Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/J5XmpPRGJHbcTaCVFqk2E8thouY.roa
File: J5XmpPRGJHbcTaCVFqk2E8thouY.roa (raw, json)
Hash identifier: WjiWjzws6tOYoLvKl3Ko5RP+toYlgOz4gjAFUTf8e0s=
Subject key identifier: 27:95:E6:A4:F4:46:24:76:DC:4D:A0:95:16:A9:36:13:CB:61:A2:E6
Certificate issuer: /CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Certificate serial: 018FE3E8ACCA4AFEFE71CFE4B8A29790577A
Authority key identifier: DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/J5XmpPRGJHbcTaCVFqk2E8thouY.roa
Signing time: Tue 04 Jun 2024 15:40:27 +0000
ROA not before: Tue 04 Jun 2024 15:40:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13335
IP address blocks: 25.129.196.0/23 maxlen: 23
25.129.198.0/23 maxlen: 23
2a08:600:e0::/47 maxlen: 47
2a08:600:ee::/47 maxlen: 47
Validation: Failed, certificate revoked on Thu 04 Jul 2024 15:56:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:e8:ac:ca:4a:fe:fe:71:cf:e4:b8:a2:97:90:57:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Validity
Not Before: Jun 4 15:40:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2795e6a4f4462476dc4da09516a93613cb61a2e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:03:0b:3e:f7:fe:37:47:11:c4:5b:32:b1:60:
f0:a2:88:5b:33:92:6c:cc:d9:37:f9:34:c9:8b:2f:
7e:e1:5d:f7:7e:11:0b:2b:19:25:f3:13:3d:23:ad:
e2:77:96:4b:da:c6:bb:61:38:e0:b8:c5:7d:60:9f:
83:f5:2d:94:86:31:4a:dc:ab:2d:db:c2:5f:e0:cb:
6c:7a:29:9b:28:be:0e:a5:16:52:35:5e:42:c7:1a:
ed:04:71:03:82:21:02:97:4b:b9:72:c0:92:cb:4c:
92:51:bb:31:94:9b:33:85:1c:0b:d5:5c:98:46:a5:
6b:83:cf:aa:ba:4b:64:51:a9:7f:71:19:95:25:24:
a2:b8:7f:43:ca:9d:44:d8:90:a3:15:8d:ad:07:73:
2b:74:c0:dc:f1:56:c4:5a:23:bc:b9:8e:93:fd:d9:
32:a8:d1:91:14:a2:bf:da:ce:16:4d:bd:6b:29:51:
05:73:17:73:80:62:78:a8:12:95:ba:2a:49:4e:94:
56:b7:7c:8c:82:8f:c4:1e:ab:a7:e9:83:76:3f:4f:
9a:93:6e:09:3b:8c:2c:56:96:25:01:1a:91:44:46:
62:1b:23:15:34:d4:a5:29:10:60:a9:3b:df:27:d8:
b4:a5:f1:32:b7:e6:40:85:79:d7:be:8c:d3:05:d4:
41:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:95:E6:A4:F4:46:24:76:DC:4D:A0:95:16:A9:36:13:CB:61:A2:E6
X509v3 Authority Key Identifier:
keyid:DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/J5XmpPRGJHbcTaCVFqk2E8thouY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
25.129.196.0/22
IPv6:
2a08:600:e0::/47
2a08:600:ee::/47
Signature Algorithm: sha256WithRSAEncryption
75:6a:7c:31:d1:23:8f:34:e9:92:f6:2a:de:3a:b6:2f:3e:24:
6b:97:65:6e:87:d9:82:e1:31:a2:5f:44:83:04:6c:27:3b:bd:
f2:6c:d0:c3:bc:61:ca:12:90:3a:c5:85:6d:9d:ee:4b:2f:b8:
62:11:87:92:6d:3c:3c:bb:37:db:f6:41:e6:82:93:7f:51:50:
be:da:d1:ef:93:6a:7c:67:7b:b0:36:8b:3e:fb:dd:f6:98:78:
c8:e7:37:a1:e1:e9:c4:96:91:65:c6:6e:3f:93:9a:b3:75:8d:
55:9d:0f:09:89:78:4c:4d:63:1a:d9:47:fb:3b:2f:5d:ee:e9:
9f:93:a1:17:be:8f:e8:cf:84:dd:ee:7c:e5:e6:4e:25:1f:43:
4f:f2:63:e1:57:77:75:36:4e:87:93:54:05:a2:b7:8c:d0:c2:
84:0c:6f:33:88:79:54:da:16:ce:e0:c8:92:22:d4:64:60:95:
dc:8a:29:f4:85:c7:89:74:a2:9d:57:fb:a7:20:06:c0:08:9d:
0a:7c:d8:dd:80:da:13:22:d3:c0:5f:a7:4c:36:af:62:22:ad:
cc:33:a8:ce:1e:7e:0e:4a:a0:44:b4:80:7a:ee:8d:90:f4:4b:
3c:a4:66:45:e2:40:3f:f3:e7:c2:9d:a3:9c:a4:1e:c6:06:98:
29:ab:1c:58
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY/j6KzKSv7+cc/kuKKXkFd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDRlMTllMmJiNGU3MDIzY2MxYmExMGQ0OWI3NGVkZTRi
Zjg2NWMwHhcNMjQwNjA0MTU0MDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzk1ZTZhNGY0NDYyNDc2ZGM0ZGEwOTUxNmE5MzYxM2NiNjFhMmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugMLPvf+N0cRxFsysWDwoohbM5Js
zNk3+TTJiy9+4V33fhELKxkl8xM9I63id5ZL2sa7YTjguMV9YJ+D9S2UhjFK3Kst
28Jf4MtseimbKL4OpRZSNV5CxxrtBHEDgiECl0u5csCSy0ySUbsxlJszhRwL1VyY
RqVrg8+quktkUal/cRmVJSSiuH9Dyp1E2JCjFY2tB3MrdMDc8VbEWiO8uY6T/dky
qNGRFKK/2s4WTb1rKVEFcxdzgGJ4qBKVuipJTpRWt3yMgo/EHqun6YN2P0+ak24J
O4wsVpYlARqRREZiGyMVNNSlKRBgqTvfJ9i0pfEyt+ZAhXnXvozTBdRBCQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCeV5qT0RiR23E2glRapNhPLYaLmMB8GA1UdIwQY
MBaAFNxE4Z4rtOcCPMG6ENSbdO3kv4ZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjIt
NGM4MmFjZTcyYzg1LzEvSjVYbXBQUkdKSGJjVGFDVkZxazJFOHRob3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjItNGM4MmFjZTcyYzg1
LzEvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCGYHEMBgE
AgACMBIDBwEqCAYAAOADBwEqCAYAAO4wDQYJKoZIhvcNAQELBQADggEBAHVqfDHR
I4806ZL2Kt46ti8+JGuXZW6H2YLhMaJfRIMEbCc7vfJs0MO8YcoSkDrFhW2d7ksv
uGIRh5JtPDy7N9v2QeaCk39RUL7a0e+Tanxne7A2iz773faYeMjnN6Hh6cSWkWXG
bj+TmrN1jVWdDwmJeExNYxrZR/s7L13u6Z+ToRe+j+jPhN3ufOXmTiUfQ0/yY+FX
d3U2ToeTVAWit4zQwoQMbzOIeVTaFs7gyJIi1GRgldyKKfSFx4l0op1X+6cgBsAI
nQp82N2A2hMi08Bfp0w2r2IircwzqM4efg5KoES0gHrujZD0SzykZkXiQD/z58Kd
o5ykHsYGmCmrHFg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:47 2025 by rpki-client