Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2efb68-ff0e-44c1-aaa1-ecb1f29ccff2/1/2W-KsD0vCSxDyFzvc-b7Vci8HgU.roa
File: 2W-KsD0vCSxDyFzvc-b7Vci8HgU.roa (raw, json)
Hash identifier: hUfRP6/ngs8FhJhU6sJDBldMXaKZ3Fqn8VWVSXry8R0=
Subject key identifier: D9:6F:8A:B0:3D:2F:09:2C:43:C8:5C:EF:73:E6:FB:55:C8:BC:1E:05
Certificate issuer: /CN=7ebb13031bb5a94ba32933b425dc9150161c9528
Certificate serial: 0193AED80662EC3A4551E495281B7BDB731C
Authority key identifier: 7E:BB:13:03:1B:B5:A9:4B:A3:29:33:B4:25:DC:91:50:16:1C:95:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/frsTAxu1qUujKTO0JdyRUBYclSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2efb68-ff0e-44c1-aaa1-ecb1f29ccff2/1/2W-KsD0vCSxDyFzvc-b7Vci8HgU.roa
Signing time: Tue 10 Dec 2024 04:33:33 +0000
ROA not before: Tue 10 Dec 2024 04:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48955
IP address blocks: 195.189.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ae:d8:06:62:ec:3a:45:51:e4:95:28:1b:7b:db:73:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ebb13031bb5a94ba32933b425dc9150161c9528
Validity
Not Before: Dec 10 04:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d96f8ab03d2f092c43c85cef73e6fb55c8bc1e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:66:10:52:a1:c9:41:a8:11:7d:3a:ae:ac:ab:
51:b7:d8:7c:85:27:d7:49:b3:79:4f:31:8d:7a:f6:
c4:6a:d5:1c:2b:20:5e:f9:5c:60:45:b6:34:50:ec:
f1:9d:86:4b:df:a1:8d:f0:20:fc:9a:c5:e2:a1:6e:
f9:4d:fa:f9:85:2f:f1:48:f4:9d:05:23:70:f5:11:
eb:5d:dd:05:d1:d0:17:08:ed:ce:7d:89:ea:c0:b0:
e0:d6:95:27:c8:e6:09:71:47:27:a8:59:d3:12:83:
0d:ff:d7:67:e5:34:14:70:41:b5:c4:3b:5c:d6:a8:
ba:06:47:81:e8:aa:04:43:02:c7:42:dc:5d:c6:38:
d6:dd:88:86:c2:f8:b9:db:b9:e2:40:ac:34:11:b3:
80:96:6a:cc:85:f2:d6:bf:63:1e:62:95:d4:89:62:
b3:cb:bb:f5:0f:d0:e8:78:38:c8:b8:5b:5e:f1:6a:
1a:71:12:6f:bb:55:1a:79:ea:a2:00:72:cf:2d:f9:
9e:88:57:e6:af:6e:85:57:f0:3f:3c:95:6b:5d:20:
8b:27:80:1e:78:16:13:83:78:08:55:38:4f:c6:bd:
6f:26:8d:be:1a:4c:cd:00:76:e0:ed:cc:11:5a:c1:
4b:ff:41:ec:14:e5:f4:b0:f3:04:64:12:f1:22:0d:
5c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:6F:8A:B0:3D:2F:09:2C:43:C8:5C:EF:73:E6:FB:55:C8:BC:1E:05
X509v3 Authority Key Identifier:
keyid:7E:BB:13:03:1B:B5:A9:4B:A3:29:33:B4:25:DC:91:50:16:1C:95:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/frsTAxu1qUujKTO0JdyRUBYclSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2efb68-ff0e-44c1-aaa1-ecb1f29ccff2/1/2W-KsD0vCSxDyFzvc-b7Vci8HgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2efb68-ff0e-44c1-aaa1-ecb1f29ccff2/1/frsTAxu1qUujKTO0JdyRUBYclSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.156.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:82:b9:30:52:e0:f9:d3:4f:c8:85:d1:1a:68:0a:ec:dc:89:
