Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/JLzD24dx4vy84DT8MWu0JqEJ4J8.roa
File: JLzD24dx4vy84DT8MWu0JqEJ4J8.roa (raw, json)
Hash identifier: 2BsOWRebrhdT0E3uzBpnlpbeo0UV2i+2MbxpEKG6YKg=
Subject key identifier: 24:BC:C3:DB:87:71:E2:FC:BC:E0:34:FC:31:6B:B4:26:A1:09:E0:9F
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 018D3101B4BEDFA3F29BDB6C00FD14A826B4
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/JLzD24dx4vy84DT8MWu0JqEJ4J8.roa
Signing time: Mon 22 Jan 2024 11:50:11 +0000
ROA not before: Mon 22 Jan 2024 11:50:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29345
IP address blocks: 85.254.192.0/23 maxlen: 24
85.254.193.0/24 maxlen: 24
85.254.208.0/23 maxlen: 24
91.240.246.0/23 maxlen: 23
2a02:501::/32 maxlen: 32
2a02:501:2000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:01:b4:be:df:a3:f2:9b:db:6c:00:fd:14:a8:26:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 22 11:50:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24bcc3db8771e2fcbce034fc316bb426a109e09f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c2:40:e9:81:dc:6a:57:00:25:85:5b:47:78:
1a:86:05:79:7f:76:d7:50:b1:5d:bd:38:fc:f1:1a:
34:a8:1e:51:b8:ad:e6:a8:83:e5:7f:85:bc:93:a0:
c6:e7:4e:b3:75:14:1a:90:6a:2a:52:85:34:1f:ba:
93:a8:5a:b2:5d:60:1c:6d:fc:69:3f:3c:43:7e:d5:
32:d8:5a:e9:69:cd:f5:83:38:18:c7:2b:4d:c2:df:
62:a9:8b:07:0a:94:d4:45:8f:9f:78:56:e5:f9:0c:
e4:e2:8c:c4:bd:b9:1f:d7:d3:77:36:9a:4d:d2:65:
04:45:e1:2a:fa:23:a8:f0:aa:b4:68:83:d1:b9:a0:
a5:45:6b:71:9d:69:f0:56:df:9f:55:0f:79:88:b3:
70:5b:36:7e:b3:d9:e8:82:b9:53:8e:4e:fb:fd:c7:
e2:2e:46:51:ed:f2:c1:da:84:0b:6f:20:e5:a9:a7:
2b:ed:b2:fb:a1:47:a2:85:dd:4b:75:65:c3:f2:f9:
c2:33:da:7d:d3:52:93:96:f1:3c:f9:42:e8:6d:79:
a5:5a:7d:d4:90:16:af:a7:d3:f2:fd:8c:cc:57:c4:
e8:c0:15:a4:77:d5:f6:1f:a5:cd:dd:cd:8c:f5:61:
4f:64:99:e1:7b:6a:a7:9e:35:0a:a6:4d:c4:19:bd:
fd:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:BC:C3:DB:87:71:E2:FC:BC:E0:34:FC:31:6B:B4:26:A1:09:E0:9F
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/JLzD24dx4vy84DT8MWu0JqEJ4J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.192.0/23
85.254.208.0/23
91.240.246.0/23
IPv6:
2a02:501::/32
Signature Algorithm: sha256WithRSAEncryption
5b:77:48:0f:07:af:0e:ba:ef:cc:8f:59:19:52:e5:db:b2:8d:
e0:32:53:0b:9b:b5:49:f7:24:9d:30:63:2f:b2:07:90:a6:5c:
0a:4e:ad:66:1d:75:fb:f7:fb:fc:fa:00:c7:ab:3b:63:4b:02:
21:19:28:b1:39:26:96:94:81:eb:f5:f5:71:1e:60:29:ed:3c:
70:01:ec:d4:f2:83:ed:a7:70:74:61:c6:8b:3e:a5:29:6d:16:
df:72:f6:18:13:2e:43:13:46:f7:9d:15:5e:51:77:22:68:e8:
e0:d5:a2:0a:41:d7:ee:c0:5a:85:67:62:22:dd:9f:e5:0c:43:
e9:8c:ce:f0:c3:d4:da:d2:2f:3b:8a:e3:5b:cb:f7:78:3f:83:
21:f7:c3:e6:1d:75:2f:7e:f9:1e:3c:40:de:8b:4b:d5:5b:b0:
54:ea:60:7b:ec:fe:b5:91:41:22:95:eb:57:a9:f4:b4:09:1b:
63:23:75:79:63:98:25:67:ce:4d:26:79:5a:b7:85:58:15:ca:
e5:03:55:f8:e6:4f:b4:f2:ac:b7:4b:f0:f9:d7:d1:36:58:6f:
e3:5e:e9:e0:d8:f0:4b:1c:4d:b0:7d:21:af:09:40:31:4c:2b:
97:20:d9:3b:74:01:d3:e0:b3:de:57:71:4e:19:9d:33:4a:72:
7a:24:90:68
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY0xAbS+36Pym9tsAP0UqCa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl
Njg2YzUwHhcNMjQwMTIyMTE1MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGJjYzNkYjg3NzFlMmZjYmNlMDM0ZmMzMTZiYjQyNmExMDllMDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycJA6YHcalcAJYVbR3gahgV5f3bX
ULFdvTj88Ro0qB5RuK3mqIPlf4W8k6DG506zdRQakGoqUoU0H7qTqFqyXWAcbfxp
PzxDftUy2Frpac31gzgYxytNwt9iqYsHCpTURY+feFbl+Qzk4ozEvbkf19N3NppN
0mUEReEq+iOo8Kq0aIPRuaClRWtxnWnwVt+fVQ95iLNwWzZ+s9nogrlTjk77/cfi
LkZR7fLB2oQLbyDlqacr7bL7oUeihd1LdWXD8vnCM9p901KTlvE8+ULobXmlWn3U
kBavp9Py/YzMV8TowBWkd9X2H6XN3c2M9WFPZJnhe2qnnjUKpk3EGb39bQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCS8w9uHceL8vOA0/DFrtCahCeCfMB8GA1UdIwQY
MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt
OTQ5MTRmNWRkYjNjLzEvSkx6RDI0ZHg0dnk4NERUOE1XdTBKcUVKNEo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj
LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBVf7AAwQB
Vf7QAwQBW/D2MA0EAgACMAcDBQAqAgUBMA0GCSqGSIb3DQEBCwUAA4IBAQBbd0gP
B68Ouu/Mj1kZUuXbso3gMlMLm7VJ9ySdMGMvsgeQplwKTq1mHXX79/v8+gDHqztj
SwIhGSixOSaWlIHr9fVxHmAp7TxwAezU8oPtp3B0YcaLPqUpbRbfcvYYEy5DE0b3
nRVeUXciaOjg1aIKQdfuwFqFZ2Ii3Z/lDEPpjM7ww9Ta0i87iuNby/d4P4Mh98Pm
HXUvfvkePEDei0vVW7BU6mB77P61kUEiletXqfS0CRtjI3V5Y5glZ85NJnlat4VY
FcrlA1X45k+08qy3S/D519E2WG/jXung2PBLHE2wfSGvCUAxTCuXINk7dAHT4LPe
V3FOGZ0zSnJ6JJBo
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:27 2025 by rpki-client