Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/SXnLGFVuYmFTb4J5wZRMf8OD7y8.roa
File: SXnLGFVuYmFTb4J5wZRMf8OD7y8.roa (raw, json)
Hash identifier: q2I1JegyR3p5/3Ju5fsO7sfwT0SnjQOWthHFWFSnlQc=
Subject key identifier: 49:79:CB:18:55:6E:62:61:53:6F:82:79:C1:94:4C:7F:C3:83:EF:2F
Certificate issuer: /CN=292edce09f112ab2d3ffaf4cb2a38eaf1c1af92e
Certificate serial: 018CC5007C5211D3708DCEC6C522D0532F24
Authority key identifier: 29:2E:DC:E0:9F:11:2A:B2:D3:FF:AF:4C:B2:A3:8E:AF:1C:1A:F9:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS7c4J8RKrLT_69MsqOOrxwa-S4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/SXnLGFVuYmFTb4J5wZRMf8OD7y8.roa
Signing time: Mon 01 Jan 2024 12:29:52 +0000
ROA not before: Mon 01 Jan 2024 12:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 195.60.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:7c:52:11:d3:70:8d:ce:c6:c5:22:d0:53:2f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=292edce09f112ab2d3ffaf4cb2a38eaf1c1af92e
Validity
Not Before: Jan 1 12:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4979cb18556e6261536f8279c1944c7fc383ef2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e5:d0:6a:5e:c1:09:d4:95:be:60:c2:29:e7:
82:b9:ab:1d:7b:6c:c9:ea:11:bf:17:7a:79:93:e0:
19:79:1e:3b:43:9f:dc:09:15:8d:e4:35:1e:94:c4:
ce:c5:e1:63:c7:09:e8:d8:27:3b:8b:c7:74:4d:3f:
16:31:c1:a3:32:01:60:fc:54:82:9d:2a:4a:8d:6c:
3a:63:bd:19:a9:f9:07:57:65:d6:fa:1f:97:00:aa:
ed:a9:f6:6a:08:85:24:56:51:03:67:b8:76:02:26:
bc:13:b9:8e:70:73:61:05:81:03:77:fd:be:31:af:
3f:a1:f5:c1:70:a8:a4:aa:12:e9:00:03:9d:5c:29:
f6:ba:87:b4:8b:75:a0:34:98:52:e4:51:8d:94:56:
97:d5:41:3d:12:b1:81:14:b7:90:cf:e1:16:73:3a:
ef:01:fe:3a:98:9e:e7:c7:22:8f:0f:f3:c8:6d:b3:
ea:e0:83:d8:39:18:e8:8c:bf:80:df:33:09:30:41:
a4:fd:0b:d1:14:9a:fe:3f:25:fc:aa:35:b9:14:90:
c4:77:af:a2:45:ce:68:d8:a9:f7:7c:ea:47:c7:fc:
2d:f4:75:d6:91:cf:d9:65:3a:2b:5c:97:42:85:4e:
d9:c7:71:c1:9e:e9:4e:e3:4f:f7:1c:98:dc:02:a8:
97:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:79:CB:18:55:6E:62:61:53:6F:82:79:C1:94:4C:7F:C3:83:EF:2F
X509v3 Authority Key Identifier:
keyid:29:2E:DC:E0:9F:11:2A:B2:D3:FF:AF:4C:B2:A3:8E:AF:1C:1A:F9:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS7c4J8RKrLT_69MsqOOrxwa-S4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/SXnLGFVuYmFTb4J5wZRMf8OD7y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/KS7c4J8RKrLT_69MsqOOrxwa-S4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.86.0/24
Signature Algorithm: sha256WithRSAEncryption
