Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/cZRmcroHplMdW_QA8HVWb63x41Q.roa
File: cZRmcroHplMdW_QA8HVWb63x41Q.roa (raw, json)
Hash identifier: 9BoPB8a6qDVx2i4XMjU8CmiiEFJptWlNqwx3RUATpYU=
Subject key identifier: 71:94:66:72:BA:07:A6:53:1D:5B:F4:00:F0:75:56:6F:AD:F1:E3:54
Certificate issuer: /CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
Certificate serial: 019426D9EC8FF1D3D32EA5DF092715FA5E50
Authority key identifier: D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/cZRmcroHplMdW_QA8HVWb63x41Q.roa
Signing time: Thu 02 Jan 2025 11:50:03 +0000
ROA not before: Thu 02 Jan 2025 11:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 95.128.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 16:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ec:8f:f1:d3:d3:2e:a5:df:09:27:15:fa:5e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
Validity
Not Before: Jan 2 11:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71946672ba07a6531d5bf400f075566fadf1e354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:50:4a:5f:0f:04:f7:f2:51:ff:06:42:23:cb:
75:43:62:7f:b5:74:03:d5:da:36:fd:fb:52:cb:9d:
65:45:c3:21:74:bb:fd:23:da:4d:a3:4b:fe:e6:2c:
66:a9:41:ca:ea:a3:e0:d6:66:59:a7:33:33:69:85:
24:15:07:15:64:ca:ce:d7:f0:fb:a1:c4:08:3f:11:
40:97:34:2d:f9:24:49:43:ec:26:1d:c2:ea:9b:75:
ae:03:39:18:e1:f2:69:d0:55:79:7c:df:f7:11:9f:
b8:81:65:e5:49:17:bf:13:95:64:49:a4:df:2c:b5:
ca:d7:30:24:ab:47:7d:04:24:8a:70:23:c3:4b:3d:
e8:ab:c0:e5:35:dd:f6:4e:26:f9:9b:15:e0:c0:72:
f7:99:33:23:5e:f1:4e:de:8e:9f:ea:71:90:16:aa:
0c:1e:ec:ae:7d:cb:7d:65:82:95:28:3f:3f:1a:39:
50:e8:c2:cc:37:b9:3f:e4:59:a0:23:47:0e:eb:e9:
85:71:eb:ff:ba:54:1f:75:7f:28:c0:76:8a:e1:0d:
ab:1a:98:0c:b9:d1:04:cc:64:fe:32:75:9f:b6:b3:
1d:9d:78:7a:51:e4:b2:6b:21:a0:93:4d:f3:a1:02:
fd:2e:ff:7b:30:e4:7c:49:4a:f5:c9:9e:ee:86:64:
9f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:94:66:72:BA:07:A6:53:1D:5B:F4:00:F0:75:56:6F:AD:F1:E3:54
X509v3 Authority Key Identifier:
keyid:D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/cZRmcroHplMdW_QA8HVWb63x41Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/04zZRAVS59q5zVYx1KuHJFFTW3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.156.0/24
Signature Algorithm: sha256WithRSAEncryption
49:1a:17:7b:6b:d8:bd:7a:b4:36:c3:2c:07:dd:dd:92:69:e1:
26:d8:4a:74:11:7b:0a:14:3e:f2:ee:21:b2:e1:e7:b3:83:41:
73:eb:fb:3e:4d:b0:10:84:fb:5c:86:ce:b7:5c:9d:9f:e7:26:
6b:f6:43:b3:4e:c3:be:93:77:cd:d3:34:b4:5e:db:f9:47:d4:
df:08:d9:ae:41:25:9f:0a:c4:82:cc:f1:64:0c:38:4d:ea:cd:
bc:39:e7:01:83:50:78:62:8b:31:2a:04:31:5f:3d:6b:0b:cb:
5c:44:38:92:6a:9f:ff:4b:cc:e3:62:0b:b6:73:b3:ba:fc:a5:
3e:85:61:cc:c4:fc:bd:d1:be:7d:22:29:3a:8f:74:82:81:48:
36:3c:90:5c:17:25:1a:4c:76:92:46:1c:62:a3:58:36:a4:37:
6c:8e:d2:96:21:fc:fa:9c:51:fa:17:fc:7e:31:75:2a:73:0a:
33:fb:2b:64:f0:8d:aa:1e:8f:f8:13:42:bc:b1:f8:c5:f5:ad:
ea:e1:73:c8:a1:6b:ad:ee:00:d0:24:3d:9a:0f:82:f6:c4:af:
6b:4e:98:e9:10:08:f7:b9:3f:5e:9a:ba:82:76:82:5f:d8:73:
1c:05:15:dd:82:6c:0c:b1:2f:03:32:75:22:f5:99:ee:90:7c:
0b:94:0d:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2eyP8dPTLqXfCScV+l5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOGNkOTQ0MDU1MmU3ZGFiOWNkNTYzMWQ0YWI4NzI0NTE1
MzViN2EwHhcNMjUwMTAyMTE1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk0NjY3MmJhMDdhNjUzMWQ1YmY0MDBmMDc1NTY2ZmFkZjFlMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFBKXw8E9/JR/wZCI8t1Q2J/tXQD
1do2/ftSy51lRcMhdLv9I9pNo0v+5ixmqUHK6qPg1mZZpzMzaYUkFQcVZMrO1/D7
ocQIPxFAlzQt+SRJQ+wmHcLqm3WuAzkY4fJp0FV5fN/3EZ+4gWXlSRe/E5VkSaTf
LLXK1zAkq0d9BCSKcCPDSz3oq8DlNd32Tib5mxXgwHL3mTMjXvFO3o6f6nGQFqoM
Huyufct9ZYKVKD8/GjlQ6MLMN7k/5FmgI0cO6+mFcev/ulQfdX8owHaK4Q2rGpgM
udEEzGT+MnWftrMdnXh6UeSyayGgk03zoQL9Lv97MOR8SUr1yZ7uhmSf5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGUZnK6B6ZTHVv0APB1Vm+t8eNUMB8GA1UdIwQY
MBaAFNOM2UQFUufauc1WMdSrhyRRU1t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMt
N2M2NWE4NTJmMDkyLzEvY1pSbWNyb0hwbE1kV19RQThIVldiNjN4NDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMtN2M2NWE4NTJmMDky
LzEvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4CcMA0G
CSqGSIb3DQEBCwUAA4IBAQBJGhd7a9i9erQ2wywH3d2SaeEm2Ep0EXsKFD7y7iGy
4eezg0Fz6/s+TbAQhPtchs63XJ2f5yZr9kOzTsO+k3fN0zS0Xtv5R9TfCNmuQSWf
CsSCzPFkDDhN6s28OecBg1B4YosxKgQxXz1rC8tcRDiSap//S8zjYgu2c7O6/KU+
hWHMxPy90b59Iik6j3SCgUg2PJBcFyUaTHaSRhxio1g2pDdsjtKWIfz6nFH6F/x+
MXUqcwoz+ytk8I2qHo/4E0K8sfjF9a3q4XPIoWut7gDQJD2aD4L2xK9rTpjpEAj3
uT9emrqCdoJf2HMcBRXdgmwMsS8DMnUi9ZnukHwLlA3Z
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:37:03 2025 by rpki-client