Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a2e97-2570-478b-b9bc-5ebb6378009e/1/aQT4UgJC-6PmGO0qjnl8bemjJEI.roa
File: aQT4UgJC-6PmGO0qjnl8bemjJEI.roa (raw, json)
Hash identifier: 8BbMVJ0RmVRq8h7TOOPRUSTv1xR9phcGJuRUxDecV4U=
Subject key identifier: 69:04:F8:52:02:42:FB:A3:E6:18:ED:2A:8E:79:7C:6D:E9:A3:24:42
Certificate issuer: /CN=e292c8c779b6ed6ede72a8cf11490ef6d7a9e921
Certificate serial: 019532CBF74197FE3B22421AD2642AC87173
Authority key identifier: E2:92:C8:C7:79:B6:ED:6E:DE:72:A8:CF:11:49:0E:F6:D7:A9:E9:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4pLIx3m27W7ecqjPEUkO9tep6SE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a2e97-2570-478b-b9bc-5ebb6378009e/1/aQT4UgJC-6PmGO0qjnl8bemjJEI.roa
Signing time: Sun 23 Feb 2025 12:33:02 +0000
ROA not before: Sun 23 Feb 2025 12:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 95.128.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 11:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:32:cb:f7:41:97:fe:3b:22:42:1a:d2:64:2a:c8:71:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e292c8c779b6ed6ede72a8cf11490ef6d7a9e921
Validity
Not Before: Feb 23 12:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6904f8520242fba3e618ed2a8e797c6de9a32442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:79:97:67:63:2b:d3:1e:a1:f4:94:1f:86:75:
2d:1d:9b:9c:40:cc:fc:74:c9:9b:1d:9c:39:1f:a3:
48:1c:94:ab:09:41:0b:21:fb:79:d9:40:8c:e8:47:
e0:56:c5:8c:1b:45:73:6b:f6:60:02:20:6f:c1:01:
35:e7:04:c9:e6:60:f9:2c:af:b9:01:c8:66:fb:8f:
84:1a:dc:61:76:07:88:98:02:ad:0b:b0:d4:e7:95:
ca:6e:89:68:20:b5:ad:4e:7a:4b:77:56:d8:55:10:
63:41:22:45:33:de:54:16:8d:c1:74:05:77:cf:c1:
d7:67:8e:df:9b:64:63:04:d2:77:e6:1e:39:e3:8f:
97:ac:ea:78:1f:e5:42:48:63:33:8c:30:7d:02:7d:
42:cf:98:9b:a8:70:d8:d1:7c:f2:e4:b5:45:d4:24:
e8:bf:ee:0c:64:94:28:87:6d:11:8f:ff:fd:b9:55:
98:c6:cc:99:ee:49:29:cd:19:10:7b:78:29:30:e2:
5f:5a:4a:f6:17:ad:1b:e2:db:96:e9:a9:44:b0:a5:
22:1b:b9:03:68:fa:ca:b2:60:3b:34:10:5a:10:18:
a7:af:28:73:76:dc:e7:5a:f3:31:83:ba:d5:58:dc:
04:d0:4d:ce:28:b5:27:86:7f:18:9f:40:31:37:85:
47:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:04:F8:52:02:42:FB:A3:E6:18:ED:2A:8E:79:7C:6D:E9:A3:24:42
X509v3 Authority Key Identifier:
keyid:E2:92:C8:C7:79:B6:ED:6E:DE:72:A8:CF:11:49:0E:F6:D7:A9:E9:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4pLIx3m27W7ecqjPEUkO9tep6SE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a2e97-2570-478b-b9bc-5ebb6378009e/1/aQT4UgJC-6PmGO0qjnl8bemjJEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a2e97-2570-478b-b9bc-5ebb6378009e/1/4pLIx3m27W7ecqjPEUkO9tep6SE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.195.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:11:41:46:a7:92:6a:27:4c:26:c0:57:80:b4:a2:72:46:dc:
