Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/jMLM9he_g_oeYfkag_dZlplLzAs.roa
File: jMLM9he_g_oeYfkag_dZlplLzAs.roa (raw, json)
Hash identifier: jIgY4WGKPY/cPGUq0USz0+rrfR2mqN3THW5BogQIl6s=
Subject key identifier: 8C:C2:CC:F6:17:BF:83:FA:1E:61:F9:1A:83:F7:59:96:99:4B:CC:0B
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFA9C13AE50919596EDBA351954FA4
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/jMLM9he_g_oeYfkag_dZlplLzAs.roa
Signing time: Tue 02 Jan 2024 06:32:30 +0000
ROA not before: Tue 02 Jan 2024 06:32:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205125
IP address blocks: 45.95.201.0/24 maxlen: 24
2a0d:8340::/32 maxlen: 32
2a03:e2c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a9:c1:3a:e5:09:19:59:6e:db:a3:51:95:4f:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cc2ccf617bf83fa1e61f91a83f75996994bcc0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:da:9f:6f:ca:02:4f:86:c5:5e:63:f6:6b:96:
be:c9:a6:cf:39:4b:8e:99:4a:84:6f:2b:33:91:bf:
37:d6:32:72:c0:21:20:03:bb:4b:28:45:b5:fe:9f:
1e:69:c5:db:02:f1:6e:6e:6d:7d:68:79:2b:0c:33:
2b:ba:49:b8:ba:af:af:58:c4:36:1b:03:7f:50:3f:
33:f3:2f:1d:86:54:10:02:9b:34:88:0d:85:d3:d9:
02:df:90:9d:c3:fa:9c:e5:f4:6f:30:e0:ca:79:b3:
94:61:0c:16:de:c5:1b:23:be:16:dd:2b:f1:69:0f:
3c:be:c1:68:4b:72:7d:7d:ad:f5:1a:ca:38:e8:84:
73:b5:41:a6:70:04:91:e4:59:02:34:b8:6b:da:8c:
3b:4d:29:9a:a8:8f:43:b8:83:7c:fa:6d:41:ff:36:
6a:03:01:53:b2:81:eb:cc:29:da:07:a4:79:d6:65:
df:dc:df:54:0a:c5:0e:fb:a1:e4:c2:1e:81:23:49:
d3:25:38:81:18:80:36:42:64:fa:b0:85:d0:fb:30:
ab:c4:2c:f2:11:25:b7:5a:b7:d9:89:39:fc:c7:12:
29:f7:61:4c:31:54:83:7e:d0:10:76:f4:33:22:ec:
40:4f:7a:c4:c6:23:61:dd:0c:88:63:a4:e0:f6:dd:
9f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C2:CC:F6:17:BF:83:FA:1E:61:F9:1A:83:F7:59:96:99:4B:CC:0B
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/jMLM9he_g_oeYfkag_dZlplLzAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.201.0/24
IPv6:
2a03:e2c0::/32
2a0d:8340::/32
Signature Algorithm: sha256WithRSAEncryption
19:4f:a1:f8:71:80:c0:3e:cb:e9:38:f8:1f:4d:96:5c:3d:d9:
69:5c:e9:c6:b4:ee:37:8b:0e:ee:70:34:f6:a0:fb:c5:07:44:
c1:7f:62:81:a5:25:85:05:e8:7f:09:e1:0a:58:ab:bb:cb:5e:
57:da:d0:22:c3:2d:7b:9e:4f:fd:e1:ad:51:c4:40:44:dd:c3:
5c:df:07:69:e4:c2:25:ea:2d:03:13:c8:cf:58:e5:92:ee:46:
8f:7c:a7:7a:49:9b:c6:f5:eb:19:46:1f:87:82:13:73:ad:8d:
0e:78:83:c4:4d:17:2f:e9:34:f7:a4:06:42:01:d3:69:43:34:
24:8d:51:4c:47:76:08:44:03:d3:d5:48:bd:5e:b2:d2:a6:a7:
04:10:a8:be:fe:3e:24:c7:9a:16:e1:bd:86:88:88:18:50:1f:
f8:db:11:df:94:cf:ee:6f:8c:07:a0:41:e4:77:a8:bd:20:2d:
04:04:b7:85:16:81:90:b7:0d:99:96:98:85:ee:7f:62:bf:5f:
3a:59:ca:58:ab:50:f5:c1:95:3a:53:04:a3:c5:d5:15:e7:47:
8f:05:2b:7e:f3:39:9f:91:f3:72:47:72:28:72:78:9e:89:4d:
80:d9:c4:bf:5b:6b:4b:75:6a:f2:d5:4c:ed:9e:3f:a2:12:1a:
41:85:88:be
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzI36nBOuUJGVlu26NRlU+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2MyY2NmNjE3YmY4M2ZhMWU2MWY5MWE4M2Y3NTk5Njk5NGJjYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtqfb8oCT4bFXmP2a5a+yabPOUuO
mUqEbyszkb831jJywCEgA7tLKEW1/p8eacXbAvFubm19aHkrDDMrukm4uq+vWMQ2
GwN/UD8z8y8dhlQQAps0iA2F09kC35Cdw/qc5fRvMODKebOUYQwW3sUbI74W3Svx
aQ88vsFoS3J9fa31Gso46IRztUGmcASR5FkCNLhr2ow7TSmaqI9DuIN8+m1B/zZq
AwFTsoHrzCnaB6R51mXf3N9UCsUO+6Hkwh6BI0nTJTiBGIA2QmT6sIXQ+zCrxCzy
ESW3WrfZiTn8xxIp92FMMVSDftAQdvQzIuxAT3rExiNh3QyIY6Tg9t2ffwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIzCzPYXv4P6HmH5GoP3WZaZS8wLMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvak1MTTloZV9nX29lWWZrYWdfZFpscGxMekFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQALV/JMBQE
AgACMA4DBQAqA+LAAwUAKg2DQDANBgkqhkiG9w0BAQsFAAOCAQEAGU+h+HGAwD7L
6Tj4H02WXD3ZaVzpxrTuN4sO7nA09qD7xQdEwX9igaUlhQXofwnhCliru8teV9rQ
IsMte55P/eGtUcRARN3DXN8HaeTCJeotAxPIz1jlku5Gj3ynekmbxvXrGUYfh4IT
c62NDniDxE0XL+k096QGQgHTaUM0JI1RTEd2CEQD09VIvV6y0qanBBCovv4+JMea
FuG9hoiIGFAf+NsR35TP7m+MB6BB5HeovSAtBAS3hRaBkLcNmZaYhe5/Yr9fOlnK
WKtQ9cGVOlMEo8XVFedHjwUrfvM5n5HzckdyKHJ4nolNgNnEv1trS3Vq8tVM7Z4/
ohIaQYWIvg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:10 2025 by rpki-client