Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/pja1mcuE4fLv-SYAL1h7IMV8cNg.roa
File: pja1mcuE4fLv-SYAL1h7IMV8cNg.roa (raw, json)
Hash identifier: AHFc08AGYrXBXbMRJLm6ueHfvgcpPIfPuLJIXMUV43U=
Subject key identifier: A6:36:B5:99:CB:84:E1:F2:EF:F9:26:00:2F:58:7B:20:C5:7C:70:D8
Certificate issuer: /CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Certificate serial: 018CC72696BF29C79B42CC34179280350712
Authority key identifier: 8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/pja1mcuE4fLv-SYAL1h7IMV8cNg.roa
Signing time: Mon 01 Jan 2024 22:30:44 +0000
ROA not before: Mon 01 Jan 2024 22:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209936
IP address blocks: 185.242.164.0/23 maxlen: 23
185.242.164.0/22 maxlen: 23
2a0c:e780::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:96:bf:29:c7:9b:42:cc:34:17:92:80:35:07:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Validity
Not Before: Jan 1 22:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a636b599cb84e1f2eff926002f587b20c57c70d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:21:ea:b3:7e:55:04:a4:12:b5:eb:5e:ef:b6:
f2:1c:74:f3:7c:cd:a4:5b:39:cd:d6:33:89:74:ac:
4d:97:bb:bc:c8:42:ed:f0:41:ec:d5:85:24:83:93:
cf:22:2d:db:69:bd:2e:bd:46:0e:a8:0c:b1:8e:d1:
f4:fb:a0:51:08:69:1e:f5:3a:2a:e8:00:2e:d4:b3:
c3:ba:33:4e:93:47:c1:7c:db:0f:a2:5e:06:17:bf:
7f:b4:ec:6f:30:36:db:e7:a1:a3:1a:00:0e:9f:11:
0d:ab:fd:e6:34:d0:a2:9f:56:81:18:9c:66:c5:1d:
d5:12:5f:bd:b9:b7:28:79:3b:76:7c:0f:19:64:0e:
5a:8a:b6:f5:27:a0:82:98:7a:16:70:8e:22:02:ce:
d5:57:6c:24:8a:41:25:95:91:35:c4:73:4b:bf:f6:
b6:77:49:f1:68:17:4d:a9:60:80:9c:f8:f2:7b:4e:
0d:a6:76:98:d3:91:8b:b9:7e:ba:fe:be:84:37:b9:
3a:74:c9:0a:7c:45:60:93:c2:dd:7d:e4:19:df:1c:
e8:6d:8b:6f:5d:b1:93:7b:d1:6b:69:61:ec:4e:c0:
c1:72:a3:55:7b:c0:11:3c:ff:27:18:96:97:e0:9e:
b1:d1:8a:90:bf:8b:7f:b5:d0:7b:02:74:0a:1e:e5:
83:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:36:B5:99:CB:84:E1:F2:EF:F9:26:00:2F:58:7B:20:C5:7C:70:D8
X509v3 Authority Key Identifier:
keyid:8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/pja1mcuE4fLv-SYAL1h7IMV8cNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.164.0/22
IPv6:
2a0c:e780::/29
Signature Algorithm: sha256WithRSAEncryption
11:0c:f5:c0:a3:80:39:9d:03:a4:cd:73:a6:fb:91:71:b1:63:
03:54:8d:66:f7:8c:62:b1:ac:ad:20:0f:f1:66:a4:d4:8d:fb:
27:33:2a:23:ae:19:8b:93:6c:90:25:60:39:66:0e:cf:d5:91:
f0:15:cf:a2:ce:88:3f:97:3d:71:9a:78:91:9f:84:a8:8a:c7:
4f:f9:f2:b3:10:ec:e4:73:32:8c:3c:ae:6c:40:81:a4:f8:85:
fe:e1:10:8f:92:8f:38:c0:ea:5a:07:37:e3:61:49:c8:60:b0:
09:81:f7:43:24:b6:a7:dd:a4:0d:d1:93:7e:00:79:1f:ad:f2:
84:4b:18:ea:a4:38:1b:2c:62:54:fc:f6:75:b5:80:d5:ae:72:
3b:97:0e:57:90:30:9d:41:f1:3b:c6:ef:a3:32:5a:d3:cf:51:
c1:e1:72:a8:77:49:10:23:63:44:95:42:00:97:fd:73:23:e7:
9c:d9:e7:51:8c:4b:a3:8e:da:e2:c9:8f:80:0a:a0:e2:08:2e:
d4:c7:1b:eb:2a:2c:5f:1a:e4:82:6a:cf:62:54:43:f4:8d:23:
9e:7b:43:6f:79:7a:99:7f:b2:38:c2:4a:6f:06:d0:8f:3e:52:
99:a3:b1:bd:98:8a:1b:88:9f:f2:d1:47:f9:d0:8e:2b:66:b6:
1f:ee:44:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJpa/KcebQsw0F5KANQcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhY2RkZDVjMzBkNTgwZWIwZmVlY2EyYTE2Y2Y1YzVhOGIy
NTY4ZmQwHhcNMjQwMTAxMjIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjM2YjU5OWNiODRlMWYyZWZmOTI2MDAyZjU4N2IyMGM1N2M3MGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSHqs35VBKQStete77byHHTzfM2k
WznN1jOJdKxNl7u8yELt8EHs1YUkg5PPIi3bab0uvUYOqAyxjtH0+6BRCGke9Toq
6AAu1LPDujNOk0fBfNsPol4GF79/tOxvMDbb56GjGgAOnxENq/3mNNCin1aBGJxm
xR3VEl+9ubcoeTt2fA8ZZA5airb1J6CCmHoWcI4iAs7VV2wkikEllZE1xHNLv/a2
d0nxaBdNqWCAnPjye04NpnaY05GLuX66/r6EN7k6dMkKfEVgk8LdfeQZ3xzobYtv
XbGTe9FraWHsTsDBcqNVe8ARPP8nGJaX4J6x0YqQv4t/tdB7AnQKHuWDnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKY2tZnLhOHy7/kmAC9YeyDFfHDYMB8GA1UdIwQY
MBaAFIrN3Vww1YDrD+7KKhbPXFqLJWj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDIt
MTdiMWM3Mzc5MzAwLzEvcGphMW1jdUU0Zkx2LVNZQUwxaDdJTVY4Y05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDItMTdiMWM3Mzc5MzAw
LzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufKkMA0E
AgACMAcDBQMqDOeAMA0GCSqGSIb3DQEBCwUAA4IBAQARDPXAo4A5nQOkzXOm+5Fx
sWMDVI1m94xisaytIA/xZqTUjfsnMyojrhmLk2yQJWA5Zg7P1ZHwFc+izog/lz1x
mniRn4SoisdP+fKzEOzkczKMPK5sQIGk+IX+4RCPko84wOpaBzfjYUnIYLAJgfdD
JLan3aQN0ZN+AHkfrfKESxjqpDgbLGJU/PZ1tYDVrnI7lw5XkDCdQfE7xu+jMlrT
z1HB4XKod0kQI2NElUIAl/1zI+ec2edRjEujjtriyY+ACqDiCC7UxxvrKixfGuSC
as9iVEP0jSOee0NveXqZf7I4wkpvBtCPPlKZo7G9mIobiJ/y0Uf50I4rZrYf7kS1
-----END CERTIFICATE-----
Generated at Sun Mar 9 18:58:57 2025 by rpki-client