Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/dv09AfAP-RX0RhftPrqBvh9Hobk.roa
File: dv09AfAP-RX0RhftPrqBvh9Hobk.roa (raw, json)
Hash identifier: dM2eLrvOxOzqWB1BNpablfqCRJhQUAols0/imcFlOqo=
Subject key identifier: 76:FD:3D:01:F0:0F:F9:15:F4:46:17:ED:3E:BA:81:BE:1F:47:A1:B9
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01941F8C9071A4ADC347A63EDC69CFDC416A
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/dv09AfAP-RX0RhftPrqBvh9Hobk.roa
Signing time: Wed 01 Jan 2025 01:48:13 +0000
ROA not before: Wed 01 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 195.114.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 15:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:90:71:a4:ad:c3:47:a6:3e:dc:69:cf:dc:41:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jan 1 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76fd3d01f00ff915f44617ed3eba81be1f47a1b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:37:0b:6a:d8:d7:3b:b5:ad:fd:28:15:3f:ea:
9b:e0:1f:1f:a9:78:db:7a:9c:26:3d:b7:48:ce:39:
e6:a2:8b:b5:d0:28:3e:26:ea:14:08:57:f0:be:e8:
f5:f2:75:0a:15:77:45:05:20:13:4c:88:e8:8e:27:
c0:1b:aa:df:f2:de:5a:cb:65:d7:7c:be:8f:32:f4:
15:08:ab:de:27:22:81:9d:a4:56:f8:e5:5e:9e:34:
2e:aa:27:da:8a:e8:ef:09:ba:f4:16:8f:d1:98:d1:
dc:67:19:ba:94:38:ba:67:30:d0:2b:41:77:4d:95:
ec:e0:8f:2c:21:c4:99:cb:14:aa:b4:4a:65:51:07:
2b:e4:c3:a1:a4:92:c1:2c:57:7d:c1:4f:4d:69:6c:
31:99:bd:59:e4:a0:3e:c6:a4:1e:4d:05:39:b6:84:
40:99:94:b2:b2:d7:07:c6:db:fa:ab:49:f3:cf:23:
7d:4e:7f:06:f9:4b:57:49:11:4d:f9:ef:e0:20:02:
9b:e6:de:7d:f0:84:52:16:47:99:b3:f7:8d:b8:e3:
2c:b2:b8:a9:c8:9d:d3:d3:cd:05:fb:8d:41:7c:8b:
e5:57:30:01:a2:cf:c3:ce:e3:33:93:31:b1:02:7c:
34:5d:05:08:9e:68:73:8e:01:64:33:48:ed:47:26:
dd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:FD:3D:01:F0:0F:F9:15:F4:46:17:ED:3E:BA:81:BE:1F:47:A1:B9
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/dv09AfAP-RX0RhftPrqBvh9Hobk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.202.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:81:07:37:fc:5f:59:3a:1c:d1:e2:b7:99:b3:48:8c:8f:97:
e2:96:78:aa:4c:5e:3e:d5:a3:3f:14:af:f2:46:00:56:1d:b2:
b3:b6:83:02:8b:67:47:ab:5e:3d:94:88:73:17:a7:ae:6f:48:
04:89:07:45:16:c0:22:aa:8e:e9:a6:48:98:09:6b:e2:0a:f2:
02:ca:65:51:0e:94:91:20:ef:71:dd:dc:69:ee:bb:ea:4d:81:
0e:9f:fa:e9:fd:84:5a:09:06:aa:de:97:51:69:67:ad:dd:5c:
17:2e:d9:c3:89:3a:d5:c1:20:64:70:b7:f8:9d:1e:0c:9f:7b:
d4:5a:10:5c:4e:ef:d8:53:7c:c6:89:66:27:ad:f9:cc:98:f7:
85:9d:bb:cd:b9:01:45:62:12:f0:eb:0c:67:b9:a7:05:8a:2e:
1f:0b:73:c7:6d:32:6d:16:8c:d7:46:9f:24:77:c6:b2:30:ca:
b7:6a:48:1a:20:21:81:bb:24:92:f9:23:f3:37:c9:63:5e:61:
2a:bc:bf:6f:dd:77:1a:63:8f:31:fe:8f:c0:06:08:23:1f:82:
2a:51:c7:a3:4c:e6:7d:ad:98:c9:95:70:44:bb:fc:5a:26:da:
82:70:4e:2b:20:8b:eb:e7:86:dc:dd:90:3a:da:a7:4c:a6:1e:
55:b1:06:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJBxpK3DR6Y+3GnP3EFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMTAxMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmZkM2QwMWYwMGZmOTE1ZjQ0NjE3ZWQzZWJhODFiZTFmNDdhMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jcLatjXO7Wt/SgVP+qb4B8fqXjb
epwmPbdIzjnmoou10Cg+JuoUCFfwvuj18nUKFXdFBSATTIjojifAG6rf8t5ay2XX
fL6PMvQVCKveJyKBnaRW+OVenjQuqifaiujvCbr0Fo/RmNHcZxm6lDi6ZzDQK0F3
TZXs4I8sIcSZyxSqtEplUQcr5MOhpJLBLFd9wU9NaWwxmb1Z5KA+xqQeTQU5toRA
mZSystcHxtv6q0nzzyN9Tn8G+UtXSRFN+e/gIAKb5t598IRSFkeZs/eNuOMssrip
yJ3T080F+41BfIvlVzABos/DzuMzkzGxAnw0XQUInmhzjgFkM0jtRybdCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHb9PQHwD/kV9EYX7T66gb4fR6G5MB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvZHYwOUFmQVAtUlgwUmhmdFBycUJ2aDlIb2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3LKMA0G
CSqGSIb3DQEBCwUAA4IBAQAKgQc3/F9ZOhzR4reZs0iMj5filniqTF4+1aM/FK/y
RgBWHbKztoMCi2dHq149lIhzF6eub0gEiQdFFsAiqo7ppkiYCWviCvICymVRDpSR
IO9x3dxp7rvqTYEOn/rp/YRaCQaq3pdRaWet3VwXLtnDiTrVwSBkcLf4nR4Mn3vU
WhBcTu/YU3zGiWYnrfnMmPeFnbvNuQFFYhLw6wxnuacFii4fC3PHbTJtFozXRp8k
d8ayMMq3akgaICGBuySS+SPzN8ljXmEqvL9v3XcaY48x/o/ABggjH4IqUcejTOZ9
rZjJlXBEu/xaJtqCcE4rIIvr54bc3ZA62qdMph5VsQbD
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:01:42 2025 by rpki-client