Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/J2pl9u3f9BSU5K1ejEXydxZPiHU.roa
File: J2pl9u3f9BSU5K1ejEXydxZPiHU.roa (raw, json)
Hash identifier: 5is3ZAhxFWeXYY/s7j7GhX+KES9+xfvbI7Cc8rtrvio=
Subject key identifier: 27:6A:65:F6:ED:DF:F4:14:94:E4:AD:5E:8C:45:F2:77:16:4F:88:75
Certificate issuer: /CN=3e276ac51a132401db4cd741d866a54622a0d15c
Certificate serial: 018CC2DB5860434D761CA72D6603DEA18044
Authority key identifier: 3E:27:6A:C5:1A:13:24:01:DB:4C:D7:41:D8:66:A5:46:22:A0:D1:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PidqxRoTJAHbTNdB2GalRiKg0Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/J2pl9u3f9BSU5K1ejEXydxZPiHU.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206330
IP address blocks: 185.135.189.0/24 maxlen: 24
2a10:1646::/32 maxlen: 48
2a10:1647::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:58:60:43:4d:76:1c:a7:2d:66:03:de:a1:80:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e276ac51a132401db4cd741d866a54622a0d15c
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=276a65f6eddff41494e4ad5e8c45f277164f8875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9e:35:64:f1:50:6e:98:f1:a5:df:0c:d8:10:
fd:74:4b:39:ae:b3:37:5a:20:78:ac:43:17:d4:7b:
ac:48:93:b3:cc:f6:0f:0e:3d:98:97:78:36:8f:8f:
8a:e1:16:f7:8f:5f:c7:f7:ad:49:11:2a:43:da:cd:
03:a1:5d:f9:4e:2a:13:89:04:3b:8f:a1:c5:6d:50:
7d:c0:03:b7:c9:a8:e3:08:14:a6:34:a1:bd:a8:ea:
ac:d1:5c:e8:8a:d4:4c:c9:a8:24:58:bd:ae:fc:5a:
82:98:b5:ce:c1:aa:4b:33:4b:9a:90:aa:94:c8:75:
73:9c:04:ab:19:2e:d1:f6:e5:0d:03:7d:e6:d8:73:
6d:32:9b:0d:83:89:70:83:69:7b:cc:45:ba:b9:bc:
9a:d1:dc:27:09:03:c3:a9:cb:f7:26:f9:e0:f4:17:
96:66:5b:d8:f2:57:74:1e:36:0c:1a:13:bd:f1:66:
4c:6a:33:29:71:76:93:05:0e:2a:e0:c3:5b:0c:09:
62:fc:4d:fc:dc:87:e2:36:70:2f:f8:a0:ea:29:c5:
2b:f2:e5:50:60:53:10:71:2e:32:3c:1f:c8:93:a4:
60:12:73:99:06:71:e6:a6:d8:eb:1e:a1:4a:9d:1c:
fa:6d:cc:0b:b8:28:32:11:d2:5b:17:7e:e7:2d:cd:
c6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6A:65:F6:ED:DF:F4:14:94:E4:AD:5E:8C:45:F2:77:16:4F:88:75
X509v3 Authority Key Identifier:
keyid:3E:27:6A:C5:1A:13:24:01:DB:4C:D7:41:D8:66:A5:46:22:A0:D1:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PidqxRoTJAHbTNdB2GalRiKg0Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/J2pl9u3f9BSU5K1ejEXydxZPiHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/PidqxRoTJAHbTNdB2GalRiKg0Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.189.0/24
IPv6:
2a10:1646::/31
Signature Algorithm: sha256WithRSAEncryption
