Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/ced9b5-9440-4d0b-be1f-1b2e4105eb7e/1/dxsizi8qwxwnyuxi7W8SlNxdVpI.roa
File: dxsizi8qwxwnyuxi7W8SlNxdVpI.roa (raw, json)
Hash identifier: WdHH1QY5yAqtabAf6vtYI1eoYlAEEgxsaDQ38ZZBw5w=
Subject key identifier: 77:1B:22:CE:2F:2A:C3:1C:27:CA:EC:62:ED:6F:12:94:DC:5D:56:92
Certificate issuer: /CN=07248b52d23ebd237b8a8b6e63edd02dfeef984c
Certificate serial: 0192B927F6A9222EC03F5051DAED507EE6E8
Authority key identifier: 07:24:8B:52:D2:3E:BD:23:7B:8A:8B:6E:63:ED:D0:2D:FE:EF:98:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BySLUtI-vSN7iotuY-3QLf7vmEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/ced9b5-9440-4d0b-be1f-1b2e4105eb7e/1/dxsizi8qwxwnyuxi7W8SlNxdVpI.roa
Signing time: Wed 23 Oct 2024 11:34:16 +0000
ROA not before: Wed 23 Oct 2024 11:34:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197697
IP address blocks: 95.156.240.0/21 maxlen: 22
95.214.4.0/22 maxlen: 23
185.54.56.0/22 maxlen: 23
185.122.96.0/22 maxlen: 23
185.122.104.0/22 maxlen: 23
192.162.92.0/22 maxlen: 23
193.186.204.0/22 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:27:f6:a9:22:2e:c0:3f:50:51:da:ed:50:7e:e6:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07248b52d23ebd237b8a8b6e63edd02dfeef984c
Validity
Not Before: Oct 23 11:34:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=771b22ce2f2ac31c27caec62ed6f1294dc5d5692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:55:9b:66:98:95:73:0a:f3:27:da:49:b8:c5:
56:fb:2f:7d:e9:be:1b:33:fd:d4:a1:45:b0:84:2f:
e1:b2:2b:1d:73:c7:3e:d3:92:07:33:a1:27:84:63:
dc:d7:0c:8f:79:26:7d:43:d0:7b:86:a3:8c:55:c0:
0c:23:36:65:51:06:79:b4:aa:ab:57:43:ae:8c:28:
71:54:c5:56:46:80:e4:2d:f2:cd:66:d6:d0:99:d8:
46:e7:d0:ce:b4:42:5b:7b:a2:82:3b:e0:e6:4c:b8:
28:5a:6a:46:02:9d:84:c1:51:37:a7:0c:1e:a1:dd:
93:ac:ca:cc:56:4b:07:1e:d6:7b:19:1a:97:35:69:
87:d8:9c:89:f1:50:6a:44:50:04:e7:07:16:ed:bb:
04:45:47:b4:af:67:84:9f:96:e6:f4:fd:fe:4b:8e:
87:7b:77:f3:7c:6e:a9:a6:6b:58:53:ea:84:7c:d1:
48:e1:c7:ca:70:94:1c:e1:02:21:72:77:53:da:5e:
4d:4c:de:9a:9e:ab:11:6f:e0:df:d8:e8:2f:e5:fa:
15:7e:99:fa:f0:31:e2:2d:b5:ed:32:be:4b:f2:cf:
b7:e4:cc:e6:ce:c6:f7:e4:1d:d0:eb:fe:35:f6:50:
10:cd:64:00:4c:80:2b:e2:b5:f4:8e:bf:b7:ef:47:
8f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:1B:22:CE:2F:2A:C3:1C:27:CA:EC:62:ED:6F:12:94:DC:5D:56:92
X509v3 Authority Key Identifier:
keyid:07:24:8B:52:D2:3E:BD:23:7B:8A:8B:6E:63:ED:D0:2D:FE:EF:98:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BySLUtI-vSN7iotuY-3QLf7vmEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ced9b5-9440-4d0b-be1f-1b2e4105eb7e/1/dxsizi8qwxwnyuxi7W8SlNxdVpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ced9b5-9440-4d0b-be1f-1b2e4105eb7e/1/BySLUtI-vSN7iotuY-3QLf7vmEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.156.240.0/21
