Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/ki5FJujoPftehLyKkPiUeTtolHI.roa
File: ki5FJujoPftehLyKkPiUeTtolHI.roa (raw, json)
Hash identifier: SeU56hsJCeVP7UfJ7NxmdG3R19uvcJP23YZEzFrnyuQ=
Subject key identifier: 92:2E:45:26:E8:E8:3D:FB:5E:84:BC:8A:90:F8:94:79:3B:68:94:72
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 0194266C34A7FEAA95F800284349C80FDCD3
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/ki5FJujoPftehLyKkPiUeTtolHI.roa
Signing time: Thu 02 Jan 2025 09:50:13 +0000
ROA not before: Thu 02 Jan 2025 09:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 195.222.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 19:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:34:a7:fe:aa:95:f8:00:28:43:49:c8:0f:dc:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Jan 2 09:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=922e4526e8e83dfb5e84bc8a90f894793b689472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:63:fe:f3:56:16:cd:73:b3:98:f3:b3:37:18:
99:4a:c4:f9:84:0e:ae:24:1d:02:98:87:80:a0:ed:
73:6e:ca:a7:ef:b1:96:50:d7:83:8a:8b:72:f9:2a:
23:17:6e:d8:e3:5e:2f:41:4e:25:31:42:4e:fb:ef:
24:7c:b5:3d:76:72:30:a0:c0:9f:90:1e:dc:34:d1:
f3:66:57:a1:51:7f:7f:d2:1c:f0:05:ab:ee:b5:b2:
61:0c:99:76:1f:a3:07:1e:21:6e:b5:77:d8:2e:b9:
a0:78:89:76:8b:48:91:66:2f:6d:f0:0b:8b:e6:16:
82:c2:20:4f:83:86:73:8c:91:ac:33:c7:68:20:f4:
6e:aa:7b:17:65:e5:36:e5:eb:e8:6f:e1:00:bd:7e:
34:6a:ba:38:34:b9:30:81:a8:36:5f:97:50:54:4d:
ee:b4:e5:a5:ae:d1:e1:fd:52:9c:a6:ba:54:f1:a5:
a6:1b:14:f2:d2:19:cb:38:51:f9:eb:de:12:17:63:
7b:55:d7:26:bd:41:3a:4e:ba:24:09:f0:c3:09:33:
3d:f9:ea:b2:87:8b:7b:d2:ca:69:47:9e:93:b1:ab:
c1:98:b3:26:ce:06:88:5a:c1:f0:68:39:b1:76:27:
48:90:b9:49:d1:3e:17:3b:e6:78:5d:dc:63:ea:f4:
d9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:2E:45:26:E8:E8:3D:FB:5E:84:BC:8A:90:F8:94:79:3B:68:94:72
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/ki5FJujoPftehLyKkPiUeTtolHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.222.127.0/24
Signature Algorithm: sha256WithRSAEncryption
69:fe:21:f8:bc:0d:ad:4d:47:78:84:a3:4b:9e:01:8d:86:61:
2a:12:f1:ba:9a:74:9a:15:3c:ff:20:2f:35:b9:79:30:a2:8a:
82:38:a0:d1:fb:0c:38:a1:b6:9f:f3:54:71:4c:9f:c9:f2:c1:
e2:d3:93:c2:92:4d:0b:09:07:66:7a:f5:f5:45:07:76:34:82:
ab:5b:8f:71:a8:4d:ee:d6:59:31:a5:8a:1a:e6:80:cc:43:eb:
57:73:3e:46:17:f9:aa:92:dd:ea:00:51:7a:03:57:25:55:0d:
e9:f3:6f:1c:83:09:16:e6:2f:54:8f:2a:96:cb:d9:34:bf:bb:
2e:04:23:2c:3e:d1:76:c0:eb:fe:2e:76:25:a3:65:68:5b:a4:
a1:3f:a0:cb:9c:c3:6a:1f:4d:0a:60:2f:13:fe:71:02:45:11:
58:71:cb:36:28:bf:b8:d3:94:21:b6:53:70:1a:13:37:16:d0:
8a:a2:58:83:f1:40:42:35:1b:cb:ca:a3:27:a6:a6:92:f2:31:
d7:cf:b8:1d:0e:f8:8d:26:d9:ff:5e:ba:28:b2:b4:78:27:af:
30:a6:39:e4:69:04:90:4f:bc:d5:d8:55:ed:5f:36:e7:7f:41:
a6:92:f3:48:c9:86:e6:58:47:41:35:8e:31:3b:62:25:17:e8:
da:c4:77:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbDSn/qqV+AAoQ0nID9zTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjUwMTAyMDk1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjJlNDUyNmU4ZTgzZGZiNWU4NGJjOGE5MGY4OTQ3OTNiNjg5NDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2P+81YWzXOzmPOzNxiZSsT5hA6u
JB0CmIeAoO1zbsqn77GWUNeDioty+SojF27Y414vQU4lMUJO++8kfLU9dnIwoMCf
kB7cNNHzZlehUX9/0hzwBavutbJhDJl2H6MHHiFutXfYLrmgeIl2i0iRZi9t8AuL
5haCwiBPg4ZzjJGsM8doIPRuqnsXZeU25evob+EAvX40aro4NLkwgag2X5dQVE3u
tOWlrtHh/VKcprpU8aWmGxTy0hnLOFH5694SF2N7VdcmvUE6TrokCfDDCTM9+eqy
h4t70sppR56TsavBmLMmzgaIWsHwaDmxdidIkLlJ0T4XO+Z4Xdxj6vTZrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIuRSbo6D37XoS8ipD4lHk7aJRyMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEva2k1Rkp1am9QZnRlaEx5S2tQaVVlVHRvbEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw95/MA0G
CSqGSIb3DQEBCwUAA4IBAQBp/iH4vA2tTUd4hKNLngGNhmEqEvG6mnSaFTz/IC81
uXkwooqCOKDR+ww4obaf81RxTJ/J8sHi05PCkk0LCQdmevX1RQd2NIKrW49xqE3u
1lkxpYoa5oDMQ+tXcz5GF/mqkt3qAFF6A1clVQ3p828cgwkW5i9UjyqWy9k0v7su
BCMsPtF2wOv+LnYlo2VoW6ShP6DLnMNqH00KYC8T/nECRRFYccs2KL+405QhtlNw
GhM3FtCKoliD8UBCNRvLyqMnpqaS8jHXz7gdDviNJtn/XroosrR4J68wpjnkaQSQ
T7zV2FXtXzbnf0GmkvNIyYbmWEdBNY4xO2IlF+jaxHdh
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:14:56 2025 by rpki-client