Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/uEpSKZ2x_PCeUPsgzAEoIihmjAM.roa
File: uEpSKZ2x_PCeUPsgzAEoIihmjAM.roa (raw, json)
Hash identifier: vFxJEnhxrzSx3WGJPCs48LtIByNLY94tnnTRFbvR00g=
Subject key identifier: B8:4A:52:29:9D:B1:FC:F0:9E:50:FB:20:CC:01:28:22:28:66:8C:03
Certificate issuer: /CN=065a470dbab9c1c334f0f85f417cd1aa425e9f13
Certificate serial: 0194282348829EB3177240D752E8FB8B5AE5
Authority key identifier: 06:5A:47:0D:BA:B9:C1:C3:34:F0:F8:5F:41:7C:D1:AA:42:5E:9F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BlpHDbq5wcM08PhfQXzRqkJenxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/uEpSKZ2x_PCeUPsgzAEoIihmjAM.roa
Signing time: Thu 02 Jan 2025 17:49:48 +0000
ROA not before: Thu 02 Jan 2025 17:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214781
IP address blocks: 195.66.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 21:29:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:48:82:9e:b3:17:72:40:d7:52:e8:fb:8b:5a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=065a470dbab9c1c334f0f85f417cd1aa425e9f13
Validity
Not Before: Jan 2 17:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b84a52299db1fcf09e50fb20cc01282228668c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:79:a4:7d:18:2b:86:1a:78:08:32:42:73:5d:
3b:91:ab:9c:7b:0d:ca:a6:08:61:88:0f:e0:0b:ec:
ef:0c:6e:64:ac:ea:1d:8a:53:51:de:0a:93:59:46:
bf:65:05:f1:25:77:b6:24:36:8a:00:29:53:7d:97:
e2:9d:75:0d:67:95:81:19:52:1a:66:7a:a1:4a:10:
e4:e1:43:70:47:4d:42:5e:14:6a:c3:05:6b:94:d2:
fa:dd:7c:9f:e0:2f:1a:2f:f1:e8:93:4b:3f:75:43:
18:e9:ca:94:59:11:23:5c:6d:b1:50:be:b7:c8:c1:
0e:96:93:6a:3a:3e:24:4a:55:04:41:5d:ad:80:d7:
bf:d1:01:51:8f:ce:4d:a1:52:90:44:a9:bf:83:09:
4c:d7:72:4a:b0:fc:13:7e:67:59:1e:cd:60:35:0c:
48:f3:41:f7:83:5d:9b:1b:f7:29:f4:fc:0c:39:ad:
67:b6:c4:6d:b9:56:ee:f8:38:53:5f:88:5e:48:3d:
89:e9:5b:92:76:f3:b1:33:a9:2f:e2:f1:34:fa:95:
6a:20:dd:7f:1c:95:10:bd:67:8c:30:be:04:d6:99:
5f:37:8f:c7:77:db:e4:6c:5a:b2:e4:73:0b:b6:17:
a6:bb:23:2b:58:a0:67:21:c3:ec:a9:86:22:7a:62:
43:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4A:52:29:9D:B1:FC:F0:9E:50:FB:20:CC:01:28:22:28:66:8C:03
X509v3 Authority Key Identifier:
keyid:06:5A:47:0D:BA:B9:C1:C3:34:F0:F8:5F:41:7C:D1:AA:42:5E:9F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BlpHDbq5wcM08PhfQXzRqkJenxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/uEpSKZ2x_PCeUPsgzAEoIihmjAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/BlpHDbq5wcM08PhfQXzRqkJenxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.101.0/24
