Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/rhCDiZPjLF2J7GkWH3Rk8MwGOmw.roa
File: rhCDiZPjLF2J7GkWH3Rk8MwGOmw.roa (raw, json)
Hash identifier: OpifiQmZj+iMveQTDakHANb4crrn0i1u+yzlfhqrdlI=
Subject key identifier: AE:10:83:89:93:E3:2C:5D:89:EC:69:16:1F:74:64:F0:CC:06:3A:6C
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01941F8C91E12D97AE77D90FA4ACE40208B3
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/rhCDiZPjLF2J7GkWH3Rk8MwGOmw.roa
Signing time: Wed 01 Jan 2025 01:48:13 +0000
ROA not before: Wed 01 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16125
IP address blocks: 195.114.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Feb 2025 21:10:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:91:e1:2d:97:ae:77:d9:0f:a4:ac:e4:02:08:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jan 1 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae10838993e32c5d89ec69161f7464f0cc063a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fd:0f:b6:32:37:54:76:09:5e:3b:7d:c7:ea:
43:a9:01:2b:0a:96:bd:2c:9f:08:58:20:7f:61:ba:
15:a1:fc:82:91:4d:a0:88:05:85:4e:07:34:95:8a:
72:60:9a:69:73:8b:77:a4:24:26:70:31:ad:b5:9c:
6e:84:43:e2:f0:84:6e:36:e6:b0:06:8c:37:77:5b:
e8:34:35:a3:24:d6:c2:c1:70:2c:ce:b7:7e:88:7a:
1e:d4:ad:5a:27:1e:59:c1:90:b9:fd:8c:2a:cc:11:
4c:70:5b:60:b8:20:4c:94:35:b5:50:3b:45:b6:03:
2c:e0:7b:e9:e3:f0:e7:93:4c:8f:bc:49:a3:02:be:
a6:c3:a1:53:79:45:dc:c9:7e:58:5f:b4:d3:9a:c8:
ae:34:56:0c:b3:17:fa:6a:6d:00:60:1e:d2:be:db:
d0:f6:01:80:5c:cc:1d:c7:d8:10:2e:9e:4c:98:4e:
d9:65:95:0d:5f:bc:27:f5:c9:14:ff:28:40:8b:c0:
c9:d0:96:fc:fa:7d:1c:24:19:67:5a:a3:7f:ed:70:
8c:98:b7:df:30:64:91:52:cc:c3:9c:ed:f7:2b:5e:
6c:de:24:19:ef:2e:49:3d:17:cd:45:3b:cd:ed:4c:
93:63:ce:bc:b8:b9:16:74:58:a0:ad:6a:c7:87:6f:
28:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:10:83:89:93:E3:2C:5D:89:EC:69:16:1F:74:64:F0:CC:06:3A:6C
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/rhCDiZPjLF2J7GkWH3Rk8MwGOmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.195.0/24
Signature Algorithm: sha256WithRSAEncryption
af:7b:da:6a:a3:00:5e:a1:df:f8:62:e8:5c:0c:87:1f:7f:d7:
6b:41:1b:b8:d7:d7:03:a1:c2:a2:c1:aa:91:39:03:ea:d3:6a:
bb:bf:30:6b:57:d1:fc:d1:4f:b1:18:9d:29:23:2a:9f:22:b8:
dd:87:51:e3:c9:35:7e:93:b5:47:15:a0:c7:81:56:ea:5e:6f:
9f:42:c8:27:bc:bb:e4:f7:ef:54:e1:a8:89:7b:56:78:33:d6:
22:2c:cb:73:b8:8f:d9:95:c4:c4:b5:2e:c8:b0:8c:b4:22:79:
3e:75:5f:12:9d:78:77:47:63:b9:c6:85:fa:01:de:fb:b8:08:
ea:09:53:73:de:65:79:79:8d:79:4f:65:1a:ad:c0:de:ad:c1:
01:56:fb:34:08:09:76:5d:1f:0a:20:fc:07:32:e5:4d:13:de:
6a:e6:17:17:1f:7a:72:c0:d2:6b:5c:62:ad:2a:c9:12:6f:36:
21:66:7c:70:c4:ab:ee:2e:8e:7e:d4:e0:fa:0f:fc:c5:eb:17:
e9:ea:67:9a:3c:77:b4:4d:a8:c6:be:df:db:d4:fe:f7:4e:8a:
bf:9b:ac:6f:0b:c5:39:a1:31:63:24:85:3d:01:de:22:dc:94:
a2:a2:89:7c:7a:c7:17:24:e9:0c:53:75:07:39:3a:16:bc:63:
30:ba:64:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJHhLZeud9kPpKzkAgizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMTAxMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTEwODM4OTkzZTMyYzVkODllYzY5MTYxZjc0NjRmMGNjMDYzYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf0PtjI3VHYJXjt9x+pDqQErCpa9
LJ8IWCB/YboVofyCkU2giAWFTgc0lYpyYJppc4t3pCQmcDGttZxuhEPi8IRuNuaw
Bow3d1voNDWjJNbCwXAszrd+iHoe1K1aJx5ZwZC5/YwqzBFMcFtguCBMlDW1UDtF
tgMs4Hvp4/Dnk0yPvEmjAr6mw6FTeUXcyX5YX7TTmsiuNFYMsxf6am0AYB7SvtvQ
9gGAXMwdx9gQLp5MmE7ZZZUNX7wn9ckU/yhAi8DJ0Jb8+n0cJBlnWqN/7XCMmLff
MGSRUszDnO33K15s3iQZ7y5JPRfNRTvN7UyTY868uLkWdFigrWrHh28obQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4Qg4mT4yxdiexpFh90ZPDMBjpsMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvcmhDRGlaUGpMRjJKN0drV0gzUms4TXdHT213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3LDMA0G
CSqGSIb3DQEBCwUAA4IBAQCve9pqowBeod/4YuhcDIcff9drQRu419cDocKiwaqR
OQPq02q7vzBrV9H80U+xGJ0pIyqfIrjdh1HjyTV+k7VHFaDHgVbqXm+fQsgnvLvk
9+9U4aiJe1Z4M9YiLMtzuI/ZlcTEtS7IsIy0Ink+dV8SnXh3R2O5xoX6Ad77uAjq
CVNz3mV5eY15T2UarcDercEBVvs0CAl2XR8KIPwHMuVNE95q5hcXH3pywNJrXGKt
KskSbzYhZnxwxKvuLo5+1OD6D/zF6xfp6meaPHe0TajGvt/b1P73Toq/m6xvC8U5
oTFjJIU9Ad4i3JSiool8escXJOkMU3UHOToWvGMwumQz
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:08:54 2025 by rpki-client