Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JJG50g-nYjc0sPnY2ryxAUigrGU.roa
File: JJG50g-nYjc0sPnY2ryxAUigrGU.roa (raw, json)
Hash identifier: sBOy/MKh6DTz+qzzF3fv5jAVHXJ7Ptq2fqrw0Nxlq5M=
Subject key identifier: 24:91:B9:D2:0F:A7:62:37:34:B0:F9:D8:DA:BC:B1:01:48:A0:AC:65
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019397A67A7955AB80159D677AE1679EE5CD
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JJG50g-nYjc0sPnY2ryxAUigrGU.roa
Signing time: Thu 05 Dec 2024 16:28:10 +0000
ROA not before: Thu 05 Dec 2024 16:28:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214614
IP address blocks: 193.124.186.0/23 maxlen: 23
193.124.186.0/24 maxlen: 24
193.124.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:97:a6:7a:79:55:ab:80:15:9d:67:7a:e1:67:9e:e5:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Dec 5 16:28:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2491b9d20fa7623734b0f9d8dabcb10148a0ac65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b4:53:42:23:c6:13:68:8a:c1:ed:bc:20:30:
93:00:c7:51:2e:4d:2e:83:a8:1c:38:9e:3d:01:bd:
2c:87:1e:64:2e:29:c5:fb:cc:21:99:6e:64:38:ef:
8a:7d:32:c7:9b:53:07:43:74:75:41:ff:7e:8a:53:
ef:b9:45:6a:c6:b0:e0:50:fd:42:4c:bb:4f:7d:2c:
ab:12:0b:0c:92:e1:cc:66:db:6d:e7:50:a3:d1:ca:
59:da:b6:fc:74:b3:07:1d:1a:b0:54:69:93:19:cc:
5e:6d:4e:58:b8:29:0f:61:07:1b:06:f9:06:d0:bf:
1f:f9:b8:cf:dd:91:d2:b5:08:64:d7:b9:d2:73:b3:
bd:8a:47:44:82:ed:7e:3f:49:81:80:69:f0:56:3b:
7e:b2:68:3b:b1:dd:b2:14:09:17:e4:01:90:aa:27:
14:64:82:30:35:8b:61:33:97:0e:04:bc:34:36:ff:
99:0d:56:3d:54:9d:d4:ec:69:ac:49:f6:c2:40:81:
e0:a0:f2:27:fa:f0:c4:cb:5f:7b:69:bb:00:8a:68:
0d:45:af:51:0f:66:d4:17:c5:b9:03:0c:cb:23:09:
32:5f:0f:e0:57:27:f6:40:14:c3:a5:bf:74:b7:ab:
ea:0a:f9:c8:b8:13:5b:81:f8:4f:4d:85:2f:57:f0:
3b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:91:B9:D2:0F:A7:62:37:34:B0:F9:D8:DA:BC:B1:01:48:A0:AC:65
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JJG50g-nYjc0sPnY2ryxAUigrGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.186.0/23
Signature Algorithm: sha256WithRSAEncryption
15:71:c6:2b:06:e5:1a:f1:a3:b0:b6:c1:75:7d:2c:73:65:0c:
c0:c1:e6:fc:56:1e:b1:20:18:07:3c:49:df:ca:87:41:8e:2c:
06:d8:d2:b1:f2:fc:7e:90:87:f2:77:b5:95:bc:9e:b2:e9:8e:
80:e7:2b:1d:5c:dd:33:96:34:fa:ea:09:75:69:8c:17:3f:90:
e5:65:34:1e:52:b4:c5:f2:e4:64:86:7e:58:19:a9:b3:14:79:
9d:2b:83:19:95:a2:b9:ec:73:7c:76:bf:d9:45:36:1f:24:45:
10:bd:d9:75:0d:e9:93:74:ea:63:c6:fa:3b:32:7c:71:d1:15:
66:82:f2:22:d8:0c:7e:02:3f:97:1e:65:de:f7:c9:be:c2:20:
31:f2:71:9c:ce:d0:d1:62:9d:e8:71:2d:87:c4:92:10:9c:5a:
77:b0:ff:0d:ec:7b:68:80:22:f3:d9:79:c7:d1:09:40:5a:6a:
cb:8c:b7:73:42:84:0d:9d:2f:6e:c6:27:04:e5:96:83:34:02:
3f:74:91:da:80:57:e6:6b:cd:bb:83:7d:08:4e:f5:83:ec:8a:
c2:a6:c5:4c:f8:76:0c:78:1e:2b:fb:3d:79:17:f7:f9:2c:0b:
4f:ce:29:93:6e:52:6b:30:7b:83:35:d2:fe:bf:74:62:92:95:
9c:55:c6:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOXpnp5VauAFZ1neuFnnuXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQxMjA1MTYyODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDkxYjlkMjBmYTc2MjM3MzRiMGY5ZDhkYWJjYjEwMTQ4YTBhYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bRTQiPGE2iKwe28IDCTAMdRLk0u
g6gcOJ49Ab0shx5kLinF+8whmW5kOO+KfTLHm1MHQ3R1Qf9+ilPvuUVqxrDgUP1C
TLtPfSyrEgsMkuHMZttt51Cj0cpZ2rb8dLMHHRqwVGmTGcxebU5YuCkPYQcbBvkG
0L8f+bjP3ZHStQhk17nSc7O9ikdEgu1+P0mBgGnwVjt+smg7sd2yFAkX5AGQqicU
ZIIwNYthM5cOBLw0Nv+ZDVY9VJ3U7GmsSfbCQIHgoPIn+vDEy197absAimgNRa9R
D2bUF8W5AwzLIwkyXw/gVyf2QBTDpb90t6vqCvnIuBNbgfhPTYUvV/A7PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCSRudIPp2I3NLD52Nq8sQFIoKxlMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSkpHNTBnLW5ZamMwc1BuWTJyeXhBVWlnckdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwXy6MA0G
CSqGSIb3DQEBCwUAA4IBAQAVccYrBuUa8aOwtsF1fSxzZQzAweb8Vh6xIBgHPEnf
yodBjiwG2NKx8vx+kIfyd7WVvJ6y6Y6A5ysdXN0zljT66gl1aYwXP5DlZTQeUrTF
8uRkhn5YGamzFHmdK4MZlaK57HN8dr/ZRTYfJEUQvdl1DemTdOpjxvo7Mnxx0RVm
gvIi2Ax+Aj+XHmXe98m+wiAx8nGcztDRYp3ocS2HxJIQnFp3sP8N7HtogCLz2XnH
0QlAWmrLjLdzQoQNnS9uxicE5ZaDNAI/dJHagFfma827g30ITvWD7IrCpsVM+HYM
eB4r+z15F/f5LAtPzimTblJrMHuDNdL+v3RikpWcVcYB
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:57:08 2025 by rpki-client