5f:00:a0:1a:b1:b5:5a:00:6e:35:4f:39:51:34:f6:a9:5b:d9:
cd:fc:88:6c:58:84:5d:72:34:09:50:7e:17:1c:06:5d:ac:aa:
e9:35:86:42:b9:44:5d:5e:ac:ff:3c:27:b4:1f:15:67:1e:51:
bb:46:c4:0a:27:70:56:7e:3e:59:d5:e7:ef:0b:c1:be:14:1f:
39:12:ac:57:be:0e:d8:7c:2a:ae:f5:af:c2:10:2d:66:a8:3e:
6d:b9:81:15:73:56:79:f0:f7:ba:33:66:5f:bd:1a:88:74:e0:
db:e7:20:eb:0e:74:ea:b1:67:21:09:4e:c8:a1:e6:23:be:7a:
2a:aa:4b:0a:5d:e4:3a:7b:49:29:41:76:c0:21:26:da:3a:a0:
24:6d:e1:15:3d:5f:43:14:d4:cd:05:78:05:63:1d:ba:23:13:
24:58:8b:7a:e5:64:ae:6f:cf:9c:bf:03:a4:90:44:df:37:f2:
e1:48:a0:a4:d3:76:0f:c1:51:42:60:47:90:9b:17:08:bd:42:
b1:61:1c:25:a2:3e:5e:0b:f0:e4:9d:bc:05:a2:e0:34:bb:0f:
c1:57:69:6d:5c:37:96:5c:45:18:a4:b1:e7:e5:42:83:df:ec:
f7:d5:8b:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOu2AZi7DpFUeSVKBt723McMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYmIxMzAzMWJiNWE5NGJhMzI5MzNiNDI1ZGM5MTUwMTYx
Yzk1MjgwHhcNMjQxMjEwMDQzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTZmOGFiMDNkMmYwOTJjNDNjODVjZWY3M2U2ZmI1NWM4YmMxZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WYQUqHJQagRfTqurKtRt9h8hSfX
SbN5TzGNevbEatUcKyBe+VxgRbY0UOzxnYZL36GN8CD8msXioW75Tfr5hS/xSPSd
BSNw9RHrXd0F0dAXCO3OfYnqwLDg1pUnyOYJcUcnqFnTEoMN/9dn5TQUcEG1xDtc
1qi6BkeB6KoEQwLHQtxdxjjW3YiGwvi527niQKw0EbOAlmrMhfLWv2MeYpXUiWKz
y7v1D9DoeDjIuFte8WoacRJvu1UaeeqiAHLPLfmeiFfmr26FV/A/PJVrXSCLJ4Ae
eBYTg3gIVThPxr1vJo2+GkzNAHbg7cwRWsFL/0HsFOX0sPMEZBLxIg1cvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNlvirA9LwksQ8hc73Pm+1XIvB4FMB8GA1UdIwQY
MBaAFH67EwMbtalLoykztCXckVAWHJUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnJzVEF4dTFxVXVqS1RPMEpkeVJVQlljbFNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yZWZiNjgtZmYwZS00NGMxLWFhYTEt
ZWNiMWYyOWNjZmYyLzEvMlctS3NEMHZDU3hEeUZ6dmMtYjdWY2k4SGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8yZWZiNjgtZmYwZS00NGMxLWFhYTEtZWNiMWYyOWNjZmYy
LzEvZnJzVEF4dTFxVXVqS1RPMEpkeVJVQlljbFNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw72cMA0G
CSqGSIb3DQEBCwUAA4IBAQBdgrkwUuD500/IhdEaaArs3IlfAKAasbVaAG41TzlR
NPapW9nN/IhsWIRdcjQJUH4XHAZdrKrpNYZCuURdXqz/PCe0HxVnHlG7RsQKJ3BW
fj5Z1efvC8G+FB85EqxXvg7YfCqu9a/CEC1mqD5tuYEVc1Z58Pe6M2ZfvRqIdODb
5yDrDnTqsWchCU7IoeYjvnoqqksKXeQ6e0kpQXbAISbaOqAkbeEVPV9DFNTNBXgF
Yx26IxMkWIt65WSub8+cvwOkkETfN/LhSKCk03YPwVFCYEeQmxcIvUKxYRwloj5e
C/DknbwFouA0uw/BV2ltXDeWXEUYpLHn5UKD3+z31YtY
-----END CERTIFICATE-----
Generated at Sun Mar 9 18:04:17 2025 by rpki-client