Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/jo8mdf0IKXQxQ0e1bTv78l8q4UM.roa
File: jo8mdf0IKXQxQ0e1bTv78l8q4UM.roa (raw, json)
Hash identifier: Hne3UuWdh9JSVJewf8SDOg9JsGsRD8F+5HiOqdz0VNA=
Subject key identifier: 8E:8F:26:75:FD:08:29:74:31:43:47:B5:6D:3B:FB:F2:5F:2A:E1:43
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0194F19BB568025530E475263B456DF2A0FF
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/jo8mdf0IKXQxQ0e1bTv78l8q4UM.roa
Signing time: Mon 10 Feb 2025 20:45:00 +0000
ROA not before: Mon 10 Feb 2025 20:45:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400529
IP address blocks: 185.244.106.0/24 maxlen: 24
194.69.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Feb 2025 19:43:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:9b:b5:68:02:55:30:e4:75:26:3b:45:6d:f2:a0:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Feb 10 20:45:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e8f2675fd082974314347b56d3bfbf25f2ae143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:44:6a:0e:8c:8e:32:be:0b:54:e1:55:b3:c2:
62:f1:05:3a:f9:ab:f4:4c:ac:e8:12:26:db:c9:2f:
67:81:3d:c4:45:c6:3e:7a:45:b4:32:0a:59:87:9d:
22:4e:ab:99:c2:e9:93:66:ee:5e:b5:08:e4:46:91:
38:85:8d:3e:73:25:ef:45:a1:9a:15:6a:ac:75:00:
dd:5f:d5:3a:53:c8:56:c8:5f:0b:37:21:ea:8d:75:
1d:da:68:94:6f:bf:50:d0:7a:22:83:74:83:20:31:
86:c4:d5:a7:16:a2:e2:20:ad:64:c4:d4:75:4d:01:
3b:2d:69:10:98:1f:c5:22:8b:bb:34:37:74:1d:66:
0d:34:8c:05:2e:5a:18:ac:2b:b2:c0:49:47:33:a1:
7c:84:9b:2c:72:35:2d:c2:08:d7:56:a3:d0:b1:33:
4a:51:28:71:79:fb:6e:47:e9:3c:cd:33:1f:0b:13:
07:2c:7e:03:09:3f:ce:10:2b:1a:53:25:56:1d:c7:
73:4d:d5:c1:d9:db:cf:45:e9:88:8c:3a:3b:21:b3:
2e:c8:71:a3:27:40:90:71:f8:6b:c8:de:b6:da:01:
96:0f:c3:27:f4:5f:1b:3e:79:40:de:2a:2b:2f:53:
1a:80:c7:9c:a3:48:be:19:4d:40:e6:c3:b5:e4:f9:
60:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:8F:26:75:FD:08:29:74:31:43:47:B5:6D:3B:FB:F2:5F:2A:E1:43
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/jo8mdf0IKXQxQ0e1bTv78l8q4UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.106.0/24
194.69.160.0/24
Signature Algorithm: sha256WithRSAEncryption
69:79:53:9c:0e:05:5b:e6:d3:fe:e8:52:b5:e9:10:16:1d:f3:
9c:af:d0:51:d2:7d:cd:6d:7e:e9:7e:72:f5:ab:3b:36:27:be:
62:a4:a0:95:f2:8a:b0:70:ef:55:9a:ec:82:e6:f9:c5:5e:70:
f0:68:ca:22:95:d9:96:ab:83:5f:b7:12:29:0b:e8:57:8a:3f:
18:79:b1:fb:d7:2a:d1:48:05:18:04:ac:cb:88:0c:79:ed:05:
7e:80:8a:d2:37:91:78:82:d0:2f:6a:33:4e:09:31:b9:01:17:
e3:27:73:79:a0:47:ed:29:23:13:67:38:0d:b1:44:6e:88:43:
f0:77:80:b5:a7:5d:c2:50:18:12:4f:b0:58:b5:9f:a3:66:a7:
64:06:8c:26:f2:36:51:a3:47:bf:6c:89:b5:98:95:1f:b2:d0:
3a:01:9e:a0:6f:e6:47:22:b8:08:b6:66:cb:e4:18:01:da:17:
67:22:92:56:2f:a0:c0:54:9e:d4:02:42:ef:c0:0d:66:bc:5c:
48:f6:30:62:8e:20:f3:ae:92:cc:8e:c6:3a:60:bb:44:e1:be:
42:04:88:6f:5e:d0:41:ea:43:dc:d5:34:86:c0:7b:f6:5a:7e:
58:c9:75:9d:af:25:dd:aa:9f:46:65:b6:91:72:ee:90:e6:36:
14:6f:ea:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTxm7VoAlUw5HUmO0Vt8qD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMjEwMjA0NTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZThmMjY3NWZkMDgyOTc0MzE0MzQ3YjU2ZDNiZmJmMjVmMmFlMTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kRqDoyOMr4LVOFVs8Ji8QU6+av0
TKzoEibbyS9ngT3ERcY+ekW0MgpZh50iTquZwumTZu5etQjkRpE4hY0+cyXvRaGa
FWqsdQDdX9U6U8hWyF8LNyHqjXUd2miUb79Q0Hoig3SDIDGGxNWnFqLiIK1kxNR1
TQE7LWkQmB/FIou7NDd0HWYNNIwFLloYrCuywElHM6F8hJsscjUtwgjXVqPQsTNK
UShxeftuR+k8zTMfCxMHLH4DCT/OECsaUyVWHcdzTdXB2dvPRemIjDo7IbMuyHGj
J0CQcfhryN622gGWD8Mn9F8bPnlA3iorL1MagMeco0i+GU1A5sO15PlgOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI6PJnX9CCl0MUNHtW07+/JfKuFDMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvam84bWRmMElLWFF4UTBlMWJUdjc4bDhxNFVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufRqAwQA
wkWgMA0GCSqGSIb3DQEBCwUAA4IBAQBpeVOcDgVb5tP+6FK16RAWHfOcr9BR0n3N
bX7pfnL1qzs2J75ipKCV8oqwcO9VmuyC5vnFXnDwaMoildmWq4NftxIpC+hXij8Y
ebH71yrRSAUYBKzLiAx57QV+gIrSN5F4gtAvajNOCTG5ARfjJ3N5oEftKSMTZzgN
sURuiEPwd4C1p13CUBgST7BYtZ+jZqdkBowm8jZRo0e/bIm1mJUfstA6AZ6gb+ZH
IrgItmbL5BgB2hdnIpJWL6DAVJ7UAkLvwA1mvFxI9jBijiDzrpLMjsY6YLtE4b5C
BIhvXtBB6kPc1TSGwHv2Wn5YyXWdryXdqp9GZbaRcu6Q5jYUb+rO
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:36:09 2025 by rpki-client