Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/J4WufaZEKZkep6n8gOMw7EzEeII.roa
File: J4WufaZEKZkep6n8gOMw7EzEeII.roa (raw, json)
Hash identifier: XZdbeBzJJU3osxr60fLykJijZEgJPCUK/LXsZPZBCng=
Subject key identifier: 27:85:AE:7D:A6:44:29:99:1E:A7:A9:FC:80:E3:30:EC:4C:C4:78:82
Certificate issuer: /CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Certificate serial: 018CC4245205FFBEAB81158E16E6F92536D7
Authority key identifier: C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/J4WufaZEKZkep6n8gOMw7EzEeII.roa
Signing time: Mon 01 Jan 2024 08:29:23 +0000
ROA not before: Mon 01 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30782
IP address blocks: 195.234.20.0/23 maxlen: 23
130.255.152.0/21 maxlen: 21
185.91.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:52:05:ff:be:ab:81:15:8e:16:e6:f9:25:36:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Validity
Not Before: Jan 1 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2785ae7da64429991ea7a9fc80e330ec4cc47882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ba:b6:89:b3:7a:e2:8d:2d:58:09:53:ac:f4:
1f:4a:df:62:6a:09:d8:5b:63:9b:f2:0c:f5:a9:96:
45:1b:b8:aa:2d:86:41:fa:7a:b9:9e:91:78:e2:a8:
78:4d:80:fe:be:60:6c:4f:7a:59:6d:c4:f4:74:91:
26:6a:93:dd:ab:df:6e:57:d6:91:d0:df:dd:9c:e7:
0b:f6:01:e8:a3:98:12:ec:33:71:4c:05:82:aa:37:
35:ce:d3:ee:48:5a:dc:d3:bd:98:b7:b2:93:d6:96:
ee:bc:f5:47:ed:44:81:f9:dc:b0:ad:22:1c:7f:5b:
2e:c2:a6:09:7f:cb:f5:00:91:8b:a8:a8:b3:2b:4d:
15:3f:13:63:c8:27:56:c3:dc:c2:fe:9c:89:05:56:
14:b4:10:8c:28:13:ff:11:df:23:5f:d8:1c:db:74:
1b:be:28:59:25:37:b7:57:db:6e:c3:da:d4:2d:64:
6a:e8:1b:a9:35:ed:d5:5c:de:5f:f3:2b:b8:9b:0e:
ca:7b:19:30:d1:20:ab:b8:3e:b2:12:ac:e1:54:bf:
4f:33:df:7b:98:f6:0f:35:9b:58:67:d6:1b:4e:92:
56:ac:4f:49:29:f6:e8:e0:9e:c8:e2:ef:78:29:db:
0b:29:71:67:aa:09:b4:94:97:e8:32:0a:b3:07:b8:
58:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:85:AE:7D:A6:44:29:99:1E:A7:A9:FC:80:E3:30:EC:4C:C4:78:82
X509v3 Authority Key Identifier:
keyid:C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/J4WufaZEKZkep6n8gOMw7EzEeII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.152.0/21
185.91.212.0/22
195.234.20.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:05:55:90:83:48:b5:49:19:e6:58:75:bd:2a:cf:68:d0:51:
12:aa:eb:37:71:63:59:c4:b7:3c:bc:d7:51:ef:13:bd:f0:a7:
67:e3:20:3a:f9:a7:e7:72:d4:bc:a1:3e:4b:4d:29:84:63:ef:
2c:ac:a4:c9:36:5b:6d:06:46:7a:7a:ed:29:9c:06:9b:4c:38:
64:7d:d1:1d:d2:96:19:5d:63:1c:94:94:2b:b2:bf:15:30:3c:
fd:ca:17:aa:fb:6c:ae:a9:7d:82:b5:c7:06:89:ac:65:bc:99:
2b:aa:24:31:d3:f1:85:61:c3:42:85:b1:63:55:1c:d8:95:00:
81:cc:25:68:64:7d:75:6b:1c:61:5f:6f:01:cc:a4:26:a9:48:
dc:92:b7:97:8f:f1:be:88:8b:cd:e3:07:aa:29:b9:84:d1:76:
28:49:e0:dc:f3:f0:30:9d:ac:b1:40:8a:b7:57:04:bd:89:fa:
04:38:fe:bf:84:6f:6b:be:25:94:27:46:dd:99:f8:85:78:60:
b4:02:3d:dd:4d:12:2d:9f:64:18:c5:0c:f5:78:ce:61:fd:13:
75:bd:6a:e1:19:81:dd:9b:8e:55:24:59:19:ab:11:d0:b5:6a:
a2:34:b0:b9:c1:5c:40:2c:fb:bb:cb:d5:b6:3e:be:ef:69:5e:
43:11:28:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJFIF/76rgRWOFub5JTbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3OTgzYjNhOTc1OGZjYmU3ODczM2Q5MTU1YWVkMjY2Yzg4
MmEyM2MwHhcNMjQwMTAxMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzg1YWU3ZGE2NDQyOTk5MWVhN2E5ZmM4MGUzMzBlYzRjYzQ3ODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Lq2ibN64o0tWAlTrPQfSt9iagnY
W2Ob8gz1qZZFG7iqLYZB+nq5npF44qh4TYD+vmBsT3pZbcT0dJEmapPdq99uV9aR
0N/dnOcL9gHoo5gS7DNxTAWCqjc1ztPuSFrc072Yt7KT1pbuvPVH7USB+dywrSIc
f1suwqYJf8v1AJGLqKizK00VPxNjyCdWw9zC/pyJBVYUtBCMKBP/Ed8jX9gc23Qb
vihZJTe3V9tuw9rULWRq6BupNe3VXN5f8yu4mw7Kexkw0SCruD6yEqzhVL9PM997
mPYPNZtYZ9YbTpJWrE9JKfbo4J7I4u94KdsLKXFnqgm0lJfoMgqzB7hYVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCeFrn2mRCmZHqep/IDjMOxMxHiCMB8GA1UdIwQY
MBaAFMeYOzqXWPy+eHM9kVWu0mbIgqI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEt
MjM4NDA1ZjJjZGU5LzEvSjRXdWZhWkVLWmtlcDZuOGdPTXc3RXpFZUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEtMjM4NDA1ZjJjZGU5
LzEveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDgv+YAwQC
uVvUAwQBw+oUMA0GCSqGSIb3DQEBCwUAA4IBAQB/BVWQg0i1SRnmWHW9Ks9o0FES
qus3cWNZxLc8vNdR7xO98Kdn4yA6+afnctS8oT5LTSmEY+8srKTJNlttBkZ6eu0p
nAabTDhkfdEd0pYZXWMclJQrsr8VMDz9yheq+2yuqX2CtccGiaxlvJkrqiQx0/GF
YcNChbFjVRzYlQCBzCVoZH11axxhX28BzKQmqUjckreXj/G+iIvN4weqKbmE0XYo
SeDc8/AwnayxQIq3VwS9ifoEOP6/hG9rviWUJ0bdmfiFeGC0Aj3dTRItn2QYxQz1
eM5h/RN1vWrhGYHdm45VJFkZqxHQtWqiNLC5wVxALPu7y9W2Pr7vaV5DESjt
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:11:01 2025 by rpki-client