Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/159wp3sbc6OqnLcTdDlbUu3_RSo.roa
File: 159wp3sbc6OqnLcTdDlbUu3_RSo.roa (raw, json)
Hash identifier: 2Xi/XhVnFBzVOn/J/IHOdw+NQ/Y1mIkTRdIelvw8jqg=
Subject key identifier: D7:9F:70:A7:7B:1B:73:A3:AA:9C:B7:13:74:39:5B:52:ED:FF:45:2A
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0193AFAA6FECD61C36920C085B4EE85C805A
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/159wp3sbc6OqnLcTdDlbUu3_RSo.roa
Signing time: Tue 10 Dec 2024 08:23:22 +0000
ROA not before: Tue 10 Dec 2024 08:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214309
IP address blocks: 195.170.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:af:aa:6f:ec:d6:1c:36:92:0c:08:5b:4e:e8:5c:80:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Dec 10 08:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d79f70a77b1b73a3aa9cb71374395b52edff452a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6d:94:ce:9d:e0:98:8b:38:6d:90:a1:ab:0e:
00:9d:5d:a1:6a:d9:4b:f9:c3:3b:3a:93:f5:8c:52:
87:d8:c7:02:3a:bf:77:da:e3:4e:8c:91:3c:8c:81:
37:f9:b1:31:5d:28:19:ab:1c:e3:6d:9b:c5:a6:2f:
68:d9:85:5e:42:64:2e:34:4b:ad:13:04:df:40:64:
1b:07:bb:7d:f5:d9:8a:d7:09:72:5d:7f:ff:ca:78:
7e:19:52:61:cf:6c:68:2b:18:b7:46:16:9a:f5:95:
37:3b:16:e3:0a:e4:69:00:91:08:d7:01:b3:d6:90:
d2:a1:61:e2:12:49:c2:a7:1a:90:ef:63:2f:2b:3d:
a8:75:43:09:41:b7:00:c9:da:c1:d1:dd:b9:39:e4:
1e:8d:31:f2:39:a3:57:ce:21:dd:d7:69:05:5b:96:
c8:37:e8:8c:52:ce:5f:1e:5b:34:bc:49:b7:e3:88:
49:0d:c7:04:40:d0:d1:b6:7c:5e:a8:ae:48:e0:16:
dd:3a:f2:09:6d:86:58:5e:d7:2d:83:0d:07:56:6a:
53:b5:06:36:42:8f:53:69:e6:e2:f5:56:f8:fd:19:
2c:83:18:c8:fd:fb:d6:21:f3:5e:10:12:4c:21:8f:
9c:9b:a7:36:14:32:d2:7c:d4:37:c9:8b:8b:b5:59:
97:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9F:70:A7:7B:1B:73:A3:AA:9C:B7:13:74:39:5B:52:ED:FF:45:2A
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/159wp3sbc6OqnLcTdDlbUu3_RSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.163.0/24
Signature Algorithm: sha256WithRSAEncryption
77:f9:e7:40:c7:26:48:13:69:ea:8a:01:b8:ad:79:3b:f3:d6:
d4:2b:9e:e7:f3:29:7d:dc:c8:27:42:8b:28:77:e5:50:8f:2b:
f8:3d:8a:f7:a1:b7:45:ae:ed:80:f1:2e:6f:3b:bf:8e:fa:09:
f6:88:b9:86:f6:49:f2:fe:ae:12:43:77:96:da:9e:96:23:23:
62:e6:3e:8e:1d:61:d8:ec:bb:21:02:54:be:0b:9d:a4:4b:d8:
d3:23:e5:80:d7:7f:f7:8c:9d:7a:3f:01:60:b3:da:2f:22:98:
12:8d:87:03:03:a0:82:fe:13:fa:73:ef:ce:f1:5e:67:0c:53:
56:46:fa:98:c9:ee:93:86:8d:bf:16:cd:4a:e3:52:42:d5:08:
d9:88:38:88:47:9f:60:6f:18:fe:b9:7b:e9:09:f3:49:36:0c:
fc:d1:4e:06:4e:42:c3:82:09:46:e4:30:eb:a7:29:7f:30:7c:
1f:e3:d3:b9:00:45:4c:5f:85:c4:71:91:d8:28:2e:7a:40:58:
8e:aa:69:5a:24:cb:47:5e:ec:0d:44:22:c5:4e:2d:f1:63:a5:
cc:9a:20:0f:0a:b3:fe:ff:55:9b:47:bd:94:2f:81:af:df:b1:
87:1e:c7:61:5c:54:c5:8f:42:43:3c:d3:d3:7b:da:2b:e8:20:
e0:bc:b8:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOvqm/s1hw2kgwIW07oXIBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQxMjEwMDgyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzlmNzBhNzdiMWI3M2EzYWE5Y2I3MTM3NDM5NWI1MmVkZmY0NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm2Uzp3gmIs4bZChqw4AnV2hatlL
+cM7OpP1jFKH2McCOr932uNOjJE8jIE3+bExXSgZqxzjbZvFpi9o2YVeQmQuNEut
EwTfQGQbB7t99dmK1wlyXX//ynh+GVJhz2xoKxi3Rhaa9ZU3OxbjCuRpAJEI1wGz
1pDSoWHiEknCpxqQ72MvKz2odUMJQbcAydrB0d25OeQejTHyOaNXziHd12kFW5bI
N+iMUs5fHls0vEm344hJDccEQNDRtnxeqK5I4BbdOvIJbYZYXtctgw0HVmpTtQY2
Qo9Taebi9Vb4/RksgxjI/fvWIfNeEBJMIY+cm6c2FDLSfNQ3yYuLtVmXlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNefcKd7G3Ojqpy3E3Q5W1Lt/0UqMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvMTU5d3Azc2JjNk9xbkxjVGREbGJVdTNfUlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6qjMA0G
CSqGSIb3DQEBCwUAA4IBAQB3+edAxyZIE2nqigG4rXk789bUK57n8yl93MgnQoso
d+VQjyv4PYr3obdFru2A8S5vO7+O+gn2iLmG9kny/q4SQ3eW2p6WIyNi5j6OHWHY
7LshAlS+C52kS9jTI+WA13/3jJ16PwFgs9ovIpgSjYcDA6CC/hP6c+/O8V5nDFNW
RvqYye6Tho2/Fs1K41JC1QjZiDiIR59gbxj+uXvpCfNJNgz80U4GTkLDgglG5DDr
pyl/MHwf49O5AEVMX4XEcZHYKC56QFiOqmlaJMtHXuwNRCLFTi3xY6XMmiAPCrP+
/1WbR72UL4Gv37GHHsdhXFTFj0JDPNPTe9or6CDgvLgG
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:23:42 2025 by rpki-client