Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Ev7J1skRttFcJ8IRy-HPPiyVtFk.roa
File: Ev7J1skRttFcJ8IRy-HPPiyVtFk.roa (raw, json)
Hash identifier: UvH5R+zSkpY4/3hm6aApKU8hh6CIxf+bWBFwJ67tWKk=
Subject key identifier: 12:FE:C9:D6:C9:11:B6:D1:5C:27:C2:11:CB:E1:CF:3E:2C:95:B4:59
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018CC9BCC2372793E113BCEACE75BB2FD87B
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Ev7J1skRttFcJ8IRy-HPPiyVtFk.roa
Signing time: Tue 02 Jan 2024 10:33:59 +0000
ROA not before: Tue 02 Jan 2024 10:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210995
IP address blocks: 195.53.239.0/24 maxlen: 24
195.76.62.0/24 maxlen: 24
195.76.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c2:37:27:93:e1:13:bc:ea:ce:75:bb:2f:d8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 2 10:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12fec9d6c911b6d15c27c211cbe1cf3e2c95b459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d3:7b:4d:1c:e6:93:78:3c:a9:c2:cd:82:d6:
c4:52:6e:fc:ce:66:13:f0:20:95:e8:b3:db:6c:ed:
7f:4a:fb:99:77:3f:51:7a:8b:c0:00:31:80:5a:e4:
03:fe:4c:bb:22:f7:52:a4:cf:e1:38:ab:d9:0f:96:
5b:80:5f:95:6a:20:e1:dc:90:35:c3:a9:3e:b5:f9:
90:b7:bd:78:02:88:9e:eb:5d:90:6a:55:58:b4:40:
32:60:4c:bd:cb:a5:47:24:bf:30:6e:97:2e:b3:72:
a6:f2:3f:b4:b1:98:80:fb:0c:2d:72:74:3a:a8:c7:
0b:dd:6f:cb:5d:ec:fc:6d:89:d9:33:53:d8:69:b4:
98:2b:f7:51:ff:2f:30:f1:87:7f:a4:72:15:f4:8e:
4b:ef:2a:a9:b2:22:26:48:05:58:e3:b0:dc:4b:02:
c0:c3:38:7c:b2:f1:d2:d0:bd:24:8b:9f:92:00:ca:
15:6c:d9:22:cc:3e:1c:42:c1:0f:42:c5:e7:97:2f:
df:d1:20:f7:f1:a4:d8:3e:87:2e:51:1f:c3:49:2d:
32:4e:b2:83:7a:f2:47:2a:da:64:fe:73:70:42:7f:
ff:9c:d3:2e:83:14:f7:bd:05:9c:8b:b8:13:3f:69:
bb:02:8b:37:22:96:9e:7e:8c:e8:a0:6c:0c:8f:84:
c9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FE:C9:D6:C9:11:B6:D1:5C:27:C2:11:CB:E1:CF:3E:2C:95:B4:59
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/Ev7J1skRttFcJ8IRy-HPPiyVtFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.53.239.0/24
195.76.62.0/23
Signature Algorithm: sha256WithRSAEncryption
06:fd:5d:de:0f:ea:dd:e3:dd:47:ef:fd:08:b2:6c:e5:e2:f3:
d6:07:44:50:ad:df:0d:13:63:9e:0e:8b:49:7e:ab:44:c5:84:
24:30:19:fc:27:e4:06:c1:02:5b:13:b4:49:97:c2:11:0c:10:
95:8d:a0:96:13:f3:ee:79:4d:e7:e2:8c:6a:87:84:97:6a:f9:
ab:6b:e1:14:23:7b:54:1c:6f:d3:24:41:06:5a:70:95:31:dd:
a0:4e:6c:af:7a:1c:e7:86:5d:71:ad:29:83:55:11:d7:73:f5:
6d:9e:57:7b:69:05:41:ab:0f:b3:93:0a:63:b3:c7:ec:1a:b2:
ba:6c:b9:48:fc:3f:06:fe:1a:89:65:a8:c8:4f:18:8d:c9:07:
1d:10:3c:75:c8:aa:0f:07:0c:1c:b1:d4:fa:d7:9d:6d:66:fc:
72:36:d2:5f:eb:5f:e6:13:17:02:a5:39:3d:98:cc:fa:11:20:
2a:8f:88:df:cc:b4:8e:96:11:98:fa:47:40:cf:7d:b8:51:f6:
a2:dd:39:e8:e0:04:cc:b6:14:17:6a:82:07:76:8a:97:06:e4:
ed:d0:f2:a2:c7:3d:42:0b:fe:a3:5a:46:bc:47:c8:04:e3:c0:
f7:8d:a7:63:0a:b8:1c:7e:21:d8:a5:69:9d:f6:a5:4f:d2:b7:
5c:2b:57:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvMI3J5PhE7zqznW7L9h7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTAyMTAzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmZlYzlkNmM5MTFiNmQxNWMyN2MyMTFjYmUxY2YzZTJjOTViNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtN7TRzmk3g8qcLNgtbEUm78zmYT
8CCV6LPbbO1/SvuZdz9ReovAADGAWuQD/ky7IvdSpM/hOKvZD5ZbgF+VaiDh3JA1
w6k+tfmQt714Aoie612QalVYtEAyYEy9y6VHJL8wbpcus3Km8j+0sZiA+wwtcnQ6
qMcL3W/LXez8bYnZM1PYabSYK/dR/y8w8Yd/pHIV9I5L7yqpsiImSAVY47DcSwLA
wzh8svHS0L0ki5+SAMoVbNkizD4cQsEPQsXnly/f0SD38aTYPocuUR/DSS0yTrKD
evJHKtpk/nNwQn//nNMugxT3vQWci7gTP2m7Aos3IpaefozooGwMj4TJuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBL+ydbJEbbRXCfCEcvhzz4slbRZMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvRXY3SjFza1J0dEZjSjhJUnktSFBQaXlWdEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwzXvAwQB
w0w+MA0GCSqGSIb3DQEBCwUAA4IBAQAG/V3eD+rd491H7/0Ismzl4vPWB0RQrd8N
E2OeDotJfqtExYQkMBn8J+QGwQJbE7RJl8IRDBCVjaCWE/PueU3n4oxqh4SXavmr
a+EUI3tUHG/TJEEGWnCVMd2gTmyvehznhl1xrSmDVRHXc/Vtnld7aQVBqw+zkwpj
s8fsGrK6bLlI/D8G/hqJZajITxiNyQcdEDx1yKoPBwwcsdT6151tZvxyNtJf61/m
ExcCpTk9mMz6ESAqj4jfzLSOlhGY+kdAz324Ufai3Tno4ATMthQXaoIHdoqXBuTt
0PKixz1CC/6jWka8R8gE48D3jadjCrgcfiHYpWmd9qVP0rdcK1ez
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:38 2025 by rpki-client