Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/jZpyRLQIL3n4LUPwRBHYAnY7dnY.roa
File: jZpyRLQIL3n4LUPwRBHYAnY7dnY.roa (raw, json)
Hash identifier: kp+ZpDdBVy7Vnw6xiW71vPmqmo7ydMRnHXWVr5pMBTM=
Subject key identifier: 8D:9A:72:44:B4:08:2F:79:F8:2D:43:F0:44:11:D8:02:76:3B:76:76
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 01956714527186700723132547BFD3C8A240
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/jZpyRLQIL3n4LUPwRBHYAnY7dnY.roa
Signing time: Wed 05 Mar 2025 16:12:19 +0000
ROA not before: Wed 05 Mar 2025 16:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.0.0/24 maxlen: 24
144.56.8.0/24 maxlen: 24
144.56.10.0/24 maxlen: 24
144.56.11.0/24 maxlen: 24
144.56.13.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.18.0/24 maxlen: 24
144.56.19.0/24 maxlen: 24
144.56.20.0/24 maxlen: 24
144.56.21.0/24 maxlen: 24
144.56.22.0/24 maxlen: 24
144.56.23.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.25.0/24 maxlen: 24
144.56.26.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
144.56.28.0/24 maxlen: 24
144.56.29.0/24 maxlen: 24
144.56.30.0/24 maxlen: 24
144.56.31.0/24 maxlen: 24
144.56.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 14:02:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:14:52:71:86:70:07:23:13:25:47:bf:d3:c8:a2:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Mar 5 16:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d9a7244b4082f79f82d43f04411d802763b7676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:42:34:6d:1d:20:0c:b0:35:84:c9:91:bd:9f:
4b:e4:c1:29:de:46:2f:f9:40:57:27:07:50:2e:12:
15:14:82:b9:0a:f2:09:90:0e:53:78:14:e8:55:a9:
a1:9e:47:4f:22:c9:4b:78:40:c7:29:93:33:b8:2f:
67:f4:0e:35:e7:83:46:8d:10:00:bf:a8:e1:4b:fb:
11:5b:36:4f:ba:5b:9c:48:0a:15:a7:63:7f:ba:23:
ff:ba:82:ae:b0:ac:07:82:9a:90:49:bb:33:5b:73:
68:d6:9c:12:c0:44:42:93:63:57:1c:63:fa:98:e9:
ec:66:35:aa:9a:ab:d8:11:64:16:19:26:5b:fd:53:
5b:ce:71:10:db:7c:c5:72:ba:08:cb:62:b1:2d:32:
3c:f9:87:86:86:c2:fc:10:d4:9d:8a:cc:69:a2:37:
b6:69:5c:25:74:cd:8f:88:f6:27:3e:9a:b7:26:4d:
3e:77:e3:82:2c:55:5e:c6:11:52:0e:5b:5a:f0:aa:
82:d7:81:a1:86:6c:7f:4d:bc:b5:00:a8:eb:4d:eb:
98:a8:14:ad:8c:88:16:23:e7:13:9b:3e:dd:b8:26:
d0:52:c4:ca:88:1e:6a:5b:d7:f7:8c:58:5b:d2:a0:
5c:51:35:98:1f:4b:48:3f:71:f8:7a:95:61:4a:58:
6d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:9A:72:44:B4:08:2F:79:F8:2D:43:F0:44:11:D8:02:76:3B:76:76
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/jZpyRLQIL3n4LUPwRBHYAnY7dnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.0.0/24
144.56.8.0/24
144.56.10.0/23
144.56.13.0/24
144.56.17.0-144.56.32.255
Signature Algorithm: sha256WithRSAEncryption
61:39:10:af:cf:69:a7:c2:b1:f7:31:56:cb:69:60:23:4a:5a:
e7:44:19:04:d9:60:98:2c:61:6f:89:9c:98:46:1f:bc:35:49:
d5:17:2e:45:b6:69:33:75:11:39:ee:c9:4e:e5:d5:5e:8e:a4:
64:4a:f2:6a:5a:56:7d:67:d2:b7:ac:e5:ec:3a:67:a6:ac:44:
45:6c:bd:85:e9:5e:10:f0:25:90:19:ad:50:a2:ca:a1:1c:d5:
44:9a:15:33:45:64:c8:02:d4:95:02:16:74:1a:95:c9:ae:e7:
7b:00:93:88:27:b0:2a:21:19:d3:40:18:20:81:4a:c6:86:8c:
fd:36:d9:da:0f:a1:d2:0a:f2:d4:bc:88:6b:b4:a6:16:e4:29:
a3:72:49:47:73:66:e7:cb:ad:28:08:db:44:d4:15:12:2c:37:
45:f0:45:e1:97:85:27:90:93:c9:07:c7:bd:10:85:43:81:2f:
de:87:62:8a:dd:03:77:95:05:25:db:2b:85:d8:5d:c0:0f:c4:
b2:a3:be:b3:49:40:51:49:73:06:08:97:f4:0d:8a:2a:f6:97:
1c:93:5b:96:55:41:d6:18:9b:1f:7c:14:50:de:99:57:26:d5:
1d:84:52:e4:83:4b:2d:8c:bc:aa:7f:c0:a8:c7:fb:03:27:d0:
df:04:8b:7b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZVnFFJxhnAHIxMlR7/TyKJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwMzA1MTYxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDlhNzI0NGI0MDgyZjc5ZjgyZDQzZjA0NDExZDgwMjc2M2I3Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUI0bR0gDLA1hMmRvZ9L5MEp3kYv
+UBXJwdQLhIVFIK5CvIJkA5TeBToVamhnkdPIslLeEDHKZMzuC9n9A4154NGjRAA
v6jhS/sRWzZPulucSAoVp2N/uiP/uoKusKwHgpqQSbszW3No1pwSwERCk2NXHGP6
mOnsZjWqmqvYEWQWGSZb/VNbznEQ23zFcroIy2KxLTI8+YeGhsL8ENSdisxpoje2
aVwldM2PiPYnPpq3Jk0+d+OCLFVexhFSDlta8KqC14Ghhmx/Tby1AKjrTeuYqBSt
jIgWI+cTmz7duCbQUsTKiB5qW9f3jFhb0qBcUTWYH0tIP3H4epVhSlhtvQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFI2ackS0CC95+C1D8EQR2AJ2O3Z2MB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvalpweVJMUUlMM240TFVQd1JCSFlBblk3ZG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAkDgAAwQA
kDgIAwQBkDgKAwQAkDgNMAwDBACQOBEDBACQOCAwDQYJKoZIhvcNAQELBQADggEB
AGE5EK/PaafCsfcxVstpYCNKWudEGQTZYJgsYW+JnJhGH7w1SdUXLkW2aTN1ETnu
yU7l1V6OpGRK8mpaVn1n0res5ew6Z6asREVsvYXpXhDwJZAZrVCiyqEc1USaFTNF
ZMgC1JUCFnQalcmu53sAk4gnsCohGdNAGCCBSsaGjP022doPodIK8tS8iGu0phbk
KaNySUdzZufLrSgI20TUFRIsN0XwReGXhSeQk8kHx70QhUOBL96HYordA3eVBSXb
K4XYXcAPxLKjvrNJQFFJcwYIl/QNiir2lxyTW5ZVQdYYmx98FFDemVcm1R2EUuSD
Sy2MvKp/wKjH+wMn0N8Ei3s=
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:57:44 2025 by rpki-client