Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/jLmCJD9MwXJK1y3iBAz9-epsfvM.roa
File: jLmCJD9MwXJK1y3iBAz9-epsfvM.roa (raw, json)
Hash identifier: LtNT9EqDXPKC4Fq6wRxTjjVrS4ZN4s989ZuqhJyFcVA=
Subject key identifier: 8C:B9:82:24:3F:4C:C1:72:4A:D7:2D:E2:04:0C:FD:F9:EA:6C:7E:F3
Certificate issuer: /CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
Certificate serial: 01909E6987376CC985854CD767F4C79B33BE
Authority key identifier: 8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/jLmCJD9MwXJK1y3iBAz9-epsfvM.roa
Signing time: Wed 10 Jul 2024 20:50:34 +0000
ROA not before: Wed 10 Jul 2024 20:50:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 193.135.40.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9e:69:87:37:6c:c9:85:85:4c:d7:67:f4:c7:9b:33:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
Validity
Not Before: Jul 10 20:50:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cb982243f4cc1724ad72de2040cfdf9ea6c7ef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:81:9a:a7:86:f0:88:4b:8b:f1:e1:12:4c:ea:
8e:93:64:ac:e4:f0:e2:92:b9:9e:bb:7d:5b:6d:06:
4a:c7:20:57:15:6e:84:e9:b7:97:11:08:dd:2b:7f:
1d:08:c6:75:ac:35:90:0f:c9:93:7b:31:b5:f5:87:
2b:d5:a0:47:4f:1f:d7:e4:fb:41:23:09:e5:1e:0c:
61:9a:53:c0:ea:66:a0:9e:47:58:28:3d:dc:c9:be:
51:e1:32:4f:6d:c8:c2:da:4b:b3:70:cb:ad:81:15:
8f:2a:fa:0a:33:63:72:9e:fb:e0:55:ad:a4:f8:ed:
0d:e5:1d:33:bd:7d:88:ab:a5:09:36:0a:68:62:46:
31:90:98:42:29:a2:96:f7:ab:fc:12:32:c9:21:8b:
8f:8a:ab:68:03:ca:97:ac:bd:29:19:dc:57:85:86:
7f:33:3c:4e:4e:c2:08:01:f3:e1:50:19:ef:0c:e2:
9e:0e:21:80:3f:2f:95:50:fc:47:f2:04:7f:58:ea:
18:35:0a:ec:31:cc:af:1a:bc:b3:fa:ee:dd:28:2c:
9d:5d:2a:36:22:98:aa:29:61:62:16:d7:68:a5:24:
c6:3c:ec:d6:f7:71:48:79:50:2a:d2:01:d5:3d:01:
ed:37:69:16:ad:fe:13:cb:ec:ec:cd:99:f5:2b:c0:
ae:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B9:82:24:3F:4C:C1:72:4A:D7:2D:E2:04:0C:FD:F9:EA:6C:7E:F3
X509v3 Authority Key Identifier:
keyid:8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/jLmCJD9MwXJK1y3iBAz9-epsfvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.40.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:22:d4:ce:34:39:5b:6e:12:59:ca:07:50:43:be:4c:a9:80:
c9:5b:ac:01:87:c3:a9:33:08:f0:0c:6d:49:31:f7:b2:af:af:
d4:1e:37:0f:36:8a:18:73:38:a7:66:50:b9:b4:e4:66:df:f4:
4e:0a:a2:17:30:11:39:a6:95:ba:df:62:86:22:21:c1:89:75:
92:e4:fe:ec:33:10:9a:06:e9:84:f5:d0:9f:e3:96:6b:fd:00:
77:31:39:04:09:27:14:7f:fe:56:06:cd:e0:f6:ad:57:a8:f5:
a2:2c:c3:ca:16:c9:10:a8:89:38:45:c3:71:1b:95:2b:dc:8b:
db:cf:94:80:ca:ca:fa:7d:ba:c5:28:92:c6:a7:42:08:f4:a6:
e3:5d:a2:82:f5:83:4f:88:b1:c4:36:a2:85:90:53:65:ca:05:
64:a9:34:61:0f:6c:53:3d:6e:97:60:c7:b4:e0:2a:73:2c:5c:
44:88:cf:90:ce:0e:e4:0b:08:9e:c7:ab:ab:e0:f0:68:5a:52:
00:b8:8f:dd:0b:77:44:49:7e:d4:6f:26:09:79:7c:ff:be:40:
9a:3f:6c:63:78:4d:6f:3d:7a:ca:36:c4:31:bf:20:96:24:98:
9c:91:44:dc:86:41:a7:9f:06:76:08:6c:5c:5d:2d:fa:a0:0b:
af:e5:bb:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCeaYc3bMmFhUzXZ/THmzO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWQ5YzBjZTViYTM5MDViNDE5NzBhMDRlNTE5NzYwNzZj
NjdlMDAwHhcNMjQwNzEwMjA1MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2I5ODIyNDNmNGNjMTcyNGFkNzJkZTIwNDBjZmRmOWVhNmM3ZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoGap4bwiEuL8eESTOqOk2Ss5PDi
krmeu31bbQZKxyBXFW6E6beXEQjdK38dCMZ1rDWQD8mTezG19Ycr1aBHTx/X5PtB
IwnlHgxhmlPA6magnkdYKD3cyb5R4TJPbcjC2kuzcMutgRWPKvoKM2NynvvgVa2k
+O0N5R0zvX2Iq6UJNgpoYkYxkJhCKaKW96v8EjLJIYuPiqtoA8qXrL0pGdxXhYZ/
MzxOTsIIAfPhUBnvDOKeDiGAPy+VUPxH8gR/WOoYNQrsMcyvGryz+u7dKCydXSo2
IpiqKWFiFtdopSTGPOzW93FIeVAq0gHVPQHtN2kWrf4Ty+zszZn1K8Cu/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIy5giQ/TMFyStct4gQM/fnqbH7zMB8GA1UdIwQY
MBaAFIqtnAzlujkFtBlwoE5Rl2B2xn4AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXEyY0RPVzZPUVcwR1hDZ1RsR1hZSGJHZmdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lNDQ1ZTQtMjZiZC00OGM5LTgzZGIt
N2EwZWNlOWMwYWY4LzEvakxtQ0pEOU13WEpLMXkzaUJBejktZXBzZnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lNDQ1ZTQtMjZiZC00OGM5LTgzZGItN2EwZWNlOWMwYWY4
LzEvaXEyY0RPVzZPUVcwR1hDZ1RsR1hZSGJHZmdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwYcoMA0G
CSqGSIb3DQEBCwUAA4IBAQBOItTONDlbbhJZygdQQ75MqYDJW6wBh8OpMwjwDG1J
Mfeyr6/UHjcPNooYczinZlC5tORm3/ROCqIXMBE5ppW632KGIiHBiXWS5P7sMxCa
BumE9dCf45Zr/QB3MTkECScUf/5WBs3g9q1XqPWiLMPKFskQqIk4RcNxG5Ur3Ivb
z5SAysr6fbrFKJLGp0II9KbjXaKC9YNPiLHENqKFkFNlygVkqTRhD2xTPW6XYMe0
4CpzLFxEiM+Qzg7kCwiex6ur4PBoWlIAuI/dC3dESX7UbyYJeXz/vkCaP2xjeE1v
PXrKNsQxvyCWJJickUTchkGnnwZ2CGxcXS36oAuv5bse
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:36 2025 by rpki-client