Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/lWEsXitqHdrZM7Bwm2YOAbM2q44.roa
File: lWEsXitqHdrZM7Bwm2YOAbM2q44.roa (raw, json)
Hash identifier: FWqhKI1V8U0kHlp/DA484+08TmfewXUfoNgbRa0YrNk=
Subject key identifier: 95:61:2C:5E:2B:6A:1D:DA:D9:33:B0:70:9B:66:0E:01:B3:36:AB:8E
Certificate issuer: /CN=f9356a96e74ea2d72b6545c87c79d212d72a7bde
Certificate serial: 018CC26D34B40CF5FC23E4E23FC95439E6B3
Authority key identifier: F9:35:6A:96:E7:4E:A2:D7:2B:65:45:C8:7C:79:D2:12:D7:2A:7B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/lWEsXitqHdrZM7Bwm2YOAbM2q44.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15576
IP address blocks: 94.126.248.0/21 maxlen: 21
87.237.168.0/21 maxlen: 21
87.237.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:34:b4:0c:f5:fc:23:e4:e2:3f:c9:54:39:e6:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9356a96e74ea2d72b6545c87c79d212d72a7bde
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95612c5e2b6a1ddad933b0709b660e01b336ab8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8f:9a:5d:ed:d5:70:cf:0b:7b:ef:52:08:ae:
6f:27:c2:a4:f5:de:6d:6b:27:5b:76:cb:ab:17:08:
92:ac:19:63:e1:cf:4d:0e:65:40:95:0c:c8:41:2a:
e3:7e:15:8f:af:9b:1c:7b:d5:3b:a8:8a:fe:54:06:
85:97:ee:a4:1a:89:dd:68:4e:f3:23:e8:e4:65:04:
f6:06:82:0c:40:b8:b5:66:b2:71:e8:1d:37:21:0c:
f6:92:39:33:16:e6:12:64:52:d0:43:20:29:12:46:
6c:19:df:da:0a:cc:c5:13:3f:88:15:cd:55:d9:18:
c8:f3:70:ad:6e:b7:61:0a:6c:61:09:30:ed:04:7d:
92:2b:43:63:9e:8b:8a:a6:8c:e1:26:d2:dd:fb:61:
06:af:05:30:03:4e:13:39:9f:3c:34:a5:96:93:f7:
a5:44:40:14:46:53:ea:41:54:cb:bb:a5:95:11:1e:
ef:b6:a6:f2:1f:cc:41:bd:b2:3d:2e:2c:90:98:5c:
b7:74:92:00:3f:bb:92:77:8d:d9:a9:ca:20:ad:67:
26:73:8c:74:2a:56:a0:98:c8:22:91:86:0f:06:4b:
3a:0f:54:c7:39:21:86:7c:68:d8:bd:11:e9:52:cd:
21:fb:1a:85:97:66:3b:59:94:86:af:95:5e:b0:8a:
7b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:61:2C:5E:2B:6A:1D:DA:D9:33:B0:70:9B:66:0E:01:B3:36:AB:8E
X509v3 Authority Key Identifier:
keyid:F9:35:6A:96:E7:4E:A2:D7:2B:65:45:C8:7C:79:D2:12:D7:2A:7B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TVqludOotcrZUXIfHnSEtcqe94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/lWEsXitqHdrZM7Bwm2YOAbM2q44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9f459f-264d-46ce-87b0-cbb7d2bf6fa1/1/1-TVqludOotcrZUXIfHnSEtcqe94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.168.0/21
94.126.248.0/21
Signature Algorithm: sha256WithRSAEncryption
