Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/JPgq4KPC9obDmBiKUaOfipJ9Shc.roa
File: JPgq4KPC9obDmBiKUaOfipJ9Shc.roa (raw, json)
Hash identifier: VlKfi3DkTfk4vC/lEkAuU4D4PB+n0IKi/iDWEry4Kuk=
Subject key identifier: 24:F8:2A:E0:A3:C2:F6:86:C3:98:18:8A:51:A3:9F:8A:92:7D:4A:17
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019422FBB62BD5B4165A6DE293DAE77D4D68
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/JPgq4KPC9obDmBiKUaOfipJ9Shc.roa
Signing time: Wed 01 Jan 2025 17:48:28 +0000
ROA not before: Wed 01 Jan 2025 17:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60721
IP address blocks: 45.88.136.0/23 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 16:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b6:2b:d5:b4:16:5a:6d:e2:93:da:e7:7d:4d:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 1 17:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24f82ae0a3c2f686c398188a51a39f8a927d4a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:72:22:d7:d9:cb:fc:8e:b7:4b:d4:f4:20:32:
f4:fd:aa:45:58:08:87:2c:70:a5:ad:89:e9:3d:af:
a7:42:3e:37:0c:10:4e:a6:51:72:8d:27:f6:fe:38:
af:e8:bf:14:95:1b:c8:18:90:b3:3c:89:a5:64:9b:
dc:95:28:b9:38:d7:83:eb:28:04:51:27:66:b9:7b:
0f:07:ed:1b:d5:f5:e0:b8:e6:39:43:2f:09:4e:e3:
f0:bb:5a:2f:73:d2:95:27:43:7b:08:90:50:88:bb:
4a:cc:22:d1:ab:77:bd:f9:bb:53:3c:2e:30:2e:b4:
32:2e:86:2e:11:5c:9e:3e:a5:70:c3:d1:61:11:3d:
8b:01:ac:94:e6:76:67:83:f5:b8:e2:1c:47:e6:f5:
7b:37:3e:b9:f0:8e:f7:b5:b1:c4:4a:2c:a0:c9:5e:
87:eb:98:85:a4:99:45:46:13:6d:dd:56:8f:79:c5:
95:dc:56:ff:0e:ae:cc:a9:2c:9f:fc:66:22:39:65:
84:1e:06:93:9b:8a:98:17:36:91:f1:a8:78:55:b3:
dc:b1:67:cf:41:d2:b3:81:23:a3:ec:30:c4:12:6d:
6d:69:b1:48:f3:01:e1:ee:10:11:03:9f:44:26:c5:
fe:ec:ab:76:8d:3f:70:71:b7:5e:2d:5c:24:ea:e9:
03:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F8:2A:E0:A3:C2:F6:86:C3:98:18:8A:51:A3:9F:8A:92:7D:4A:17
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/JPgq4KPC9obDmBiKUaOfipJ9Shc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.136.0/23
45.132.182.0/23
45.144.212.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:76:4a:3e:0b:6e:cd:ad:f2:c8:a0:a5:52:63:1b:e3:35:40:
75:00:a7:65:02:63:17:ec:09:a9:40:96:7b:e9:6d:49:d0:7e:
fe:00:40:47:6a:76:2b:d4:93:a2:b1:55:86:58:e2:90:05:0d:
c6:d2:9e:ff:12:ff:e3:23:f6:1c:56:ac:bb:ce:40:1e:d0:1e:
5f:99:fc:93:62:71:5b:77:f1:e8:96:d0:13:7a:07:60:0e:94:
cf:ed:20:b9:c8:ed:c4:82:b8:c6:ea:f4:27:22:78:4d:a6:8b:
59:97:2b:95:87:fb:11:e3:b2:ba:1a:dc:69:3a:c2:b1:2e:7c:
fe:07:6f:14:a0:ce:e2:9c:c9:1d:da:f0:70:9c:06:3d:96:05:
5b:49:21:b0:cd:50:2c:80:6d:90:79:39:07:84:44:03:88:17:
79:1f:1a:79:9b:0d:38:59:31:62:c3:b6:55:b0:5d:20:66:b3:
b3:90:c5:8a:a5:82:be:1a:d1:0d:9a:a0:3c:49:4c:6a:ff:09:
42:6c:59:86:ca:1f:9a:10:7a:e8:fd:2b:1f:41:b6:e4:8a:2e:
3e:61:ef:27:7c:9b:db:12:2d:6f:8a:d8:e6:97:cf:40:a2:4e:
88:11:d3:d9:61:b6:06:2b:05:cc:0a:64:c8:3e:55:3d:08:4d:
85:03:87:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi+7Yr1bQWWm3ik9rnfU1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTAxMTc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGY4MmFlMGEzYzJmNjg2YzM5ODE4OGE1MWEzOWY4YTkyN2Q0YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XIi19nL/I63S9T0IDL0/apFWAiH
LHClrYnpPa+nQj43DBBOplFyjSf2/jiv6L8UlRvIGJCzPImlZJvclSi5ONeD6ygE
USdmuXsPB+0b1fXguOY5Qy8JTuPwu1ovc9KVJ0N7CJBQiLtKzCLRq3e9+btTPC4w
LrQyLoYuEVyePqVww9FhET2LAayU5nZng/W44hxH5vV7Nz658I73tbHESiygyV6H
65iFpJlFRhNt3VaPecWV3Fb/Dq7MqSyf/GYiOWWEHgaTm4qYFzaR8ah4VbPcsWfP
QdKzgSOj7DDEEm1tabFI8wHh7hARA59EJsX+7Kt2jT9wcbdeLVwk6ukD0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCT4KuCjwvaGw5gYilGjn4qSfUoXMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSlBncTRLUEM5b2JEbUJpS1VhT2ZpcEo5U2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLViIAwQB
LYS2AwQALZDUMA0GCSqGSIb3DQEBCwUAA4IBAQA7dko+C27NrfLIoKVSYxvjNUB1
AKdlAmMX7AmpQJZ76W1J0H7+AEBHanYr1JOisVWGWOKQBQ3G0p7/Ev/jI/YcVqy7
zkAe0B5fmfyTYnFbd/HoltATegdgDpTP7SC5yO3EgrjG6vQnInhNpotZlyuVh/sR
47K6GtxpOsKxLnz+B28UoM7inMkd2vBwnAY9lgVbSSGwzVAsgG2QeTkHhEQDiBd5
Hxp5mw04WTFiw7ZVsF0gZrOzkMWKpYK+GtENmqA8SUxq/wlCbFmGyh+aEHro/Ssf
Qbbkii4+Ye8nfJvbEi1vitjml89Aok6IEdPZYbYGKwXMCmTIPlU9CE2FA4cm
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:59:08 2025 by rpki-client