Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/ij425tzU43jhQFILaNrHzCTgx_Y.roa
File: ij425tzU43jhQFILaNrHzCTgx_Y.roa (raw, json)
Hash identifier: egW7aWeDZhAtQrGw5CKj+9wbixq4V2arioz2676QOt8=
Subject key identifier: 8A:3E:36:E6:DC:D4:E3:78:E1:40:52:0B:68:DA:C7:CC:24:E0:C7:F6
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 01938DD4709D5FD394489F61258C36359309
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/ij425tzU43jhQFILaNrHzCTgx_Y.roa
Signing time: Tue 03 Dec 2024 18:42:10 +0000
ROA not before: Tue 03 Dec 2024 18:42:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30058
IP address blocks: 2.59.22.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
213.254.179.0/24 maxlen: 24
2a01:e943::/48 maxlen: 48
2a01:e945::/48 maxlen: 48
2a01:e947::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:d4:70:9d:5f:d3:94:48:9f:61:25:8c:36:35:93:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Dec 3 18:42:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a3e36e6dcd4e378e140520b68dac7cc24e0c7f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e0:b9:fa:1e:53:e4:25:aa:3d:d8:dc:21:4c:
09:25:b6:49:15:3f:9f:64:f2:53:0e:b0:69:95:81:
6f:59:2f:8b:c7:a1:10:80:50:fc:10:2d:c3:06:b1:
d7:ab:16:7a:2c:22:24:86:d1:18:d7:77:ea:c1:1e:
b8:8c:35:fc:b0:23:69:79:97:56:cd:16:24:3a:8a:
ea:a7:a6:43:26:d1:95:78:b3:32:85:70:58:17:85:
3d:80:53:39:1e:a7:f7:0f:04:8f:32:b4:06:e2:9f:
03:d6:10:f8:15:3d:2b:6f:8f:b2:01:fc:34:94:da:
6c:33:b8:32:14:77:e4:0b:51:76:2a:5b:1f:ae:53:
12:c4:dc:c9:93:2f:33:75:42:76:56:07:f3:9c:fe:
d1:98:29:1c:0a:20:fc:87:b8:91:24:ab:e4:ec:0f:
e3:0a:82:c6:e0:f4:d7:a8:88:80:f7:48:8d:bb:e2:
62:88:3f:a4:a3:b4:ae:70:09:50:77:41:90:dc:94:
de:ab:df:32:50:03:96:b7:8e:19:d4:fa:ba:ab:f5:
cc:48:5c:fb:bd:63:27:2d:69:07:01:24:16:0d:9b:
6a:61:36:e7:2c:3a:36:1f:d0:b5:37:c5:32:3f:4b:
11:f6:0f:42:bd:b6:7a:99:d2:ed:e6:02:b1:44:74:
9f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:3E:36:E6:DC:D4:E3:78:E1:40:52:0B:68:DA:C7:CC:24:E0:C7:F6
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/ij425tzU43jhQFILaNrHzCTgx_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
212.104.141.0/24
213.254.179.0/24
IPv6:
2a01:e943::/48
2a01:e945::/48
2a01:e947::/48
Signature Algorithm: sha256WithRSAEncryption
5a:b9:b1:8a:d3:01:60:65:1a:22:1b:32:60:12:79:81:e5:27:
25:cc:0f:54:ce:7c:b2:3c:ec:08:2a:c1:f9:44:c1:e6:15:2b:
f9:0a:79:c8:e1:4b:94:2c:6e:af:83:d6:fc:1e:b2:8f:75:8b:
02:11:f9:b3:40:56:0d:83:e4:a2:9e:36:00:e1:97:63:d7:28:
80:43:cf:3a:48:20:3a:55:34:3d:c1:60:c7:2a:6a:4c:fd:99:
bf:c8:7a:0d:69:a3:2f:ee:cd:d1:c4:98:e7:31:e8:8b:96:7f:
42:fc:ea:5d:8b:c5:48:be:80:cf:82:ab:a5:5c:82:bf:b5:12:
99:6f:f9:aa:45:7f:4d:58:96:f3:d9:3b:65:b3:17:08:21:cc:
35:ad:65:85:40:9d:cd:7c:d3:54:9d:cb:e4:d3:53:99:32:20:
26:c3:0a:72:9e:ab:3c:c8:98:58:c4:55:3d:73:97:c3:84:59:
17:fa:3f:0d:5a:c9:57:f0:62:41:54:09:c0:61:b7:b2:be:c0:
c7:59:f8:1b:2f:1d:1e:8c:20:e1:97:02:62:55:79:c9:72:84:
85:e5:5d:9c:b7:30:93:ed:fc:d0:cb:0c:40:9d:46:fb:e3:97:
97:c5:3d:b6:9e:d6:e8:ad:52:6a:36:4b:63:02:52:6f:79:64:
a8:d3:84:cb
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZON1HCdX9OUSJ9hJYw2NZMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjQxMjAzMTg0MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTNlMzZlNmRjZDRlMzc4ZTE0MDUyMGI2OGRhYzdjYzI0ZTBjN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOC5+h5T5CWqPdjcIUwJJbZJFT+f
ZPJTDrBplYFvWS+Lx6EQgFD8EC3DBrHXqxZ6LCIkhtEY13fqwR64jDX8sCNpeZdW
zRYkOorqp6ZDJtGVeLMyhXBYF4U9gFM5Hqf3DwSPMrQG4p8D1hD4FT0rb4+yAfw0
lNpsM7gyFHfkC1F2KlsfrlMSxNzJky8zdUJ2VgfznP7RmCkcCiD8h7iRJKvk7A/j
CoLG4PTXqIiA90iNu+JiiD+ko7SucAlQd0GQ3JTeq98yUAOWt44Z1Pq6q/XMSFz7
vWMnLWkHASQWDZtqYTbnLDo2H9C1N8UyP0sR9g9CvbZ6mdLt5gKxRHSfWwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIo+Nubc1ON44UBSC2jax8wk4Mf2MB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvaWo0MjV0elU0M2poUUZJTGFOckh6Q1RneF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAAjsWAwQA
1GiNAwQA1f6zMCEEAgACMBsDBwAqAelDAAADBwAqAelFAAADBwAqAelHAAAwDQYJ
KoZIhvcNAQELBQADggEBAFq5sYrTAWBlGiIbMmASeYHlJyXMD1TOfLI87AgqwflE
weYVK/kKecjhS5Qsbq+D1vweso91iwIR+bNAVg2D5KKeNgDhl2PXKIBDzzpIIDpV
ND3BYMcqakz9mb/Ieg1poy/uzdHEmOcx6IuWf0L86l2LxUi+gM+Cq6Vcgr+1Eplv
+apFf01YlvPZO2WzFwghzDWtZYVAnc1801Sdy+TTU5kyICbDCnKeqzzImFjEVT1z
l8OEWRf6Pw1ayVfwYkFUCcBht7K+wMdZ+BsvHR6MIOGXAmJVeclyhIXlXZy3MJPt
/NDLDECdRvvjl5fFPbae1uitUmo2S2MCUm95ZKjThMs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:13:36 2025 by rpki-client