Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/xJZQnrdHNTWVE91P1mY6FIfOGcc.roa
File: xJZQnrdHNTWVE91P1mY6FIfOGcc.roa (raw, json)
Hash identifier: +URJ77/QUxB/0DBE0F3//BrPYg/F7Lzgfu1TKcYyC6g=
Subject key identifier: C4:96:50:9E:B7:47:35:35:95:13:DD:4F:D6:66:3A:14:87:CE:19:C7
Certificate issuer: /CN=8cd52439cac2719b64e85b26ff0ea8468d57960e
Certificate serial: 018CC86F2BB4889C62BF3ECE091D2A4890BA
Authority key identifier: 8C:D5:24:39:CA:C2:71:9B:64:E8:5B:26:FF:0E:A8:46:8D:57:96:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/xJZQnrdHNTWVE91P1mY6FIfOGcc.roa
Signing time: Tue 02 Jan 2024 04:29:37 +0000
ROA not before: Tue 02 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206356
IP address blocks: 194.48.228.0/22 maxlen: 24
2a0c:efc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:2b:b4:88:9c:62:bf:3e:ce:09:1d:2a:48:90:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cd52439cac2719b64e85b26ff0ea8468d57960e
Validity
Not Before: Jan 2 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c496509eb74735359513dd4fd6663a1487ce19c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:78:ed:00:bc:12:b3:d8:d1:78:79:8e:9e:d7:
29:b6:26:e7:9d:c6:a3:c9:9b:e4:44:8d:9d:53:8a:
e3:1b:df:51:8f:87:47:1e:ec:d4:25:f5:d3:16:1d:
33:8d:a7:f5:1d:a7:b7:a6:ff:be:fa:1d:0b:99:31:
b8:e5:a1:99:fe:f0:e0:4c:8d:f6:4f:56:91:bd:d3:
9b:f0:42:37:10:6b:ac:89:7a:00:37:66:f0:f7:5e:
49:b3:08:d9:46:8b:ec:38:37:cb:38:b1:a8:40:1d:
d5:05:ea:d9:98:41:66:d9:12:7d:22:b2:5e:7d:b7:
ed:2b:84:ce:57:ad:5c:0f:ae:ca:a1:b6:42:5b:bb:
a4:fb:95:98:6a:eb:f1:87:b6:bd:84:a6:2f:ee:76:
86:c6:56:75:00:6a:c1:0c:06:c3:c0:07:c0:4c:09:
01:85:11:d0:1f:0d:76:46:35:27:bc:5d:bf:67:f7:
12:ba:73:1d:69:0c:46:5c:85:b5:b5:ea:ba:50:70:
20:b8:5c:2d:3e:2d:b5:62:e9:14:9a:67:90:22:98:
7d:4c:20:1a:c5:61:37:a3:f7:55:25:3b:b1:e7:d6:
22:2b:42:06:09:54:18:86:ee:cd:2f:de:01:e6:7a:
17:c1:95:ec:53:15:d2:7d:d4:d4:cd:b9:0b:2d:aa:
83:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:96:50:9E:B7:47:35:35:95:13:DD:4F:D6:66:3A:14:87:CE:19:C7
X509v3 Authority Key Identifier:
keyid:8C:D5:24:39:CA:C2:71:9B:64:E8:5B:26:FF:0E:A8:46:8D:57:96:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/xJZQnrdHNTWVE91P1mY6FIfOGcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.228.0/22
IPv6:
2a0c:efc0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:7f:05:54:cf:4d:7b:12:44:0d:6e:3e:71:5e:02:20:c1:27:
9d:fe:c3:85:a8:9a:3b:d1:6b:e2:03:ec:7b:5e:d5:3f:0e:3e:
70:a7:1b:c1:d2:81:fd:4e:33:0b:1b:db:88:cc:01:2b:bf:55:
f8:60:7a:cd:f5:da:09:32:43:58:e7:4b:0b:66:f9:5d:4d:db:
80:f3:2f:0c:96:19:1d:08:0a:d7:f8:2e:bf:35:7b:ad:16:a0:
c6:6a:f4:03:4b:3d:5f:f4:eb:d6:44:01:b6:60:bb:3d:b6:81:
d0:fb:29:df:1a:01:6d:f5:b1:8a:d8:4f:c4:9b:3f:80:ea:9b:
c0:05:b1:1a:35:21:a7:48:8f:07:1f:c2:8b:46:c2:aa:d7:62:
82:ac:50:e3:b0:4e:f9:ff:4a:d4:35:2c:de:5a:c1:c9:47:28:
6e:26:fd:c4:aa:ea:dd:bb:29:46:9e:6c:63:d1:92:43:64:71:
1f:56:39:43:36:94:a1:de:1d:3e:e5:ad:3c:69:0f:91:ed:22:
92:11:03:2d:a5:f2:11:17:9f:80:a9:29:8c:ad:4b:17:35:d3:
bf:2f:51:eb:62:67:a6:4b:fc:55:dc:b6:b2:61:de:c2:40:a6:
2f:e3:8e:c7:64:95:7e:c4:1d:ac:c4:4f:31:3a:10:1d:66:93:
13:4f:06:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbyu0iJxivz7OCR0qSJC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZDUyNDM5Y2FjMjcxOWI2NGU4NWIyNmZmMGVhODQ2OGQ1
Nzk2MGUwHhcNMjQwMTAyMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk2NTA5ZWI3NDczNTM1OTUxM2RkNGZkNjY2M2ExNDg3Y2UxOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHjtALwSs9jReHmOntcptibnncaj
yZvkRI2dU4rjG99Rj4dHHuzUJfXTFh0zjaf1Hae3pv+++h0LmTG45aGZ/vDgTI32
T1aRvdOb8EI3EGusiXoAN2bw915JswjZRovsODfLOLGoQB3VBerZmEFm2RJ9IrJe
fbftK4TOV61cD67KobZCW7uk+5WYauvxh7a9hKYv7naGxlZ1AGrBDAbDwAfATAkB
hRHQHw12RjUnvF2/Z/cSunMdaQxGXIW1teq6UHAguFwtPi21YukUmmeQIph9TCAa
xWE3o/dVJTux59YiK0IGCVQYhu7NL94B5noXwZXsUxXSfdTUzbkLLaqDAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMSWUJ63RzU1lRPdT9ZmOhSHzhnHMB8GA1UdIwQY
MBaAFIzVJDnKwnGbZOhbJv8OqEaNV5YOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5Va09jckNjWnRrNkZzbV93Nm9SbzFYbGc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jZDM3MTEtNzA4NC00YjE1LWJjMjUt
M2U0YTAyNmRmMDAwLzEveEpaUW5yZEhOVFdWRTkxUDFtWTZGSWZPR2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jZDM3MTEtNzA4NC00YjE1LWJjMjUtM2U0YTAyNmRmMDAw
LzEvak5Va09jckNjWnRrNkZzbV93Nm9SbzFYbGc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwjDkMA0E
AgACMAcDBQMqDO/AMA0GCSqGSIb3DQEBCwUAA4IBAQB6fwVUz017EkQNbj5xXgIg
wSed/sOFqJo70WviA+x7XtU/Dj5wpxvB0oH9TjMLG9uIzAErv1X4YHrN9doJMkNY
50sLZvldTduA8y8MlhkdCArX+C6/NXutFqDGavQDSz1f9OvWRAG2YLs9toHQ+ynf
GgFt9bGK2E/Emz+A6pvABbEaNSGnSI8HH8KLRsKq12KCrFDjsE75/0rUNSzeWsHJ
RyhuJv3EqurduylGnmxj0ZJDZHEfVjlDNpSh3h0+5a08aQ+R7SKSEQMtpfIRF5+A
qSmMrUsXNdO/L1HrYmemS/xV3LayYd7CQKYv447HZJV+xB2sxE8xOhAdZpMTTwZc
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:15:24 2025 by rpki-client