Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/JcqSq4dY0Sm44Uvs4ERe2ddEiig.roa
File: JcqSq4dY0Sm44Uvs4ERe2ddEiig.roa (raw, json)
Hash identifier: Tr98wF231QYFmFh6nFdwmyXnill37/D9vXjeOIS6gms=
Subject key identifier: 25:CA:92:AB:87:58:D1:29:B8:E1:4B:EC:E0:44:5E:D9:D7:44:8A:28
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 018CC2DB24575C684765B6AE64E431F5C3BA
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/JcqSq4dY0Sm44Uvs4ERe2ddEiig.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15373
IP address blocks: 212.87.224.0/21 maxlen: 21
212.87.232.0/23 maxlen: 23
212.87.234.0/23 maxlen: 23
212.87.238.0/23 maxlen: 23
212.87.236.0/23 maxlen: 23
212.87.253.0/24 maxlen: 24
2a01:698::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:24:57:5c:68:47:65:b6:ae:64:e4:31:f5:c3:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25ca92ab8758d129b8e14bece0445ed9d7448a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2d:38:b4:4a:cb:de:b0:b2:b7:31:d4:48:14:
5f:d1:79:15:fb:a8:73:59:22:47:36:79:1b:d1:df:
d3:2c:68:ce:13:f6:ad:c2:5c:f1:bf:d3:a3:ab:4f:
9f:01:d5:28:ec:44:98:92:d0:c2:cc:f9:83:fd:50:
0f:94:95:48:40:1a:9a:e0:55:40:0e:83:db:6a:93:
7e:3c:4c:f7:a4:83:6f:9a:c1:1e:58:73:a5:ba:c9:
e8:fc:2e:48:33:3a:fc:a9:4b:96:14:7d:3b:ca:b0:
09:3e:31:31:e0:03:90:2d:2d:32:b4:83:23:8c:9b:
4f:90:8a:43:5d:e4:04:ef:57:6d:e4:f2:99:d5:d0:
05:da:cb:d6:8a:2b:6d:dc:b8:cb:84:35:6f:a4:ce:
f6:0c:4f:ce:29:55:30:a7:e5:27:6c:52:05:fa:8c:
07:b7:72:d2:7e:9f:05:c4:05:74:3d:a6:b7:50:ae:
5c:93:e3:5c:91:54:53:ed:13:59:52:c2:c7:51:13:
95:d5:9b:aa:d2:fa:98:33:2b:0d:81:4a:b1:be:f6:
5d:d3:c2:75:5d:8f:6c:0b:5a:61:11:66:f4:3f:9d:
67:05:60:56:04:0c:7d:05:82:92:0b:68:04:39:e5:
fb:2a:57:4d:d5:a0:78:82:09:b7:21:9e:e5:88:b3:
0c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CA:92:AB:87:58:D1:29:B8:E1:4B:EC:E0:44:5E:D9:D7:44:8A:28
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/JcqSq4dY0Sm44Uvs4ERe2ddEiig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.224.0/20
212.87.253.0/24
IPv6:
2a01:698::/32
Signature Algorithm: sha256WithRSAEncryption
2f:38:8e:b8:6a:99:13:62:f1:9d:d0:09:ad:d8:91:5b:f0:9a:
0e:c7:d6:03:f8:50:42:61:30:93:33:2d:9a:70:13:ca:a5:e0:
f7:cb:78:1b:9e:de:0f:cc:a6:6e:2a:42:4f:5c:23:92:a4:62:
14:39:04:29:89:a3:e8:90:10:73:4c:48:90:08:ac:4c:8f:d5:
75:73:db:ce:be:19:c4:7f:02:cd:a7:69:9d:be:91:2d:f0:29:
ca:33:76:eb:a2:28:54:d1:e0:3f:73:5f:6d:52:0e:39:02:89:
7e:c1:7e:8e:d9:fa:e2:84:5f:99:d6:e6:c0:79:95:6f:25:ba:
a2:a9:77:5f:cb:b3:0a:1c:95:82:bf:79:9c:df:60:70:91:e8:
92:40:e7:e3:01:6d:64:7b:81:2b:0d:1b:c8:65:4a:68:d8:a1:
28:68:a8:4d:fe:a7:63:c4:25:d1:30:28:53:f6:fe:af:02:4f:
00:2b:d9:df:f8:44:32:9e:3d:3c:b1:4f:47:9e:71:0f:98:64:
63:b1:55:59:8a:6a:26:7c:53:95:90:7e:3f:33:1e:b9:0d:32:
5b:67:03:cd:ec:57:ff:92:eb:ed:84:42:ca:54:15:e8:a1:bf:
74:2a:23:ce:33:e1:69:d7:f0:be:85:e7:6c:ce:3c:49:7a:3c:
9f:ef:be:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2yRXXGhHZbauZOQx9cO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMmFhOTYxYjQ3N2Q1NDIzZDg1YjdkNDNmM2VmYTI2MzI2
ZDcwOTAwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWNhOTJhYjg3NThkMTI5YjhlMTRiZWNlMDQ0NWVkOWQ3NDQ4YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS04tErL3rCytzHUSBRf0XkV+6hz
WSJHNnkb0d/TLGjOE/atwlzxv9Ojq0+fAdUo7ESYktDCzPmD/VAPlJVIQBqa4FVA
DoPbapN+PEz3pINvmsEeWHOlusno/C5IMzr8qUuWFH07yrAJPjEx4AOQLS0ytIMj
jJtPkIpDXeQE71dt5PKZ1dAF2svWiitt3LjLhDVvpM72DE/OKVUwp+UnbFIF+owH
t3LSfp8FxAV0Paa3UK5ck+NckVRT7RNZUsLHUROV1Zuq0vqYMysNgUqxvvZd08J1
XY9sC1phEWb0P51nBWBWBAx9BYKSC2gEOeX7KldN1aB4ggm3IZ7liLMMoQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCXKkquHWNEpuOFL7OBEXtnXRIooMB8GA1UdIwQY
MBaAFLAqqWG0d9VCPYW31D8++iYybXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEt
MDc4N2E1MDNjYTY5LzEvSmNxU3E0ZFkwU200NFV2czRFUmUyZGRFaWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEtMDc4N2E1MDNjYTY5
LzEvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQE1FfgAwQA
1Ff9MA0EAgACMAcDBQAqAQaYMA0GCSqGSIb3DQEBCwUAA4IBAQAvOI64apkTYvGd
0Amt2JFb8JoOx9YD+FBCYTCTMy2acBPKpeD3y3gbnt4PzKZuKkJPXCOSpGIUOQQp
iaPokBBzTEiQCKxMj9V1c9vOvhnEfwLNp2mdvpEt8CnKM3broihU0eA/c19tUg45
Aol+wX6O2frihF+Z1ubAeZVvJbqiqXdfy7MKHJWCv3mc32BwkeiSQOfjAW1ke4Er
DRvIZUpo2KEoaKhN/qdjxCXRMChT9v6vAk8AK9nf+EQynj08sU9HnnEPmGRjsVVZ
imomfFOVkH4/Mx65DTJbZwPN7Ff/kuvthELKVBXoob90KiPOM+Fp1/C+hedszjxJ
ejyf776A
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:29 2025 by rpki-client