87:17:e8:a1:c8:1e:33:0b:dd:34:3d:a4:6d:83:6a:7d:54:6c:
f2:05:2d:5d:a3:4d:ea:38:28:7f:7e:b8:40:41:7c:ea:84:f2:
ec:3a:b3:86:2d:d4:b0:26:30:aa:89:e1:bc:92:3e:25:5b:ab:
5d:3c:0e:0f:f9:c9:b3:be:14:db:4d:8b:ce:f1:11:50:22:03:
9f:46:a7:5a:0f:2c:d1:42:fc:6a:47:9d:cd:ed:25:e7:f1:05:
b5:02:84:b8:35:69:1e:0c:da:be:c1:5d:63:b4:af:19:bb:12:
bd:13:58:44:c0:3e:e6:15:ea:ac:4e:40:9b:10:2c:84:c4:0b:
97:64:73:19:63:a8:e8:a0:bc:b2:ee:18:72:b5:2c:df:c7:bb:
ed:a5:93:eb:e5:69:e0:40:83:41:71:39:79:53:b9:c3:fc:b4:
52:0d:57:2c:23:ca:bb:52:e5:82:01:b1:2c:2f:df:01:d4:a1:
48:9c:19:58:fc:19:63:f7:75:34:1b:c1:95:e9:17:df:ad:95:
a9:9e:5d:19:98:9f:30:d0:6e:1d:ce:40:55:86:fc:3a:d0:e8:
d0:c2:8b:71:f7:68:d0:9e:64:06:70:17:8d:53:7a:3f:6c:d6:
2c:17:41:81:a0:8c:70:81:84:ab:69:ea:5a:3c:1f:51:93:e4:
ce:fe:18:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbTS0DPX8I+TiP8lUOeazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MzU2YTk2ZTc0ZWEyZDcyYjY1NDVjODdjNzlkMjEyZDcy
YTdiZGUwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTYxMmM1ZTJiNmExZGRhZDkzM2IwNzA5YjY2MGUwMWIzMzZhYjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4+aXe3VcM8Le+9SCK5vJ8Kk9d5t
aydbdsurFwiSrBlj4c9NDmVAlQzIQSrjfhWPr5sce9U7qIr+VAaFl+6kGondaE7z
I+jkZQT2BoIMQLi1ZrJx6B03IQz2kjkzFuYSZFLQQyApEkZsGd/aCszFEz+IFc1V
2RjI83CtbrdhCmxhCTDtBH2SK0NjnouKpozhJtLd+2EGrwUwA04TOZ88NKWWk/el
REAURlPqQVTLu6WVER7vtqbyH8xBvbI9LiyQmFy3dJIAP7uSd43ZqcogrWcmc4x0
KlagmMgikYYPBks6D1THOSGGfGjYvRHpUs0h+xqFl2Y7WZSGr5VesIp7/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJVhLF4rah3a2TOwcJtmDgGzNquOMB8GA1UdIwQY
MBaAFPk1apbnTqLXK2VFyHx50hLXKnveMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1UVnFsdWRPb3RjclpVWElmSG5TRXRjcWU5NC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvOWY0NTlmLTI2NGQtNDZjZS04N2Iw
LWNiYjdkMmJmNmZhMS8xL2xXRXNYaXRxSGRyWk03QndtMllPQWJNMnE0NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvOWY0NTlmLTI2NGQtNDZjZS04N2IwLWNiYjdkMmJmNmZh
MS8xLzEtVFZxbHVkT290Y3JaVVhJZkhuU0V0Y3FlOTQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBANX7agD
BANefvgwDQYJKoZIhvcNAQELBQADggEBAIcX6KHIHjML3TQ9pG2Dan1UbPIFLV2j
Teo4KH9+uEBBfOqE8uw6s4Yt1LAmMKqJ4bySPiVbq108Dg/5ybO+FNtNi87xEVAi
A59Gp1oPLNFC/GpHnc3tJefxBbUChLg1aR4M2r7BXWO0rxm7Er0TWETAPuYV6qxO
QJsQLITEC5dkcxljqOigvLLuGHK1LN/Hu+2lk+vlaeBAg0FxOXlTucP8tFINVywj
yrtS5YIBsSwv3wHUoUicGVj8GWP3dTQbwZXpF9+tlameXRmYnzDQbh3OQFWG/DrQ
6NDCi3H3aNCeZAZwF41Tej9s1iwXQYGgjHCBhKtp6lo8H1GT5M7+GOA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:19 2025 by rpki-client