Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/346966-069a-40b0-b143-41eaa1fde11b/1/jivTKur_kNq1Ymk1LImQttiyyxc.roa
File: jivTKur_kNq1Ymk1LImQttiyyxc.roa (raw, json)
Hash identifier: HnN3MH9UdogkxqdgT+Tk2SwWESLaW/0R0EE4IkS0hzo=
Subject key identifier: 8E:2B:D3:2A:EA:FF:90:DA:B5:62:69:35:2C:89:90:B6:D8:B2:CB:17
Certificate issuer: /CN=6689c3995e2461d5a52fd4f1000782f99a4d4822
Certificate serial: 018CC56E52213780DDE176839E3B257C616E
Authority key identifier: 66:89:C3:99:5E:24:61:D5:A5:2F:D4:F1:00:07:82:F9:9A:4D:48:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZonDmV4kYdWlL9TxAAeC-ZpNSCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/346966-069a-40b0-b143-41eaa1fde11b/1/jivTKur_kNq1Ymk1LImQttiyyxc.roa
Signing time: Mon 01 Jan 2024 14:29:50 +0000
ROA not before: Mon 01 Jan 2024 14:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24577
IP address blocks: 185.108.68.0/22 maxlen: 22
91.187.224.0/19 maxlen: 19
194.145.204.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:52:21:37:80:dd:e1:76:83:9e:3b:25:7c:61:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6689c3995e2461d5a52fd4f1000782f99a4d4822
Validity
Not Before: Jan 1 14:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e2bd32aeaff90dab56269352c8990b6d8b2cb17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d5:d1:e3:f6:78:0c:a2:a6:c3:01:9c:2c:f5:
93:cb:e6:0c:d7:62:73:7e:34:23:a5:f2:1c:ae:8a:
c7:93:93:6b:50:23:05:ce:b9:59:69:7a:48:47:76:
88:9c:70:95:bb:24:9e:b8:81:01:04:64:30:bd:25:
be:bc:8a:23:84:2e:35:2c:87:5f:8e:f9:4f:88:49:
5f:46:29:fb:39:22:2e:17:8b:d4:43:43:82:0e:5f:
78:ba:04:69:df:e3:25:d1:1a:91:88:af:6c:b3:dd:
8c:64:84:59:5d:d6:0d:05:77:02:bd:31:ad:0d:d0:
33:fa:93:f3:7b:cf:c9:12:8a:07:8a:be:ea:8c:5d:
f1:ac:2b:d9:c9:36:52:e0:d3:bb:af:ed:6d:8f:2e:
78:d3:be:d4:14:b4:cc:98:7e:d3:84:98:b0:e2:71:
86:5c:8b:4e:f7:1b:c2:64:27:7d:61:71:d4:b9:9d:
78:41:ff:61:a8:07:4e:15:39:fd:82:cb:68:61:c9:
07:a8:1a:49:88:df:6b:20:ca:b5:32:05:d6:bf:51:
df:85:83:c6:3c:03:58:21:46:84:07:f7:51:a6:71:
7e:10:eb:c8:87:a1:70:89:95:c7:7e:22:a1:23:12:
bb:d4:a5:cb:f3:74:60:80:c2:1b:3b:b8:ca:51:75:
87:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:2B:D3:2A:EA:FF:90:DA:B5:62:69:35:2C:89:90:B6:D8:B2:CB:17
X509v3 Authority Key Identifier:
keyid:66:89:C3:99:5E:24:61:D5:A5:2F:D4:F1:00:07:82:F9:9A:4D:48:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZonDmV4kYdWlL9TxAAeC-ZpNSCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/346966-069a-40b0-b143-41eaa1fde11b/1/jivTKur_kNq1Ymk1LImQttiyyxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/346966-069a-40b0-b143-41eaa1fde11b/1/ZonDmV4kYdWlL9TxAAeC-ZpNSCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.187.224.0/19
