Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/TZ9nI7PNWsFJVTyYcbBJE2Y3L7s.roa
File: TZ9nI7PNWsFJVTyYcbBJE2Y3L7s.roa (raw, json)
Hash identifier: blf20sYxiiLbd3PcfFjue1C3dlRJyzHB9TFJNVnEglI=
Subject key identifier: 4D:9F:67:23:B3:CD:5A:C1:49:55:3C:98:71:B0:49:13:66:37:2F:BB
Certificate issuer: /CN=82e22da9bf0a74171eebb4cd98fc25f3041add2f
Certificate serial: 018CC50115FBEDC58ED816E9AEEB8146251D
Authority key identifier: 82:E2:2D:A9:BF:0A:74:17:1E:EB:B4:CD:98:FC:25:F3:04:1A:DD:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guItqb8KdBce67TNmPwl8wQa3S8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/TZ9nI7PNWsFJVTyYcbBJE2Y3L7s.roa
Signing time: Mon 01 Jan 2024 12:30:31 +0000
ROA not before: Mon 01 Jan 2024 12:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29445
IP address blocks: 195.149.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:15:fb:ed:c5:8e:d8:16:e9:ae:eb:81:46:25:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e22da9bf0a74171eebb4cd98fc25f3041add2f
Validity
Not Before: Jan 1 12:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d9f6723b3cd5ac149553c9871b0491366372fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8a:2b:a3:f1:09:54:04:0b:bb:c0:e4:04:b5:
3e:64:cf:f2:2b:c5:d4:c7:dd:84:a4:4c:7d:b5:43:
ee:05:1a:79:c0:0c:ce:2e:87:15:40:90:69:3c:bb:
5d:f0:11:31:26:de:38:87:85:b2:7d:c8:19:b4:64:
e3:71:a3:63:65:e3:8f:63:28:cd:47:f2:42:dc:ca:
72:7d:da:b9:42:3d:67:13:66:57:6a:72:2a:48:02:
91:12:d0:63:69:84:2d:1e:0b:42:3f:58:01:1d:60:
fb:d8:c2:f9:fd:ba:a6:72:6d:33:8a:04:53:b8:9f:
22:04:6e:29:22:03:8b:e9:39:38:ed:d1:38:53:5d:
78:fd:6a:d4:fc:72:52:ed:c1:96:53:69:0d:e6:85:
4c:10:53:c9:8a:36:66:10:a9:fa:e4:8d:23:10:6e:
4b:84:09:6a:8f:5c:22:83:46:8d:70:bf:27:cb:a4:
f8:b6:87:ef:85:90:3e:6e:3c:32:e6:b2:90:46:87:
36:10:b8:4d:8a:16:42:ff:c5:88:5f:85:1b:d8:da:
e7:b6:4b:0e:cf:51:12:5e:5b:4b:10:a2:67:e0:27:
1b:83:5f:f3:94:62:9a:58:95:24:2e:3a:6d:b9:41:
fb:a7:fa:98:34:5b:ed:5b:fd:b0:e5:a8:ca:be:6e:
bb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9F:67:23:B3:CD:5A:C1:49:55:3C:98:71:B0:49:13:66:37:2F:BB
X509v3 Authority Key Identifier:
keyid:82:E2:2D:A9:BF:0A:74:17:1E:EB:B4:CD:98:FC:25:F3:04:1A:DD:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guItqb8KdBce67TNmPwl8wQa3S8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/TZ9nI7PNWsFJVTyYcbBJE2Y3L7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a89b3c-972c-4bee-80f2-5c2919da8df3/1/guItqb8KdBce67TNmPwl8wQa3S8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.95.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:93:c3:f7:e4:d5:55:71:52:87:c3:09:20:3e:22:90:0c:cf:
6f:41:9a:8d:ae:3b:b0:e9:5b:6f:5b:1a:45:c7:2c:aa:fb:a0:
d0:ba:9c:ff:e2:ad:bf:6b:b8:81:70:c4:ae:1d:e3:d7:71:0f:
96:23:29:e1:2c:7a:48:bc:3d:47:8f:9c:01:31:d4:6b:82:7b:
ac:0e:a7:dd:2b:80:98:c9:19:46:29:a2:87:9a:ae:11:6b:c1:
65:56:fe:ee:fc:b1:8d:8e:f9:9c:bd:c0:b3:50:b4:48:f6:88:
c1:d5:50:81:41:77:2d:b6:dc:38:99:c5:bb:d1:cb:70:b6:5a:
0f:8c:eb:88:5b:c0:b6:9d:55:c9:6b:56:e8:82:29:93:f5:e3:
cd:e1:06:94:92:31:00:83:57:58:35:27:69:4f:1a:60:c7:2d:
da:13:21:05:b2:42:d3:d7:6a:2d:a6:c7:8d:21:2d:a2:68:3c:
63:8d:7a:7d:8f:c1:3f:b3:5c:70:6f:9f:67:b4:a4:5e:ab:06:
9e:0f:b9:5b:b9:75:b6:7f:cf:88:3e:a0:9d:48:f3:a5:39:a3:
29:15:a4:77:da:67:8d:39:4b:a5:60:37:ca:a4:71:5b:28:a5:
43:d0:e7:08:b5:ff:25:5a:3a:e7:2e:0a:84:7d:03:e8:45:ab:
cc:9d:67:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFARX77cWO2BbpruuBRiUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTIyZGE5YmYwYTc0MTcxZWViYjRjZDk4ZmMyNWYzMDQx
YWRkMmYwHhcNMjQwMTAxMTIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDlmNjcyM2IzY2Q1YWMxNDk1NTNjOTg3MWIwNDkxMzY2MzcyZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4oro/EJVAQLu8DkBLU+ZM/yK8XU
x92EpEx9tUPuBRp5wAzOLocVQJBpPLtd8BExJt44h4WyfcgZtGTjcaNjZeOPYyjN
R/JC3Mpyfdq5Qj1nE2ZXanIqSAKREtBjaYQtHgtCP1gBHWD72ML5/bqmcm0zigRT
uJ8iBG4pIgOL6Tk47dE4U114/WrU/HJS7cGWU2kN5oVMEFPJijZmEKn65I0jEG5L
hAlqj1wig0aNcL8ny6T4tofvhZA+bjwy5rKQRoc2ELhNihZC/8WIX4Ub2NrntksO
z1ESXltLEKJn4Ccbg1/zlGKaWJUkLjptuUH7p/qYNFvtW/2w5ajKvm67lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2fZyOzzVrBSVU8mHGwSRNmNy+7MB8GA1UdIwQY
MBaAFILiLam/CnQXHuu0zZj8JfMEGt0vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VJdHFiOEtkQmNlNjdUTm1Qd2w4d1FhM1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9hODliM2MtOTcyYy00YmVlLTgwZjIt
NWMyOTE5ZGE4ZGYzLzEvVFo5bkk3UE5Xc0ZKVlR5WWNiQkpFMlkzTDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9hODliM2MtOTcyYy00YmVlLTgwZjItNWMyOTE5ZGE4ZGYz
LzEvZ3VJdHFiOEtkQmNlNjdUTm1Qd2w4d1FhM1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5VfMA0G
CSqGSIb3DQEBCwUAA4IBAQAPk8P35NVVcVKHwwkgPiKQDM9vQZqNrjuw6VtvWxpF
xyyq+6DQupz/4q2/a7iBcMSuHePXcQ+WIynhLHpIvD1Hj5wBMdRrgnusDqfdK4CY
yRlGKaKHmq4Ra8FlVv7u/LGNjvmcvcCzULRI9ojB1VCBQXctttw4mcW70ctwtloP
jOuIW8C2nVXJa1bogimT9ePN4QaUkjEAg1dYNSdpTxpgxy3aEyEFskLT12otpseN
IS2iaDxjjXp9j8E/s1xwb59ntKReqwaeD7lbuXW2f8+IPqCdSPOlOaMpFaR32meN
OUulYDfKpHFbKKVD0OcItf8lWjrnLgqEfQPoRavMnWcr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:47 2025 by rpki-client