Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/0fbd8d-820d-4979-81a3-8be9571eb10d/1/aEmypxWpkyma4rwx6dGp86RUv6s.roa
File: aEmypxWpkyma4rwx6dGp86RUv6s.roa (raw, json)
Hash identifier: SLsCJlSdYZ406Cz6lIXgXATSasb1l6clS4FamVKlJho=
Subject key identifier: 68:49:B2:A7:15:A9:93:29:9A:E2:BC:31:E9:D1:A9:F3:A4:54:BF:AB
Certificate issuer: /CN=c69ceb1240844cde8a168897e47c1df5d6ecbf21
Certificate serial: 0192B3ED77BF0674D035D4A4AAD685B9CEE7
Authority key identifier: C6:9C:EB:12:40:84:4C:DE:8A:16:88:97:E4:7C:1D:F5:D6:EC:BF:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xpzrEkCETN6KFoiX5Hwd9dbsvyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/0fbd8d-820d-4979-81a3-8be9571eb10d/1/aEmypxWpkyma4rwx6dGp86RUv6s.roa
Signing time: Tue 22 Oct 2024 11:12:17 +0000
ROA not before: Tue 22 Oct 2024 11:12:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200370
IP address blocks: 95.142.231.0/24 maxlen: 24
95.142.232.0/24 maxlen: 24
95.142.238.0/24 maxlen: 24
95.142.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:ed:77:bf:06:74:d0:35:d4:a4:aa:d6:85:b9:ce:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c69ceb1240844cde8a168897e47c1df5d6ecbf21
Validity
Not Before: Oct 22 11:12:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6849b2a715a993299ae2bc31e9d1a9f3a454bfab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:12:1a:97:83:63:b4:c3:fd:ed:97:93:ab:c4:
81:8d:34:4b:51:e8:27:bc:22:54:d8:6d:38:61:ca:
5c:84:8e:7a:93:38:0f:75:57:f7:7f:c6:86:12:16:
26:39:cf:4e:94:58:99:59:ba:5e:8c:7c:5d:37:cb:
0e:0f:51:0a:9f:10:1d:0a:6f:ed:21:dd:68:de:87:
7f:39:f2:2f:46:cd:03:75:98:d8:ae:1e:74:14:a6:
7a:59:d6:8b:7a:11:36:9a:72:18:cd:f7:67:f1:4c:
bf:13:07:3a:ef:a6:c5:68:35:b2:1a:ce:8a:5b:6d:
9e:8d:b4:01:29:c5:b3:8c:d4:4a:b8:38:4f:28:42:
3f:66:32:70:1f:c1:0f:75:b9:e9:5a:e6:db:6d:f7:
94:47:86:ec:b2:29:df:b3:b6:5b:35:e1:4d:0a:12:
7d:7e:95:7a:08:ac:32:e3:e8:be:80:0d:0b:0b:fd:
ce:fb:91:2f:e8:6b:5e:68:6e:58:05:27:c2:81:fe:
f5:f4:70:01:fc:90:4b:4e:ed:88:fb:62:eb:76:66:
16:83:54:4a:87:cd:eb:dd:2a:2d:a8:ee:bf:9e:dd:
4e:12:fb:bb:cb:b9:4e:2c:35:dd:66:82:92:5f:28:
25:59:8d:78:c3:34:34:5f:22:a9:7b:25:ff:f9:1a:
38:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:49:B2:A7:15:A9:93:29:9A:E2:BC:31:E9:D1:A9:F3:A4:54:BF:AB
X509v3 Authority Key Identifier:
keyid:C6:9C:EB:12:40:84:4C:DE:8A:16:88:97:E4:7C:1D:F5:D6:EC:BF:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xpzrEkCETN6KFoiX5Hwd9dbsvyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/0fbd8d-820d-4979-81a3-8be9571eb10d/1/aEmypxWpkyma4rwx6dGp86RUv6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/0fbd8d-820d-4979-81a3-8be9571eb10d/1/xpzrEkCETN6KFoiX5Hwd9dbsvyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.231.0-95.142.232.255