185.108.68.0/22
194.145.204.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:8d:58:ac:a9:7b:ba:34:08:75:9a:dd:f3:1b:4b:f3:76:eb:
1a:e0:4c:02:c9:83:bc:0d:c9:2b:91:74:db:4b:c1:1b:97:ac:
8e:4a:b7:75:6e:94:b2:5d:a8:3e:83:69:b4:43:cf:99:9d:c8:
13:27:06:7e:c7:34:04:38:9d:21:0b:fc:0b:8b:57:02:6b:50:
c9:e6:37:a2:c2:86:e5:cd:dc:a9:15:73:38:6d:08:b2:96:05:
fd:64:1c:32:7c:a5:e1:99:bf:33:5a:0e:f4:1c:4e:55:3e:a3:
2a:4b:e5:f7:6f:f4:23:98:a1:a9:ed:5f:2f:44:7e:31:3f:1f:
e1:dd:1d:0d:e7:47:39:ad:14:c6:bd:67:a8:4a:93:68:d7:a2:
7f:0c:b0:05:06:36:37:7c:40:a6:1f:7a:d8:11:e9:1d:f9:9b:
a8:ec:12:80:0b:4b:37:78:d6:90:ea:34:3a:ab:73:d5:0e:d8:
71:e6:47:13:94:89:c6:15:e3:46:b1:39:6c:b0:2b:6d:dc:c6:
5a:20:5e:76:6c:39:e5:ba:0f:84:2c:ed:f4:7f:b8:5e:2e:2c:
6e:2a:51:35:56:a7:44:ad:af:9a:29:e6:3d:90:c2:ac:69:62:
fa:8f:35:b3:2c:32:50:59:57:6a:6a:a0:96:00:4a:7c:04:6b:
46:98:68:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFblIhN4Dd4XaDnjslfGFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ODljMzk5NWUyNDYxZDVhNTJmZDRmMTAwMDc4MmY5OWE0
ZDQ4MjIwHhcNMjQwMTAxMTQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTJiZDMyYWVhZmY5MGRhYjU2MjY5MzUyYzg5OTBiNmQ4YjJjYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntXR4/Z4DKKmwwGcLPWTy+YM12Jz
fjQjpfIcrorHk5NrUCMFzrlZaXpIR3aInHCVuySeuIEBBGQwvSW+vIojhC41LIdf
jvlPiElfRin7OSIuF4vUQ0OCDl94ugRp3+Ml0RqRiK9ss92MZIRZXdYNBXcCvTGt
DdAz+pPze8/JEooHir7qjF3xrCvZyTZS4NO7r+1tjy54077UFLTMmH7ThJiw4nGG
XItO9xvCZCd9YXHUuZ14Qf9hqAdOFTn9gstoYckHqBpJiN9rIMq1MgXWv1HfhYPG
PANYIUaEB/dRpnF+EOvIh6FwiZXHfiKhIxK71KXL83RggMIbO7jKUXWHvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI4r0yrq/5DatWJpNSyJkLbYsssXMB8GA1UdIwQY
MBaAFGaJw5leJGHVpS/U8QAHgvmaTUgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm9uRG1WNGtZZFdsTDlUeEFBZUMtWnBOU0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDY5NjYtMDY5YS00MGIwLWIxNDMt
NDFlYWExZmRlMTFiLzEvaml2VEt1cl9rTnExWW1rMUxJbVF0dGl5eXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDY5NjYtMDY5YS00MGIwLWIxNDMtNDFlYWExZmRlMTFi
LzEvWm9uRG1WNGtZZFdsTDlUeEFBZUMtWnBOU0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFW7vgAwQC
uWxEAwQBwpHMMA0GCSqGSIb3DQEBCwUAA4IBAQB+jVisqXu6NAh1mt3zG0vzdusa
4EwCyYO8DckrkXTbS8Ebl6yOSrd1bpSyXag+g2m0Q8+ZncgTJwZ+xzQEOJ0hC/wL
i1cCa1DJ5jeiwoblzdypFXM4bQiylgX9ZBwyfKXhmb8zWg70HE5VPqMqS+X3b/Qj
mKGp7V8vRH4xPx/h3R0N50c5rRTGvWeoSpNo16J/DLAFBjY3fECmH3rYEekd+Zuo
7BKAC0s3eNaQ6jQ6q3PVDthx5kcTlInGFeNGsTlssCtt3MZaIF52bDnlug+ELO30
f7heLixuKlE1VqdEra+aKeY9kMKsaWL6jzWzLDJQWVdqaqCWAEp8BGtGmGgP
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:05 2025 by rpki-client