Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/JMllR8lZCx-aobkGWUt9dd4T9KU.roa
File: JMllR8lZCx-aobkGWUt9dd4T9KU.roa (raw, json)
Hash identifier: Av5+m8cpQkFHG+d1ca313GmSz/QtU4r5gf41PHuWwY0=
Subject key identifier: 24:C9:65:47:C9:59:0B:1F:9A:A1:B9:06:59:4B:7D:75:DE:13:F4:A5
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 0194266B7AB8A6636D8BA6CF1A4437E5C223
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/JMllR8lZCx-aobkGWUt9dd4T9KU.roa
Signing time: Thu 02 Jan 2025 09:49:25 +0000
ROA not before: Thu 02 Jan 2025 09:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 94.103.56.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 17 Jan 2025 06:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:7a:b8:a6:63:6d:8b:a6:cf:1a:44:37:e5:c2:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 09:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24c96547c9590b1f9aa1b906594b7d75de13f4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f5:ba:95:a4:e7:25:ed:15:a4:be:67:f6:db:
b0:4f:35:5e:f1:23:7a:9c:f8:15:db:96:87:34:0f:
fd:99:52:78:8f:d5:2a:91:88:4c:e6:45:a9:25:93:
05:35:20:c5:12:a9:61:70:51:79:eb:b0:4d:3e:4f:
8f:7d:40:44:8a:25:e7:44:84:aa:21:bb:64:9f:7a:
67:c8:90:db:2a:fa:09:fd:42:c7:f8:4b:ea:c5:86:
1b:05:be:6a:14:2b:d8:03:04:ba:85:06:92:f9:32:
bb:0a:e8:26:2d:e6:a1:56:1a:72:27:49:eb:3e:18:
cb:c9:b6:48:9c:1f:13:60:9d:cf:ad:5a:02:e3:08:
29:13:86:c5:34:6b:2e:0d:f0:0d:08:83:19:15:16:
4b:b7:d5:08:25:4a:15:33:d2:b0:5d:c5:cf:00:36:
e3:f8:3d:ad:96:60:ad:38:4a:f6:9a:14:1b:a2:c9:
2a:2f:84:50:1b:ed:ea:29:0c:af:01:d8:0b:5a:18:
ce:cd:79:ec:c4:15:6a:f0:11:99:db:47:10:c6:f2:
1a:44:af:88:ea:db:94:8d:e7:c7:e8:ec:e7:a8:91:
60:5f:75:10:b2:39:fb:92:12:e8:c6:23:4e:21:c3:
4c:4e:6b:76:ff:37:48:ad:e1:3f:7f:93:23:67:b3:
90:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C9:65:47:C9:59:0B:1F:9A:A1:B9:06:59:4B:7D:75:DE:13:F4:A5
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/JMllR8lZCx-aobkGWUt9dd4T9KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.56.0/21
Signature Algorithm: sha256WithRSAEncryption
40:1c:1f:f6:cf:8e:fe:14:21:1b:45:96:8c:fb:69:b0:e2:88:
d8:bb:d5:fa:d1:89:65:45:5e:0c:00:92:da:38:61:08:2b:bc:
05:6a:e4:f6:1a:01:f5:07:3d:74:3a:3d:7a:33:b8:7e:e1:62:
ff:c8:68:b5:9d:a2:b2:64:eb:d8:36:8e:47:d3:43:ae:30:9b:
c1:7d:78:78:5f:8d:e7:53:5a:17:73:2e:ac:1b:47:73:22:48:
14:b3:e0:2d:ea:a6:7d:eb:6a:7b:53:15:1d:8d:4b:50:93:9b:
e3:aa:a7:20:1a:03:95:1f:30:ee:8a:79:7b:58:18:34:0b:59:
d4:96:61:aa:c6:07:5e:01:6d:9c:b0:f7:df:56:9b:63:e7:38:
70:15:42:d2:bd:52:8d:f3:35:e5:02:08:60:8f:3f:02:86:88:
ca:51:47:3c:cd:41:e6:de:a0:c9:43:55:8b:15:df:36:2e:8b:
36:00:fd:31:57:8a:80:e1:73:56:33:55:ce:55:26:c2:0e:a2:
84:22:26:f1:c4:4e:73:91:9b:3c:56:44:c9:40:3f:f0:f2:8a:
6e:2e:47:75:8e:cb:9c:a8:9b:ba:fa:95:b4:74:f3:d9:65:08:
5a:cb:9e:77:89:69:97:f4:4a:e9:db:18:cd:05:33:80:d9:85:
c5:79:b8:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma3q4pmNti6bPGkQ35cIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwMTAyMDk0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGM5NjU0N2M5NTkwYjFmOWFhMWI5MDY1OTRiN2Q3NWRlMTNmNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vW6laTnJe0VpL5n9tuwTzVe8SN6
nPgV25aHNA/9mVJ4j9UqkYhM5kWpJZMFNSDFEqlhcFF567BNPk+PfUBEiiXnRISq
Ibtkn3pnyJDbKvoJ/ULH+EvqxYYbBb5qFCvYAwS6hQaS+TK7CugmLeahVhpyJ0nr
PhjLybZInB8TYJ3PrVoC4wgpE4bFNGsuDfANCIMZFRZLt9UIJUoVM9KwXcXPADbj
+D2tlmCtOEr2mhQboskqL4RQG+3qKQyvAdgLWhjOzXnsxBVq8BGZ20cQxvIaRK+I
6tuUjefH6OznqJFgX3UQsjn7khLoxiNOIcNMTmt2/zdIreE/f5MjZ7OQdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTJZUfJWQsfmqG5BllLfXXeE/SlMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvSk1sbFI4bFpDeC1hb2JrR1dVdDlkZDRUOUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXmc4MA0G
CSqGSIb3DQEBCwUAA4IBAQBAHB/2z47+FCEbRZaM+2mw4ojYu9X60YllRV4MAJLa
OGEIK7wFauT2GgH1Bz10Oj16M7h+4WL/yGi1naKyZOvYNo5H00OuMJvBfXh4X43n
U1oXcy6sG0dzIkgUs+At6qZ962p7UxUdjUtQk5vjqqcgGgOVHzDuinl7WBg0C1nU
lmGqxgdeAW2csPffVptj5zhwFULSvVKN8zXlAghgjz8ChojKUUc8zUHm3qDJQ1WL
Fd82Los2AP0xV4qA4XNWM1XOVSbCDqKEIibxxE5zkZs8VkTJQD/w8opuLkd1jsuc
qJu6+pW0dPPZZQhay553iWmX9Erp2xjNBTOA2YXFebgj
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:06:09 2025 by rpki-client