95.142.238.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:94:29:ac:45:22:d0:e2:8a:55:a7:3c:4c:0c:96:74:37:1f:
48:f3:45:2d:71:3d:0e:4f:82:01:76:6f:ed:f1:bc:a4:a3:2b:
0a:f2:0f:d0:29:6d:22:3f:35:54:1c:0b:a7:a9:df:74:79:dd:
f1:cc:d7:3e:69:34:a6:61:e9:ee:56:5f:57:6d:4d:f3:42:d6:
ec:8c:ff:7a:38:2e:b8:74:e4:d2:36:1d:04:16:cd:d0:1c:e5:
ce:a3:3f:fd:40:d4:b3:d0:99:ab:b2:cd:4e:6b:5b:9e:ef:1a:
62:60:cf:f9:ae:b8:34:ed:48:92:4f:04:e6:35:2a:a2:cf:96:
68:b1:0c:d6:4f:87:c5:53:18:01:3f:71:c0:bb:8c:aa:dc:cb:
48:6c:43:0c:77:bc:71:b8:d5:be:c3:dd:52:aa:8b:25:94:83:
4c:da:ff:13:f7:82:35:e4:37:d8:ca:04:3a:ea:75:98:ae:e8:
8b:88:15:fe:59:a4:03:71:02:27:15:1d:0e:fc:b5:d1:8d:db:
3b:46:2a:a4:5f:53:d6:e0:ae:a2:3d:f5:b5:5a:69:a1:1a:b2:
ae:68:e9:8e:85:93:1d:f2:57:7d:01:7f:dc:ea:06:1d:98:60:
1c:25:17:a3:66:a4:55:7a:41:75:4b:e2:ca:94:3c:37:52:40:
a8:21:a8:8a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZKz7Xe/BnTQNdSkqtaFuc7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OWNlYjEyNDA4NDRjZGU4YTE2ODg5N2U0N2MxZGY1ZDZl
Y2JmMjEwHhcNMjQxMDIyMTExMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQ5YjJhNzE1YTk5MzI5OWFlMmJjMzFlOWQxYTlmM2E0NTRiZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhIal4NjtMP97ZeTq8SBjTRLUegn
vCJU2G04YcpchI56kzgPdVf3f8aGEhYmOc9OlFiZWbpejHxdN8sOD1EKnxAdCm/t
Id1o3od/OfIvRs0DdZjYrh50FKZ6WdaLehE2mnIYzfdn8Uy/Ewc676bFaDWyGs6K
W22ejbQBKcWzjNRKuDhPKEI/ZjJwH8EPdbnpWubbbfeUR4bssinfs7ZbNeFNChJ9
fpV6CKwy4+i+gA0LC/3O+5Ev6GteaG5YBSfCgf719HAB/JBLTu2I+2LrdmYWg1RK
h83r3SotqO6/nt1OEvu7y7lOLDXdZoKSXyglWY14wzQ0XyKpeyX/+Ro4UQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGhJsqcVqZMpmuK8MenRqfOkVL+rMB8GA1UdIwQY
MBaAFMac6xJAhEzeihaIl+R8HfXW7L8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHB6ckVrQ0VUTjZLRm9pWDVId2Q5ZGJzdnlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8wZmJkOGQtODIwZC00OTc5LTgxYTMt
OGJlOTU3MWViMTBkLzEvYUVteXB4V3BreW1hNHJ3eDZkR3A4NlJVdjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8wZmJkOGQtODIwZC00OTc5LTgxYTMtOGJlOTU3MWViMTBk
LzEveHB6ckVrQ0VUTjZLRm9pWDVId2Q5ZGJzdnlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABfjucD
BABfjugDBAFfju4wDQYJKoZIhvcNAQELBQADggEBAG6UKaxFItDiilWnPEwMlnQ3
H0jzRS1xPQ5PggF2b+3xvKSjKwryD9ApbSI/NVQcC6ep33R53fHM1z5pNKZh6e5W
X1dtTfNC1uyM/3o4Lrh05NI2HQQWzdAc5c6jP/1A1LPQmauyzU5rW57vGmJgz/mu
uDTtSJJPBOY1KqLPlmixDNZPh8VTGAE/ccC7jKrcy0hsQwx3vHG41b7D3VKqiyWU
g0za/xP3gjXkN9jKBDrqdZiu6IuIFf5ZpANxAicVHQ78tdGN2ztGKqRfU9bgrqI9
9bVaaaEasq5o6Y6Fkx3yV30Bf9zqBh2YYBwlF6NmpFV6QXVL4sqUPDdSQKghqIo=
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:03:29 2025 by rpki-client