f7:7a:e8:b4:9d:ea:d6:11:d5:2c:a7:c6:4a:d6:32:49:c8:d8:
b4:ee:63:bb:3a:c4:26:02:e1:61:c1:c2:77:44:42:c8:8f:26:
06:11:df:c3:29:48:46:ca:90:b5:d9:e4:24:fb:f5:ab:b5:ca:
81:5f:60:55:26:b9:6d:90:de:6c:e6:48:ad:35:a1:9f:38:f6:
f8:97:67:5d:27:e8:e3:1e:34:a2:03:fb:af:85:95:d0:52:4f:
d0:d0:a2:5a:93:4b:2a:ce:b6:b9:39:45:14:04:7f:fc:89:61:
42:b6:50:f0:72:40:8c:ef:ba:58:95:79:e5:ba:d0:ef:63:f7:
2e:78:20:02:2c:b8:ee:88:75:8c:02:97:4a:11:f4:78:de:b7:
38:af:80:8c:a2:fc:11:36:d0:7e:d8:10:6e:6a:96:fe:ca:e3:
45:eb:10:f4:44:a6:6a:29:62:94:37:18:a9:42:17:a8:de:66:
dd:7c:81:b1:7f:4b:50:e3:ec:24:fd:f9:aa:4e:b3:52:bf:e7:
3c:86:88:e5:2f:be:bb:af:11:ec:12:2f:8f:a6:c1:e3:c0:62:
21:f3:b5:45:89:fc:ae:5b:79:a8:95:75:6f:39:c9:bf:7a:50:
11:96:98:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUyy/dBl/47IkIa0mQqyHFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOTJjOGM3NzliNmVkNmVkZTcyYThjZjExNDkwZWY2ZDdh
OWU5MjEwHhcNMjUwMjIzMTIzMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA0Zjg1MjAyNDJmYmEzZTYxOGVkMmE4ZTc5N2M2ZGU5YTMyNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXmXZ2Mr0x6h9JQfhnUtHZucQMz8
dMmbHZw5H6NIHJSrCUELIft52UCM6EfgVsWMG0Vza/ZgAiBvwQE15wTJ5mD5LK+5
Achm+4+EGtxhdgeImAKtC7DU55XKboloILWtTnpLd1bYVRBjQSJFM95UFo3BdAV3
z8HXZ47fm2RjBNJ35h4544+XrOp4H+VCSGMzjDB9An1Cz5ibqHDY0Xzy5LVF1CTo
v+4MZJQoh20Rj//9uVWYxsyZ7kkpzRkQe3gpMOJfWkr2F60b4tuW6alEsKUiG7kD
aPrKsmA7NBBaEBinryhzdtznWvMxg7rVWNwE0E3OKLUnhn8Yn0AxN4VHzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkE+FICQvuj5hjtKo55fG3poyRCMB8GA1UdIwQY
MBaAFOKSyMd5tu1u3nKozxFJDvbXqekhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHBMSXgzbTI3VzdlY3FqUEVVa085dGVwNlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTJlOTctMjU3MC00NzhiLWI5YmMt
NWViYjYzNzgwMDllLzEvYVFUNFVnSkMtNlBtR08wcWpubDhiZW1qSkVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTJlOTctMjU3MC00NzhiLWI5YmMtNWViYjYzNzgwMDll
LzEvNHBMSXgzbTI3VzdlY3FqUEVVa085dGVwNlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4DDMA0G
CSqGSIb3DQEBCwUAA4IBAQA6EUFGp5JqJ0wmwFeAtKJyRtz3eui0nerWEdUsp8ZK
1jJJyNi07mO7OsQmAuFhwcJ3RELIjyYGEd/DKUhGypC12eQk+/WrtcqBX2BVJrlt
kN5s5kitNaGfOPb4l2ddJ+jjHjSiA/uvhZXQUk/Q0KJak0sqzra5OUUUBH/8iWFC
tlDwckCM77pYlXnlutDvY/cueCACLLjuiHWMApdKEfR43rc4r4CMovwRNtB+2BBu
apb+yuNF6xD0RKZqKWKUNxipQheo3mbdfIGxf0tQ4+wk/fmqTrNSv+c8hojlL767
rxHsEi+PpsHjwGIh87VFifyuW3molXVvOcm/elARlpgs
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:53:46 2025 by rpki-client