh4/wydmlV/RlDfRXJ
iRPFz79DYXkEfUoryuBAzHfz9OQX+SI6td7uIcSNrwcm8VR+j4DCCzmD5BlH82xu
7pWhb8vBPjHtdnjrL9RqYn/57Aq5dAOdKXZDH8N/ii9cl5jKJdQlTpBaay+eWN7U
UsbLJArVorzncYyUPcejVNkDJxVrZXAHKh98YVASeyoK0kukMD+HHxq8wp02P47S
Yg8frC3WOks+T9VGrPqqoJsAq+IpufUiTXmyOtnH/pQWYdZnrYks3/QbswIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHJFotyzFHZ1BFFsMtDXwkqWvgcFMB8GA1UdIwQY
MBaAFAPz/mB1CCvo5Ygym0PXYb9uewHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84YmY3ZWEtODgzYS00YzQzLTk0NmMt
ODJkYWZlMTA0YmM1LzEvY2tXaTNMTVVkblVFVVd3eTBOZkNTcGEtQndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84YmY3ZWEtODgzYS00YzQzLTk0NmMtODJkYWZlMTA0YmM1
LzEvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQAwxj1MCoE
AgACMCQwEgMHACoSVUEAAQMHACoSVUEAAgMHACoSVUEACgMFACoSVUIwDQYJKoZI
hvcNAQELBQADggEBAGM05iaOZ4TpSdgiS+ibGWKQqB7bkrDgkfxIofhNSqtL6jwC
VGbsF0jW1qj3j7SQHX0fR8aFYMrKDu+dvY4FezhsBUAs5+NpUHIaY/NrAgXf8rzr
Y3hlhG0xWdoSh8OZYbz2vINaef/QF+plsb911z7oyBh/IUEJvQJ+a7Pdmk2C08IQ
JkXbCFY6TYjQ7TRYId0Iu4OJDJzTwV7LwgOIUq6wvkz5OidpHlZo+UbrzPTy8Z3+
2/QzgbZLYev3tWYtaaBGAGCW800zRuQ1J0PouvXtOfmNzGOJeMo0hLXHNTSgRnWw
KvjuhPTABC6kf0AKsYupT8vEi/3YfXSXEmqZ9cU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:11 2025 by rpki-client