Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Je29mkaOHVKLhQkzbfPfi04hg1c.roa
File: Je29mkaOHVKLhQkzbfPfi04hg1c.roa (raw, json)
Hash identifier: Bo2VUJAO+KSk2CExLLJntFAYq3AtMkX/yHNrMZRA1/I=
Subject key identifier: 25:ED:BD:9A:46:8E:1D:52:8B:85:09:33:6D:F3:DF:8B:4E:21:83:57
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01916963073C1DC2E1A872E9A805AEAA708E
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Je29mkaOHVKLhQkzbfPfi04hg1c.roa
Signing time: Mon 19 Aug 2024 06:46:23 +0000
ROA not before: Mon 19 Aug 2024 06:46:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 62.84.16.0/20 maxlen: 20
85.254.8.0/21 maxlen: 21
85.254.13.0/24 maxlen: 24
85.254.63.0/24 maxlen: 24
85.254.117.0/24 maxlen: 24
85.254.118.0/23 maxlen: 23
85.254.123.0/24 maxlen: 24
217.24.64.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 14 Oct 2024 06:32:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:69:63:07:3c:1d:c2:e1:a8:72:e9:a8:05:ae:aa:70:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 19 06:46:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25edbd9a468e1d528b8509336df3df8b4e218357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:76:27:91:1b:6a:37:8c:02:3b:b3:59:82:72:
d1:a6:d9:9d:64:e6:11:24:57:c4:78:c2:8f:4c:1b:
9d:cf:18:f9:41:6c:25:bf:fc:19:7d:9c:83:23:fc:
3e:c5:b7:ba:6d:c0:f1:4e:c2:db:0d:d0:6a:b6:8e:
27:13:95:5a:ed:c7:5e:2f:b6:bd:5a:70:da:fa:23:
b4:0b:3f:e3:b6:bb:20:4c:8d:53:f1:df:39:f5:a5:
43:07:2a:2b:fc:e4:7b:7c:e2:a5:b5:28:f5:57:7b:
3b:ac:76:5b:dc:21:bc:1d:7f:55:b3:9f:b1:bf:78:
05:0f:34:28:35:e5:a2:55:fe:12:87:89:f0:58:76:
5e:04:ae:eb:0b:be:f8:25:98:80:a5:85:87:7c:54:
b6:67:58:45:24:3a:21:e5:01:9c:4b:19:8e:f5:d7:
05:76:4e:83:ee:65:d8:c1:29:b6:8e:d4:ff:ff:5d:
a5:de:fd:28:d1:4b:6c:67:fc:0d:39:eb:88:fb:37:
30:97:f0:45:4f:5d:00:ad:aa:c4:e9:f8:39:e8:e4:
b6:b6:b0:c1:c1:c1:d6:08:3a:69:a1:30:c7:2c:be:
cf:0a:5a:76:06:8b:e2:f1:1f:c1:e0:0c:0b:58:15:
8a:c2:c1:f3:f7:c9:db:23:a6:eb:32:cf:5a:5a:31:
97:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:ED:BD:9A:46:8E:1D:52:8B:85:09:33:6D:F3:DF:8B:4E:21:83:57
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Je29mkaOHVKLhQkzbfPfi04hg1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.16.0/20
85.254.8.0/21
85.254.63.0/24
85.254.117.0-85.254.119.255
85.254.123.0/24
217.24.64.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:4d:37:7b:3c:72:8f:e6:b0:a7:d1:b6:99:c7:86:aa:85:f0:
16:61:26:cb:96:76:71:06:e1:3a:9d:e5:86:18:71:f7:bf:43:
44:ba:df:01:83:ed:c9:72:2d:39:7c:fd:3a:8c:23:6c:3e:25:
b1:6c:8a:15:64:8d:58:8b:c2:81:7d:cc:3f:4a:ca:84:23:a1:
ae:a7:a3:b3:e0:d8:ae:a4:24:2b:1b:56:e0:be:d0:3f:ee:58:
c5:be:7b:48:dc:33:2d:fe:c4:a3:83:f2:24:aa:84:ff:88:24:
21:bc:f1:d3:91:98:4d:ee:94:fd:b2:12:12:2d:ca:c1:24:3d:
bf:23:0e:18:e8:7f:c4:72:7e:8e:04:f2:60:79:2d:1a:1f:e5:
3d:d4:59:a4:41:c6:53:ae:65:e7:5c:42:56:c0:d5:0d:bb:d5:
fa:89:38:eb:f9:3f:04:42:84:b2:7f:23:84:da:51:ae:89:20:
71:f4:00:fe:40:29:99:67:0f:39:45:f6:df:1f:7f:b4:6d:69:
ab:28:9d:d6:7a:ba:1a:be:4d:22:ce:d9:71:10:20:6b:12:85:
d3:da:f8:47:dc:1f:08:bd:50:0a:6e:f5:fe:e6:52:09:ed:8e:
ac:45:7a:61:54:b1:a3:fe:e2:68:4f:4e:fa:03:d7:d9:8b:1f:
1d:0e:08:16
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZFpYwc8HcLhqHLpqAWuqnCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwODE5MDY0NjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWVkYmQ5YTQ2OGUxZDUyOGI4NTA5MzM2ZGYzZGY4YjRlMjE4MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nYnkRtqN4wCO7NZgnLRptmdZOYR
JFfEeMKPTBudzxj5QWwlv/wZfZyDI/w+xbe6bcDxTsLbDdBqto4nE5Va7cdeL7a9
WnDa+iO0Cz/jtrsgTI1T8d859aVDByor/OR7fOKltSj1V3s7rHZb3CG8HX9Vs5+x
v3gFDzQoNeWiVf4Sh4nwWHZeBK7rC774JZiApYWHfFS2Z1hFJDoh5QGcSxmO9dcF
dk6D7mXYwSm2jtT//12l3v0o0UtsZ/wNOeuI+zcwl/BFT10ArarE6fg56OS2trDB
wcHWCDppoTDHLL7PClp2Bovi8R/B4AwLWBWKwsHz98nbI6brMs9aWjGXcQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCXtvZpGjh1Si4UJM23z34tOIYNXMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvSmUyOW1rYU9IVktMaFFremJmUGZpMDRoZzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQEPlQQAwQD
Vf4IAwQAVf4/MAwDBABV/nUDBANV/nADBABV/nsDBATZGEAwDQYJKoZIhvcNAQEL
BQADggEBAK1NN3s8co/msKfRtpnHhqqF8BZhJsuWdnEG4Tqd5YYYcfe/Q0S63wGD
7clyLTl8/TqMI2w+JbFsihVkjViLwoF9zD9KyoQjoa6no7Pg2K6kJCsbVuC+0D/u
WMW+e0jcMy3+xKOD8iSqhP+IJCG88dORmE3ulP2yEhItysEkPb8jDhjof8Ryfo4E
8mB5LRof5T3UWaRBxlOuZedcQlbA1Q271fqJOOv5PwRChLJ/I4TaUa6JIHH0AP5A
KZlnDzlF9t8ff7RtaasondZ6uhq+TSLO2XEQIGsShdPa+EfcHwi9UApu9f7mUgnt
jqxFemFUsaP+4mhPTvoD19mLHx0OCBY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:54 2025 by rpki-client