Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/2RipuJJw9nGGI62Ki0NRHF2towQ.roa
File: 2RipuJJw9nGGI62Ki0NRHF2towQ.roa (raw, json)
Hash identifier: cqzYc77XhzVLk5s+ScQCNWvueIAFGoGIeSZOFWoOEIw=
Subject key identifier: D9:18:A9:B8:92:70:F6:71:86:23:AD:8A:8B:43:51:1C:5D:AD:A3:04
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 0193CF66D388C13FFE12C649D45C38D48C7F
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/2RipuJJw9nGGI62Ki0NRHF2towQ.roa
Signing time: Mon 16 Dec 2024 12:17:22 +0000
ROA not before: Mon 16 Dec 2024 12:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206849
IP address blocks: 95.173.166.0/24 maxlen: 24
95.173.167.0/24 maxlen: 24
95.173.173.0/24 maxlen: 24
95.173.174.0/24 maxlen: 24
95.173.175.0/24 maxlen: 24
95.173.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:66:d3:88:c1:3f:fe:12:c6:49:d4:5c:38:d4:8c:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Dec 16 12:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d918a9b89270f6718623ad8a8b43511c5dada304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d7:eb:ff:07:35:85:4f:f1:5c:f3:29:03:75:
f0:58:41:8f:be:87:1f:b1:f7:39:83:73:23:77:9a:
9d:6e:b0:98:a3:8b:c1:3d:8b:22:11:b2:98:2a:d6:
6f:4b:4e:95:eb:0f:49:bb:9d:18:e8:39:b1:1b:55:
8a:92:63:bd:79:f7:cf:04:bf:86:b2:17:ff:95:a4:
ac:94:25:4e:02:25:a0:10:f8:bc:e7:2c:3c:73:65:
c1:b9:3e:af:da:06:c1:ef:06:2e:b1:ec:a9:53:2c:
ed:3d:cc:52:2e:57:72:20:73:3b:5c:ba:3a:c8:13:
8b:b5:68:74:6d:11:9a:ae:69:73:61:f8:42:87:dd:
af:08:f3:6c:57:6a:f1:5a:bb:25:c5:b1:37:de:83:
40:d6:87:1e:56:08:62:71:c1:1f:54:c6:17:cd:45:
86:41:0a:af:79:ed:ee:2c:b6:5e:84:1a:b7:49:6b:
36:a9:a1:2e:dc:67:39:39:6e:c8:97:a7:19:58:14:
78:32:83:23:d2:05:29:ae:d1:cd:5f:81:59:1a:0a:
73:b6:0f:c9:3d:04:a7:3f:d7:7b:da:95:94:2a:cc:
fe:1b:1e:4b:73:e6:40:5b:cf:30:ef:c9:2a:6b:ec:
43:81:78:b6:9e:39:97:5a:d8:7b:19:bb:ca:06:fe:
2d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:18:A9:B8:92:70:F6:71:86:23:AD:8A:8B:43:51:1C:5D:AD:A3:04
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/2RipuJJw9nGGI62Ki0NRHF2towQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.166.0/23
95.173.173.0-95.173.176.255
Signature Algorithm: sha256WithRSAEncryption
9e:f7:9b:8b:70:b0:76:a2:93:4b:ae:15:b3:70:28:9a:de:cb:
55:e2:f1:49:05:ab:38:ff:8c:fc:4f:00:99:4c:84:86:51:48:
60:78:55:09:83:c7:06:05:b6:aa:a3:1c:78:f7:04:ab:ce:12:
ba:b4:16:f6:c9:11:d9:d3:c6:67:dd:6e:b0:e8:e9:42:ca:1a:
73:d4:4d:3c:c0:f3:72:77:78:2a:47:32:c6:65:fb:43:5f:e4:
d5:e2:86:62:1a:3f:3e:50:0f:9f:ef:e6:39:14:85:f4:05:8f:
8f:cd:1f:0a:e3:ac:3f:52:68:2a:91:56:d1:99:51:59:1e:46:
2a:00:d9:a8:2e:88:57:91:88:21:87:37:45:13:c1:bc:3c:b0:
7d:3d:cc:b5:0c:6d:65:11:49:cc:81:77:43:37:04:a6:5d:f9:
a0:f3:db:45:87:bb:10:58:97:b1:d8:c3:f5:1c:49:9f:dd:91:
9b:a5:f0:65:0c:ed:a1:9d:6c:b1:f7:eb:61:fd:56:b4:be:cb:
80:45:f0:14:74:1d:6a:f0:2e:2f:85:a5:13:aa:72:2a:c9:a0:
39:ce:3c:14:02:5b:ed:17:ae:67:c5:f5:9e:d4:9e:08:28:7a:
a2:04:77:f0:c3:15:7d:56:4e:dc:8c:6b:45:c0:61:27:41:86:
49:ad:63:8a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZPPZtOIwT/+EsZJ1Fw41Ix/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjQxMjE2MTIxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTE4YTliODkyNzBmNjcxODYyM2FkOGE4YjQzNTExYzVkYWRhMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9fr/wc1hU/xXPMpA3XwWEGPvocf
sfc5g3Mjd5qdbrCYo4vBPYsiEbKYKtZvS06V6w9Ju50Y6DmxG1WKkmO9effPBL+G
shf/laSslCVOAiWgEPi85yw8c2XBuT6v2gbB7wYuseypUyztPcxSLldyIHM7XLo6
yBOLtWh0bRGarmlzYfhCh92vCPNsV2rxWrslxbE33oNA1oceVghiccEfVMYXzUWG
QQqvee3uLLZehBq3SWs2qaEu3Gc5OW7Il6cZWBR4MoMj0gUprtHNX4FZGgpztg/J
PQSnP9d72pWUKsz+Gx5Lc+ZAW88w78kqa+xDgXi2njmXWth7GbvKBv4tGwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNkYqbiScPZxhiOtiotDURxdraMEMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvMlJpcHVKSnc5bkdHSTYyS2kwTlJIRjJ0b3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBX62mMAwD
BABfra0DBABfrbAwDQYJKoZIhvcNAQELBQADggEBAJ73m4twsHaik0uuFbNwKJre
y1Xi8UkFqzj/jPxPAJlMhIZRSGB4VQmDxwYFtqqjHHj3BKvOErq0FvbJEdnTxmfd
brDo6ULKGnPUTTzA83J3eCpHMsZl+0Nf5NXihmIaPz5QD5/v5jkUhfQFj4/NHwrj
rD9SaCqRVtGZUVkeRioA2aguiFeRiCGHN0UTwbw8sH09zLUMbWURScyBd0M3BKZd
+aDz20WHuxBYl7HYw/UcSZ/dkZul8GUM7aGdbLH362H9VrS+y4BF8BR0HWrwLi+F
pROqcirJoDnOPBQCW+0XrmfF9Z7UnggoeqIEd/DDFX1WTtyMa0XAYSdBhkmtY4o=
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:32:35 2025 by rpki-client