ab:53:f7:9c:80:12:58:04:51:1c:d7:f6:ae:c6:d3:42:28:ba:
e5:29:c1:5c:72:a1:51:76:a4:d0:4a:07:87:3f:55:86:8d:7a:
5e:c8:dd:25:12:f5:b5:0c:89:1d:04:11:8a:26:69:53:86:76:
9c:00:5f:af:7a:db:e3:58:72:0c:87:64:d8:9c:d8:b8:13:3d:
d8:c3:3d:d6:c2:46:fd:f9:0d:af:b5:fa:1d:f5:00:90:d9:49:
e7:23:36:1b:2d:db:cb:dc:fc:59:18:ef:86:19:61:32:fe:1e:
bf:a3:af:c0:6d:77:f1:32:4e:7d:9d:b5:33:71:ad:d9:b8:1e:
c4:43:af:71:cd:61:9f:13:da:b0:6c:d5:ed:c3:b6:41:a3:b2:
26:9f:c3:05:b5:85:1b:de:b6:06:a1:e8:01:98:41:e9:75:37:
0f:66:b0:f0:9e:a6:4f:5e:6d:84:5b:81:ee:e5:78:f7:22:8c:
45:07:4d:f2:bd:1d:cb:52:2b:fb:8d:f0:48:2e:b7:79:11:1c:
cb:35:ba:65:bc:05:1e:80:ff:59:bc:dc:d7:8b:f8:fc:6b:24:
48:1b:c6:a0:c8:08:49:e8:0e:1c:fe:84:0f:dc:96:ff:ff:88:
6a:ea:83:76:8a:73:19:95:7a:cf:67:91:37:eb:75:62:47:ce:
10:a4:b2:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC21hgQ012HKctZgPeoYBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjc2YWM1MWExMzI0MDFkYjRjZDc0MWQ4NjZhNTQ2MjJh
MGQxNWMwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzZhNjVmNmVkZGZmNDE0OTRlNGFkNWU4YzQ1ZjI3NzE2NGY4ODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj541ZPFQbpjxpd8M2BD9dEs5rrM3
WiB4rEMX1HusSJOzzPYPDj2Yl3g2j4+K4Rb3j1/H961JESpD2s0DoV35TioTiQQ7
j6HFbVB9wAO3yajjCBSmNKG9qOqs0VzoitRMyagkWL2u/FqCmLXOwapLM0uakKqU
yHVznASrGS7R9uUNA33m2HNtMpsNg4lwg2l7zEW6ubya0dwnCQPDqcv3Jvng9BeW
ZlvY8ld0HjYMGhO98WZMajMpcXaTBQ4q4MNbDAli/E383IfiNnAv+KDqKcUr8uVQ
YFMQcS4yPB/Ik6RgEnOZBnHmptjrHqFKnRz6bcwLuCgyEdJbF37nLc3GkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCdqZfbt3/QUlOStXoxF8ncWT4h1MB8GA1UdIwQY
MBaAFD4nasUaEyQB20zXQdhmpUYioNFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlkcXhSb1RKQUhiVE5kQjJHYWxSaUtnMFZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81Y2FjMWUtODMxZC00ZDllLTlhMjIt
MWVlZjExYThkZGRmLzEvSjJwbDl1M2Y5QlNVNUsxZWpFWHlkeFpQaUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81Y2FjMWUtODMxZC00ZDllLTlhMjItMWVlZjExYThkZGRm
LzEvUGlkcXhSb1RKQUhiVE5kQjJHYWxSaUtnMFZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYe9MA0E
AgACMAcDBQEqEBZGMA0GCSqGSIb3DQEBCwUAA4IBAQCrU/ecgBJYBFEc1/auxtNC
KLrlKcFccqFRdqTQSgeHP1WGjXpeyN0lEvW1DIkdBBGKJmlThnacAF+vetvjWHIM
h2TYnNi4Ez3Ywz3Wwkb9+Q2vtfod9QCQ2UnnIzYbLdvL3PxZGO+GGWEy/h6/o6/A
bXfxMk59nbUzca3ZuB7EQ69xzWGfE9qwbNXtw7ZBo7Imn8MFtYUb3rYGoegBmEHp
dTcPZrDwnqZPXm2EW4Hu5Xj3IoxFB03yvR3LUiv7jfBILrd5ERzLNbplvAUegP9Z
vNzXi/j8ayRIG8agyAhJ6A4c/oQP3Jb//4hq6oN2inMZlXrPZ5E363ViR84QpLKN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:02 2025 by rpki-client