Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/SeKktRExZCAypNbE5bmtr672BtE.roa
File: SeKktRExZCAypNbE5bmtr672BtE.roa (raw, json)
Hash identifier: LxDmEStiMngr14BwnG4Ipa8v39c63UfB9hNHC1TrqnQ=
Subject key identifier: 49:E2:A4:B5:11:31:64:20:32:A4:D6:C4:E5:B9:AD:AF:AE:F6:06:D1
Certificate issuer: /CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Certificate serial: 0194258F4BBBABAFF0406EBAB7A86B64C7F9
Authority key identifier: A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/SeKktRExZCAypNbE5bmtr672BtE.roa
Signing time: Thu 02 Jan 2025 05:48:55 +0000
ROA not before: Thu 02 Jan 2025 05:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34867
IP address blocks: 95.67.0.0/17 maxlen: 17
185.48.196.0/22 maxlen: 22
2a00:17a0::/29 maxlen: 29
2a00:17a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Feb 2025 14:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:4b:bb:ab:af:f0:40:6e:ba:b7:a8:6b:64:c7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Validity
Not Before: Jan 2 05:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49e2a4b51131642032a4d6c4e5b9adafaef606d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e5:28:76:22:65:58:74:bb:2a:70:76:84:4e:
34:c9:da:1a:73:88:15:0a:8b:07:05:f5:23:bf:5f:
8b:be:27:82:03:43:c3:a8:a9:74:2a:8c:e8:15:ba:
2d:46:d8:f5:97:8d:86:91:63:25:ce:a4:62:14:64:
7c:c1:a6:47:76:ac:75:38:33:78:c9:32:2c:3d:b0:
29:f0:ab:bb:57:f5:84:b6:89:f2:e9:8f:33:fc:19:
db:eb:73:e9:5c:f2:a6:44:4e:fe:c0:b5:01:b7:35:
31:34:4d:fe:f4:72:6b:8f:e7:cf:cf:56:95:80:f4:
bb:1a:40:51:37:47:30:e5:42:7d:aa:84:0b:8f:1e:
6b:66:55:e6:ba:7e:33:e5:b7:a7:a2:03:c7:4c:98:
f2:a0:16:41:54:7a:cf:00:ab:c2:b5:7b:f0:fa:b3:
eb:0b:38:5f:d6:9e:37:2d:de:ac:3e:77:2c:c5:9a:
d4:4b:a1:f6:68:7d:88:26:aa:bb:55:ef:9d:b7:9a:
fe:ea:8f:b9:eb:a0:54:77:f7:da:a8:88:1e:89:56:
f5:99:30:87:a3:65:f9:45:bb:03:6b:a2:02:0a:0b:
8c:ec:ae:e6:4c:ec:f4:20:24:2b:72:f5:f9:ad:eb:
67:b3:bb:34:dd:13:07:67:54:7e:4c:f8:07:92:c5:
eb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E2:A4:B5:11:31:64:20:32:A4:D6:C4:E5:B9:AD:AF:AE:F6:06:D1
X509v3 Authority Key Identifier:
keyid:A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/SeKktRExZCAypNbE5bmtr672BtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/ppR2gdoNt_55MV7G29oov41mD8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.67.0.0/17
185.48.196.0/22
IPv6:
2a00:17a0::/29
Signature Algorithm: sha256WithRSAEncryption
62:0d:46:d4:50:6d:a4:51:8b:72:31:52:4c:55:5e:2b:84:e0:
2f:27:7f:ca:12:4f:9a:fe:24:17:cc:c1:68:5e:b1:5c:9a:47:
a7:c3:31:1c:45:5a:ca:77:a1:68:a3:22:d7:ea:f8:81:47:3d:
dd:61:34:1b:67:41:33:d6:40:eb:8a:1b:e5:3b:e3:13:c8:44:
8d:f4:fc:c2:12:24:eb:54:f1:89:bc:ac:e7:cd:13:28:c7:a7:
1f:84:60:eb:e5:2b:e6:4b:87:d1:ff:4e:da:98:65:9c:be:90:
72:89:ff:5f:75:36:c0:bf:01:42:a6:8f:61:e4:4b:42:0b:e2:
e4:36:68:76:f0:1a:77:9c:cc:ce:86:07:3b:c4:77:9d:61:92:
07:6c:1f:b8:2f:5b:79:19:b0:9c:f8:b1:4e:51:af:db:c8:c1:
1b:9d:c7:db:a4:7c:dc:d6:ce:f6:1a:c1:33:21:01:b9:8d:3a:
f5:3f:91:29:62:03:db:3c:64:02:70:31:01:40:ea:38:a3:44:
80:99:e0:f5:11:fb:b2:56:e8:b7:be:3f:11:32:e6:ca:35:db:
0c:9d:2f:10:58:ea:d9:1f:8b:f8:3b:30:9d:21:2a:db:e0:e2:
94:6b:66:95:de:35:b8:05:ee:fb:64:c1:ce:34:31:1f:75:62:
6c:0e:47:57
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlj0u7q6/wQG66t6hrZMf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OTQ3NjgxZGEwZGI3ZmU3OTMxNWVjNmRiZGEyOGJmOGQ2
NjBmYzAwHhcNMjUwMTAyMDU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWUyYTRiNTExMzE2NDIwMzJhNGQ2YzRlNWI5YWRhZmFlZjYwNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+UodiJlWHS7KnB2hE40ydoac4gV
CosHBfUjv1+LvieCA0PDqKl0KozoFbotRtj1l42GkWMlzqRiFGR8waZHdqx1ODN4
yTIsPbAp8Ku7V/WEtony6Y8z/Bnb63PpXPKmRE7+wLUBtzUxNE3+9HJrj+fPz1aV
gPS7GkBRN0cw5UJ9qoQLjx5rZlXmun4z5benogPHTJjyoBZBVHrPAKvCtXvw+rPr
Czhf1p43Ld6sPncsxZrUS6H2aH2IJqq7Ve+dt5r+6o+566BUd/faqIgeiVb1mTCH
o2X5RbsDa6ICCguM7K7mTOz0ICQrcvX5retns7s03RMHZ1R+TPgHksXrwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEnipLURMWQgMqTWxOW5ra+u9gbRMB8GA1UdIwQY
MBaAFKaUdoHaDbf+eTFextvaKL+NZg/AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTct
MjNjM2RmODJjMjMwLzEvU2VLa3RSRXhaQ0F5cE5iRTVibXRyNjcyQnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTctMjNjM2RmODJjMjMw
LzEvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHX0MAAwQC
uTDEMA0EAgACMAcDBQMqABegMA0GCSqGSIb3DQEBCwUAA4IBAQBiDUbUUG2kUYty
MVJMVV4rhOAvJ3/KEk+a/iQXzMFoXrFcmkenwzEcRVrKd6FooyLX6viBRz3dYTQb
Z0Ez1kDrihvlO+MTyESN9PzCEiTrVPGJvKznzRMox6cfhGDr5SvmS4fR/07amGWc
vpByif9fdTbAvwFCpo9h5EtCC+LkNmh28Bp3nMzOhgc7xHedYZIHbB+4L1t5GbCc
+LFOUa/byMEbncfbpHzc1s72GsEzIQG5jTr1P5EpYgPbPGQCcDEBQOo4o0SAmeD1
EfuyVui3vj8RMubKNdsMnS8QWOrZH4v4OzCdISrb4OKUa2aV3jW4Be77ZMHONDEf
dWJsDkdX
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:44:16 2025 by rpki-client