95.214.4.0/22
185.54.56.0/22
185.122.96.0/22
185.122.104.0/22
192.162.92.0/22
193.186.204.0/22
Signature Algorithm: sha256WithRSAEncryption
94:ac:3a:1e:48:81:d6:ff:71:fe:cc:11:c1:27:d8:e5:aa:4e:
3b:31:da:f6:0c:01:52:4e:2d:22:95:25:3f:b1:6e:8b:77:4e:
5f:40:03:04:bc:d3:df:45:6d:82:86:1b:05:65:dd:ab:2a:d6:
cb:aa:94:07:ff:2e:6e:59:54:0f:19:e2:c6:97:0a:f8:60:70:
fd:a0:64:82:15:3c:9f:c4:60:06:ac:50:6b:4a:23:ed:a8:42:
c3:ac:b1:a9:57:04:75:6b:ac:a5:f0:4b:a1:60:d1:3a:df:b8:
12:0c:c9:e7:ed:72:04:39:14:eb:b5:d2:1e:2e:07:f0:85:51:
00:be:4c:3a:e8:2a:3f:ea:d1:2b:57:10:2c:3e:03:2c:a0:82:
26:27:e8:21:cb:bb:00:6d:6f:0f:ac:6c:1e:cf:e4:df:79:d1:
19:75:71:75:74:18:9f:1d:41:69:b7:f5:b3:71:9a:47:e9:4d:
05:4d:01:4f:84:e9:ce:c1:fd:c7:1a:3b:f5:9e:2a:e0:21:c5:
f8:71:23:31:47:ea:f6:48:8b:d4:7b:fa:e3:85:a4:f2:95:87:
ab:57:ea:07:20:e0:86:2d:7d:15:6c:de:08:dd:e5:27:b3:50:
f9:09:2f:db:7f:46:88:44:fb:26:00:e0:c1:6c:60:c7:8e:59:
11:4f:f8:9e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZK5J/apIi7AP1BR2u1QfuboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MjQ4YjUyZDIzZWJkMjM3YjhhOGI2ZTYzZWRkMDJkZmVl
Zjk4NGMwHhcNMjQxMDIzMTEzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzFiMjJjZTJmMmFjMzFjMjdjYWVjNjJlZDZmMTI5NGRjNWQ1NjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1WbZpiVcwrzJ9pJuMVW+y996b4b
M/3UoUWwhC/hsisdc8c+05IHM6EnhGPc1wyPeSZ9Q9B7hqOMVcAMIzZlUQZ5tKqr
V0OujChxVMVWRoDkLfLNZtbQmdhG59DOtEJbe6KCO+DmTLgoWmpGAp2EwVE3pwwe
od2TrMrMVksHHtZ7GRqXNWmH2JyJ8VBqRFAE5wcW7bsERUe0r2eEn5bm9P3+S46H
e3fzfG6ppmtYU+qEfNFI4cfKcJQc4QIhcndT2l5NTN6anqsRb+Df2Ogv5foVfpn6
8DHiLbXtMr5L8s+35Mzmzsb35B3Q6/419lAQzWQATIAr4rX0jr+370ePgwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHcbIs4vKsMcJ8rsYu1vEpTcXVaSMB8GA1UdIwQY
MBaAFAcki1LSPr0je4qLbmPt0C3+75hMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnlTTFV0SS12U043aW90dVktM1FMZjd2bUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jZWQ5YjUtOTQ0MC00ZDBiLWJlMWYt
MWIyZTQxMDVlYjdlLzEvZHhzaXppOHF3eHdueXV4aTdXOFNsTnhkVnBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jZWQ5YjUtOTQ0MC00ZDBiLWJlMWYtMWIyZTQxMDVlYjdl
LzEvQnlTTFV0SS12U043aW90dVktM1FMZjd2bUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDX5zwAwQC
X9YEAwQCuTY4AwQCuXpgAwQCuXpoAwQCwKJcAwQCwbrMMA0GCSqGSIb3DQEBCwUA
A4IBAQCUrDoeSIHW/3H+zBHBJ9jlqk47Mdr2DAFSTi0ilSU/sW6Ld05fQAMEvNPf
RW2ChhsFZd2rKtbLqpQH/y5uWVQPGeLGlwr4YHD9oGSCFTyfxGAGrFBrSiPtqELD
rLGpVwR1a6yl8EuhYNE637gSDMnn7XIEORTrtdIeLgfwhVEAvkw66Co/6tErVxAs
PgMsoIImJ+ghy7sAbW8PrGwez+TfedEZdXF1dBifHUFpt/WzcZpH6U0FTQFPhOnO
wf3HGjv1nirgIcX4cSMxR+r2SIvUe/rjhaTylYerV+oHIOCGLX0VbN4I3eUns1D5
CS/bf0aIRPsmAODBbGDHjlkRT/ie
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:48 2025 by rpki-client