93:53:a0:b7:59:31:1c:bf:bc:d5:01:6a:13:ad:40:93:67:cf:
b1:3c:3a:04:35:a2:7f:d6:b1:c0:b9:08:9f:0f:6d:3c:27:8f:
5a:c2:1f:af:34:df:46:4d:dc:00:83:b7:48:44:f5:bd:b9:dc:
f2:e2:82:11:06:08:13:ec:74:36:e4:d3:c6:a2:cb:f0:1a:2b:
c0:13:e8:6c:2a:d5:20:a5:cd:85:61:82:57:f8:00:4d:4d:41:
ea:42:e6:69:ab:25:91:3a:40:cb:44:f8:e8:26:49:75:51:59:
a1:77:0e:18:68:a8:b3:75:ec:9c:6b:99:fe:8c:b8:53:53:9f:
09:1c:82:c4:33:89:ec:52:f4:84:a5:70:85:41:52:70:6f:4e:
5f:c5:fe:8f:0a:16:13:f9:cd:91:cb:39:c3:78:77:ed:3a:67:
10:16:a2:06:59:b7:2f:1e:88:1f:cc:0e:b3:b9:e7:b9:32:26:
e6:19:5e:d8:c3:20:5b:96:cd:f8:fb:97:58:f0:01:5b:36:82:
7b:8d:51:46:62:b6:a1:42:de:0f:f3:4e:29:ef:7d:3a:fb:b6:
47:76:8c:a8:c7:f0:b5:0a:15:50:0b:cf:69:7e:65:21:5b:ac:
07:93:4b:25:bd:a2:79:05:e0:85:d1:e3:9e:57:db:c8:80:5b:
aa:c4:5a:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAHxSEdNwjc7GxSLQUy8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MmVkY2UwOWYxMTJhYjJkM2ZmYWY0Y2IyYTM4ZWFmMWMx
YWY5MmUwHhcNMjQwMTAxMTIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTc5Y2IxODU1NmU2MjYxNTM2ZjgyNzljMTk0NGM3ZmMzODNlZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheXQal7BCdSVvmDCKeeCuasde2zJ
6hG/F3p5k+AZeR47Q5/cCRWN5DUelMTOxeFjxwno2Cc7i8d0TT8WMcGjMgFg/FSC
nSpKjWw6Y70ZqfkHV2XW+h+XAKrtqfZqCIUkVlEDZ7h2Aia8E7mOcHNhBYEDd/2+
Ma8/ofXBcKikqhLpAAOdXCn2uoe0i3WgNJhS5FGNlFaX1UE9ErGBFLeQz+EWczrv
Af46mJ7nxyKPD/PIbbPq4IPYORjojL+A3zMJMEGk/QvRFJr+PyX8qjW5FJDEd6+i
Rc5o2Kn3fOpHx/wt9HXWkc/ZZTorXJdChU7Zx3HBnulO40/3HJjcAqiX5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEl5yxhVbmJhU2+CecGUTH/Dg+8vMB8GA1UdIwQY
MBaAFCku3OCfESqy0/+vTLKjjq8cGvkuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1M3YzRKOFJLckxUXzY5TXNxT09yeHdhLVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xMjI3NGUtMzE2Yi00ZjNjLThlNmMt
ZGNmZWIzZjEwYzg2LzEvU1huTEdGVnVZbUZUYjRKNXdaUk1mOE9EN3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xMjI3NGUtMzE2Yi00ZjNjLThlNmMtZGNmZWIzZjEwYzg2
LzEvS1M3YzRKOFJLckxUXzY5TXNxT09yeHdhLVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzxWMA0G
CSqGSIb3DQEBCwUAA4IBAQCTU6C3WTEcv7zVAWoTrUCTZ8+xPDoENaJ/1rHAuQif
D208J49awh+vNN9GTdwAg7dIRPW9udzy4oIRBggT7HQ25NPGosvwGivAE+hsKtUg
pc2FYYJX+ABNTUHqQuZpqyWROkDLRPjoJkl1UVmhdw4YaKizdeyca5n+jLhTU58J
HILEM4nsUvSEpXCFQVJwb05fxf6PChYT+c2RyznDeHftOmcQFqIGWbcvHogfzA6z
uee5MibmGV7YwyBbls34+5dY8AFbNoJ7jVFGYrahQt4P804p7306+7ZHdoyox/C1
ChVQC89pfmUhW6wHk0slvaJ5BeCF0eOeV9vIgFuqxFru
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:31:55 2025 by rpki-client