Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/jhDjtkighG0MrIBNs-gIDiffLSo.roa
File: jhDjtkighG0MrIBNs-gIDiffLSo.roa (raw, json)
Hash identifier: TQXvTcP2rMK84vh7nIBPMWRHl3zoszdVpedpRetAHHI=
Subject key identifier: 8E:10:E3:B6:48:A0:84:6D:0C:AC:80:4D:B3:E8:08:0E:27:DF:2D:2A
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 0194228E28FB488729B2C9594285AC8ED052
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/jhDjtkighG0MrIBNs-gIDiffLSo.roa
Signing time: Wed 01 Jan 2025 15:48:49 +0000
ROA not before: Wed 01 Jan 2025 15:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60949
IP address blocks: 109.105.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 12:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:28:fb:48:87:29:b2:c9:59:42:85:ac:8e:d0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 1 15:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e10e3b648a0846d0cac804db3e8080e27df2d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:87:66:27:21:7b:1c:87:54:f6:6d:f6:b7:cb:
63:bd:d9:e5:7b:cd:23:80:6a:9d:7a:aa:62:17:bc:
db:19:d3:13:8c:88:e9:67:70:cf:d6:08:af:b3:c2:
5a:c9:0e:88:05:50:b9:95:02:fa:c7:33:0c:67:09:
db:9d:03:75:6d:88:f9:5e:bc:6c:25:87:4b:a6:c9:
1d:06:35:8c:7d:90:aa:37:53:56:94:71:54:d7:78:
22:d3:f0:0c:54:80:b7:8d:be:c7:0c:bb:13:43:10:
04:0a:bb:9d:07:bb:38:fb:06:bd:95:07:8c:9c:31:
49:2f:1c:f0:55:0e:02:58:ac:96:ed:40:3f:72:22:
59:28:4e:86:33:b3:a9:d3:57:55:65:e7:cb:43:d8:
e7:94:c4:2e:95:ff:66:7f:cd:0a:a7:60:e9:5b:9c:
ad:2f:b4:f1:bf:68:3a:78:c2:12:d9:89:b6:9f:81:
e3:93:e3:fe:1d:68:e0:a2:fc:40:50:56:8f:96:19:
c0:20:1d:07:e7:f3:93:e9:71:85:73:c2:40:fc:2c:
15:6f:db:cd:98:d1:84:6b:de:c1:84:45:75:1b:a0:
ef:af:1b:03:f2:57:20:17:ca:0a:e4:4b:0d:2b:97:
ad:d8:cb:8d:91:b0:a6:22:5d:bb:32:7e:16:03:e4:
7a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:10:E3:B6:48:A0:84:6D:0C:AC:80:4D:B3:E8:08:0E:27:DF:2D:2A
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/jhDjtkighG0MrIBNs-gIDiffLSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.199.0/24
Signature Algorithm: sha256WithRSAEncryption
34:18:f1:30:8b:4a:e7:33:43:66:96:7d:63:3a:f7:ab:6a:13:
57:8f:67:3d:82:30:fa:22:a3:9b:ff:bd:eb:d8:b8:83:90:1d:
90:4f:44:3c:9e:30:b8:76:c4:5d:97:33:3d:0c:f5:8a:b8:46:
4f:2d:88:a3:2f:40:d2:da:43:83:4c:e2:3b:47:a0:2c:34:f3:
6a:7e:38:4c:03:ec:40:41:c8:a1:b9:70:04:5a:ed:79:5e:2b:
0d:9b:77:9f:b6:4b:99:37:fb:17:f3:04:ec:0b:b1:58:b5:dd:
89:9f:11:45:9b:84:aa:cd:52:5d:c7:b7:25:1b:bd:4b:d6:7e:
f2:00:c4:6d:b8:2e:ca:14:0b:36:be:8e:ae:26:e6:3c:e3:2d:
b4:71:87:4e:29:5f:94:f0:85:8d:fa:37:2a:5c:5e:77:46:2c:
71:e6:61:ab:30:d6:82:e8:f4:c5:7c:4d:9c:00:69:67:36:ab:
4b:16:6e:24:34:d6:eb:37:a0:77:50:83:dc:7a:c2:3b:39:e0:
5e:73:ae:5b:34:8f:68:b9:0d:73:38:44:61:f8:49:70:8c:8a:
ee:2f:b3:6d:4d:f8:0e:93:b2:6c:14:26:eb:ff:cd:25:3e:93:
00:61:22:8b:00:06:3d:91:9f:f3:66:ac:d4:bc:0f:94:88:5a:
9f:01:be:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijij7SIcpsslZQoWsjtBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjUwMTAxMTU0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTEwZTNiNjQ4YTA4NDZkMGNhYzgwNGRiM2U4MDgwZTI3ZGYyZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYdmJyF7HIdU9m32t8tjvdnle80j
gGqdeqpiF7zbGdMTjIjpZ3DP1givs8JayQ6IBVC5lQL6xzMMZwnbnQN1bYj5Xrxs
JYdLpskdBjWMfZCqN1NWlHFU13gi0/AMVIC3jb7HDLsTQxAECrudB7s4+wa9lQeM
nDFJLxzwVQ4CWKyW7UA/ciJZKE6GM7Op01dVZefLQ9jnlMQulf9mf80Kp2DpW5yt
L7Txv2g6eMIS2Ym2n4Hjk+P+HWjgovxAUFaPlhnAIB0H5/OT6XGFc8JA/CwVb9vN
mNGEa97BhEV1G6DvrxsD8lcgF8oK5EsNK5et2MuNkbCmIl27Mn4WA+R6zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4Q47ZIoIRtDKyATbPoCA4n3y0qMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvamhEanRraWdoRzBNcklCTnMtZ0lEaWZmTFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnHMA0G
CSqGSIb3DQEBCwUAA4IBAQA0GPEwi0rnM0Nmln1jOverahNXj2c9gjD6IqOb/73r
2LiDkB2QT0Q8njC4dsRdlzM9DPWKuEZPLYijL0DS2kODTOI7R6AsNPNqfjhMA+xA
QcihuXAEWu15XisNm3eftkuZN/sX8wTsC7FYtd2JnxFFm4SqzVJdx7clG71L1n7y
AMRtuC7KFAs2vo6uJuY84y20cYdOKV+U8IWN+jcqXF53Rixx5mGrMNaC6PTFfE2c
AGlnNqtLFm4kNNbrN6B3UIPcesI7OeBec65bNI9ouQ1zOERh+ElwjIruL7NtTfgO
k7JsFCbr/80lPpMAYSKLAAY9kZ/zZqzUvA+UiFqfAb5X
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:32 2025 by rpki-client