Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/St-JVKSGxP9VGW6GXiTDDZuWlCI.roa
File: St-JVKSGxP9VGW6GXiTDDZuWlCI.roa (raw, json)
Hash identifier: UqC0J4I3BXNKbTXCHyKPa4IM4ZnnMZ4MywRtxulsBho=
Subject key identifier: 4A:DF:89:54:A4:86:C4:FF:55:19:6E:86:5E:24:C3:0D:9B:96:94:22
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01950BCEE27CBC491F28D5A593D01106066C
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/St-JVKSGxP9VGW6GXiTDDZuWlCI.roa
Signing time: Sat 15 Feb 2025 22:51:02 +0000
ROA not before: Sat 15 Feb 2025 22:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 80.244.15.0/24 maxlen: 24
212.46.37.0/24 maxlen: 24
2a10:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 16 Feb 2025 19:54:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0b:ce:e2:7c:bc:49:1f:28:d5:a5:93:d0:11:06:06:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Feb 15 22:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4adf8954a486c4ff55196e865e24c30d9b969422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:38:69:26:5c:ce:02:c5:e4:1b:3f:9b:6f:70:
87:75:fa:7c:ac:3b:98:9a:4b:bd:94:e1:3a:67:47:
a3:21:72:53:3f:aa:10:f1:e6:3f:7c:4d:71:68:0c:
7d:7e:f9:85:0f:20:2d:7e:43:e6:09:90:9a:b9:e5:
d5:cd:28:11:12:bb:af:61:21:c6:d8:31:24:81:38:
3b:f8:df:a4:d2:27:57:95:23:1a:d8:da:ab:e1:24:
b7:a4:f1:ec:89:a2:da:62:a2:02:92:78:8d:4a:67:
58:fb:4f:fd:7a:a2:15:0d:72:e2:30:23:27:3f:74:
dc:80:79:6f:66:af:90:cb:bf:60:26:65:68:1d:17:
20:20:56:0f:3e:fa:67:7c:f4:8b:69:60:7d:91:91:
c5:f6:8f:ca:e1:1f:4b:5e:78:0f:c1:5a:78:94:fd:
a3:35:64:86:13:96:e7:ac:3e:1d:82:ee:e1:ac:cb:
76:2a:83:df:0e:da:20:db:85:a0:28:b5:c1:f0:6f:
df:9e:05:b5:30:85:d6:e7:b1:73:d6:72:bd:f4:b3:
ed:a2:22:a9:6c:41:76:dc:08:09:0b:0f:e4:b3:f7:
e0:44:36:31:34:21:97:fe:28:d6:29:f5:ef:91:38:
cc:2c:16:5c:0b:61:8b:2c:28:99:78:1c:b2:cf:4b:
68:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DF:89:54:A4:86:C4:FF:55:19:6E:86:5E:24:C3:0D:9B:96:94:22
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/St-JVKSGxP9VGW6GXiTDDZuWlCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.15.0/24
212.46.37.0/24
IPv6:
2a10:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
76:7a:bc:21:39:54:90:0b:8a:a4:de:56:38:e4:25:9b:65:a0:
6e:4e:a2:b1:f5:03:f2:81:54:23:8d:52:a3:f1:60:50:29:64:
b5:a9:e5:99:00:18:a2:0a:7d:45:cb:5a:b3:cc:69:f8:0b:14:
a2:6d:39:84:3a:68:32:f6:55:dd:ad:ae:b8:de:e4:b5:d5:d3:
e9:87:61:4f:9e:ab:74:de:55:d2:7f:28:68:89:b2:51:f9:08:
90:75:32:f6:8c:a9:23:f5:ac:bf:54:c7:94:53:f0:49:64:8a:
87:cb:00:90:07:cf:c3:3f:d1:3c:85:2e:e5:71:0c:0d:7e:62:
c8:45:df:a0:90:7f:64:9f:a2:ca:5d:f4:dc:20:7c:12:9a:96:
a7:7f:b9:43:80:15:56:4f:10:9b:62:86:e3:b7:d3:f9:f6:85:
89:c4:7b:80:d3:9a:14:e1:99:4d:7e:6b:34:6c:c2:db:d3:79:
bf:5b:f3:76:8d:ad:cf:7b:63:41:ad:7e:51:93:36:cd:60:b0:
2b:bf:2b:d6:1f:6f:a4:4a:d7:a3:e3:15:4f:08:d7:4f:d0:e7:
3f:75:5d:99:94:b9:b0:10:cf:56:1b:54:ea:af:3b:83:54:f7:
10:a3:5b:8d:55:4c:cd:c5:91:0e:34:53:60:7a:22:2e:c1:21:
8c:f5:ca:fb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZULzuJ8vEkfKNWlk9ARBgZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMjE1MjI1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWRmODk1NGE0ODZjNGZmNTUxOTZlODY1ZTI0YzMwZDliOTY5NDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjhpJlzOAsXkGz+bb3CHdfp8rDuY
mku9lOE6Z0ejIXJTP6oQ8eY/fE1xaAx9fvmFDyAtfkPmCZCaueXVzSgREruvYSHG
2DEkgTg7+N+k0idXlSMa2Nqr4SS3pPHsiaLaYqICkniNSmdY+0/9eqIVDXLiMCMn
P3TcgHlvZq+Qy79gJmVoHRcgIFYPPvpnfPSLaWB9kZHF9o/K4R9LXngPwVp4lP2j
NWSGE5bnrD4dgu7hrMt2KoPfDtog24WgKLXB8G/fngW1MIXW57Fz1nK99LPtoiKp
bEF23AgJCw/ks/fgRDYxNCGX/ijWKfXvkTjMLBZcC2GLLCiZeByyz0toBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFErfiVSkhsT/VRluhl4kww2blpQiMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvU3QtSlZLU0d4UDlWR1c2R1hpVEREWnVXbENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUPQPAwQA
1C4lMA0EAgACMAcDBQMqED+AMA0GCSqGSIb3DQEBCwUAA4IBAQB2erwhOVSQC4qk
3lY45CWbZaBuTqKx9QPygVQjjVKj8WBQKWS1qeWZABiiCn1Fy1qzzGn4CxSibTmE
Omgy9lXdra643uS11dPph2FPnqt03lXSfyhoibJR+QiQdTL2jKkj9ay/VMeUU/BJ
ZIqHywCQB8/DP9E8hS7lcQwNfmLIRd+gkH9kn6LKXfTcIHwSmpanf7lDgBVWTxCb
Yobjt9P59oWJxHuA05oU4ZlNfms0bMLb03m/W/N2ja3Pe2NBrX5RkzbNYLArvyvW
H2+kStej4xVPCNdP0Oc/dV2ZlLmwEM9WG1TqrzuDVPcQo1uNVUzNxZEONFNgeiIu
wSGM9cr7
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:18:21 2025 by rpki-client