Signature Algorithm: sha256WithRSAEncryption
40:12:26:e2:76:90:d4:51:f2:88:3a:8d:8f:d0:fa:03:4d:16:
ad:6a:4f:eb:08:23:0a:20:e6:7c:07:74:22:a5:27:38:a5:b3:
cc:c7:26:07:a7:f8:df:b1:57:b2:1d:bc:a3:5c:7b:f8:5a:47:
6a:7d:b3:02:23:c4:d4:d9:c7:50:1c:35:d8:6e:da:ce:b6:3a:
da:41:6f:bd:76:94:05:f8:23:62:a9:86:2f:23:54:0b:86:14:
52:b6:0f:aa:49:4a:f3:c0:aa:58:85:a1:78:07:5c:e1:8e:e7:
54:b7:17:d5:0f:88:51:f0:22:fd:c7:74:4c:db:b4:23:a7:67:
b6:7e:fb:f0:7d:3b:e0:66:c6:e8:fd:7d:dc:60:84:b7:d5:1c:
08:dc:0a:48:e0:27:ac:bf:1c:2b:57:28:4f:6c:c4:22:d5:90:
6f:88:ef:5b:0e:83:56:e3:09:67:3d:f1:ee:87:ad:b7:96:ba:
a9:06:f8:48:49:98:8f:bc:03:dd:07:0f:11:a1:16:77:c1:6a:
04:25:c8:5a:e3:5e:2a:4c:99:fd:ea:04:ef:b3:f7:f6:fc:b3:
e7:4a:ba:99:dd:36:43:52:af:54:ea:be:a2:73:92:ad:78:67:
bc:b3:87:88:8b:fd:35:73:ab:be:62:4b:ea:c0:2a:35:d8:05:
e1:a5:cc:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI0iCnrMXckDXUuj7i1rlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NWE0NzBkYmFiOWMxYzMzNGYwZjg1ZjQxN2NkMWFhNDI1
ZTlmMTMwHhcNMjUwMTAyMTc0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODRhNTIyOTlkYjFmY2YwOWU1MGZiMjBjYzAxMjgyMjI4NjY4YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXmkfRgrhhp4CDJCc107kaucew3K
pghhiA/gC+zvDG5krOodilNR3gqTWUa/ZQXxJXe2JDaKAClTfZfinXUNZ5WBGVIa
ZnqhShDk4UNwR01CXhRqwwVrlNL63Xyf4C8aL/Hok0s/dUMY6cqUWREjXG2xUL63
yMEOlpNqOj4kSlUEQV2tgNe/0QFRj85NoVKQRKm/gwlM13JKsPwTfmdZHs1gNQxI
80H3g12bG/cp9PwMOa1ntsRtuVbu+DhTX4heSD2J6VuSdvOxM6kv4vE0+pVqIN1/
HJUQvWeMML4E1plfN4/Hd9vkbFqy5HMLthemuyMrWKBnIcPsqYYiemJDnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhKUimdsfzwnlD7IMwBKCIoZowDMB8GA1UdIwQY
MBaAFAZaRw26ucHDNPD4X0F80apCXp8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmxwSERicTV3Y00wOFBoZlFYelJxa0plbnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zNzVhNjctOGM0ZS00YTQ2LTk5Y2Mt
NjUwNzhhN2Y2NWI4LzEvdUVwU0taMnhfUENlVVBzZ3pBRW9JaWhtakFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zNzVhNjctOGM0ZS00YTQ2LTk5Y2MtNjUwNzhhN2Y2NWI4
LzEvQmxwSERicTV3Y00wOFBoZlFYelJxa0plbnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0JlMA0G
CSqGSIb3DQEBCwUAA4IBAQBAEibidpDUUfKIOo2P0PoDTRatak/rCCMKIOZ8B3Qi
pSc4pbPMxyYHp/jfsVeyHbyjXHv4WkdqfbMCI8TU2cdQHDXYbtrOtjraQW+9dpQF
+CNiqYYvI1QLhhRStg+qSUrzwKpYhaF4B1zhjudUtxfVD4hR8CL9x3RM27Qjp2e2
fvvwfTvgZsbo/X3cYIS31RwI3ApI4CesvxwrVyhPbMQi1ZBviO9bDoNW4wlnPfHu
h623lrqpBvhISZiPvAPdBw8RoRZ3wWoEJcha414qTJn96gTvs/f2/LPnSrqZ3TZD
Uq9U6r6ic5KteGe8s4eIi/01c6u+YkvqwCo12AXhpcwK
-----END CERTIFICATE-----
Generated at Mon May 5 17:40:24 2025 by rpki-client