Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/jk40RH9sWjxlk7f7d1TrB4RqBMg.roa
File: jk40RH9sWjxlk7f7d1TrB4RqBMg.roa (raw, json)
Hash identifier: UJvLvuQA6I8jujdpy+fOPQAbeRyNVuPvityCa/rSqkA=
Subject key identifier: 8E:4E:34:44:7F:6C:5A:3C:65:93:B7:FB:77:54:EB:07:84:6A:04:C8
Certificate issuer: /CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
Certificate serial: 018CC493456D04174730D6A160223A73DCB7
Authority key identifier: EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/jk40RH9sWjxlk7f7d1TrB4RqBMg.roa
Signing time: Mon 01 Jan 2024 10:30:35 +0000
ROA not before: Mon 01 Jan 2024 10:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 217.28.163.0/24 maxlen: 24
193.32.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:45:6d:04:17:47:30:d6:a1:60:22:3a:73:dc:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
Validity
Not Before: Jan 1 10:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e4e34447f6c5a3c6593b7fb7754eb07846a04c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:b2:29:da:bc:d2:d5:40:33:77:66:17:2f:
4c:34:ea:b5:0a:32:eb:dc:68:a1:39:79:a8:24:c0:
55:ee:c0:46:46:99:a7:bc:47:4c:3c:dc:47:f8:1c:
f9:86:ec:a4:ef:6e:6b:ee:32:8b:8e:ed:dd:97:2c:
f8:cb:a1:e9:e5:df:4e:e6:b2:3d:b4:0b:b1:d3:12:
f0:b5:99:51:00:f4:1b:f8:d9:9b:ad:c0:93:f6:8a:
18:7e:cc:aa:84:06:37:e3:2e:9a:07:1c:08:1c:00:
ad:6b:f0:94:69:f6:90:01:5b:b1:bf:ac:4f:f5:72:
47:2e:f1:43:5f:0a:7e:d6:ca:6e:35:63:96:b0:75:
af:72:9e:3b:a2:d2:63:bb:99:0a:e2:ef:4c:c9:93:
b2:8a:01:be:df:c2:88:8c:ec:15:ec:fb:1f:b1:7c:
c9:0f:64:be:8a:d1:f7:db:65:05:ae:3a:f1:57:7a:
a3:e9:c4:20:df:c9:96:9a:90:90:b2:5a:24:c2:fe:
d5:d6:53:60:5d:d5:cc:02:47:98:a0:e3:d9:28:2d:
9f:a7:2a:ae:fa:58:73:44:d9:c9:52:18:fc:87:b7:
79:3f:63:e3:55:d0:0b:64:6a:09:d2:dc:e2:33:be:
2e:e9:10:56:1f:e4:29:be:be:99:90:cf:e3:ac:b5:
23:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4E:34:44:7F:6C:5A:3C:65:93:B7:FB:77:54:EB:07:84:6A:04:C8
X509v3 Authority Key Identifier:
keyid:EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/jk40RH9sWjxlk7f7d1TrB4RqBMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/73_V0zBhqd6SCvHCoTUT1G3SRhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.244.0/24
217.28.163.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:36:ac:d5:df:7f:dd:dd:d0:b0:50:2a:c7:54:13:5d:dd:38:
9b:b7:94:f5:3c:d5:13:ce:86:31:bf:61:50:4d:06:24:10:f9:
3d:27:ea:0c:5a:5b:9d:c3:09:f5:0d:49:09:8c:43:69:7e:3c:
07:81:53:5c:4b:17:70:37:66:b6:ca:fe:6f:79:2a:20:02:56:
58:6a:c6:f0:1b:5b:f0:93:cd:18:a6:07:61:3c:db:d7:61:9b:
78:63:81:dd:e2:cd:b9:62:3b:3d:f9:8a:53:44:a4:cb:99:8b:
1e:15:a6:e9:b6:ae:44:f4:c8:91:42:80:b3:55:67:46:8a:76:
66:ad:88:02:f7:c0:0c:fa:9c:34:28:02:47:8c:06:c6:3b:a9:
54:34:c3:fe:d0:28:4d:96:89:3a:bf:48:42:c9:f7:04:a2:4a:
2e:bb:23:ac:29:18:03:bc:2f:af:ee:25:3b:ec:6f:7b:64:92:
48:d2:89:e5:9b:a4:e4:bd:f0:b1:7a:28:80:7a:75:bd:58:8e:
f3:f3:83:bc:48:b3:f3:87:15:c7:76:51:2f:6a:4d:b3:c2:d8:
41:0f:d7:3c:28:a5:b9:c5:4f:e4:7c:25:6a:f0:50:68:8d:81:
c1:e7:9d:d4:4d:49:c0:6d:c1:c0:8c:de:e6:ac:f7:c9:be:68:
36:66:ab:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk0VtBBdHMNahYCI6c9y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2ZkNWQzMzA2MWE5ZGU5MjBhZjFjMmExMzUxM2Q0NmRk
MjQ2MTIwHhcNMjQwMTAxMTAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTRlMzQ0NDdmNmM1YTNjNjU5M2I3ZmI3NzU0ZWIwNzg0NmEwNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8SyKdq80tVAM3dmFy9MNOq1CjLr
3GihOXmoJMBV7sBGRpmnvEdMPNxH+Bz5huyk725r7jKLju3dlyz4y6Hp5d9O5rI9
tAux0xLwtZlRAPQb+NmbrcCT9ooYfsyqhAY34y6aBxwIHACta/CUafaQAVuxv6xP
9XJHLvFDXwp+1spuNWOWsHWvcp47otJju5kK4u9MyZOyigG+38KIjOwV7PsfsXzJ
D2S+itH322UFrjrxV3qj6cQg38mWmpCQslokwv7V1lNgXdXMAkeYoOPZKC2fpyqu
+lhzRNnJUhj8h7d5P2PjVdALZGoJ0tziM74u6RBWH+Qpvr6ZkM/jrLUjPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI5ONER/bFo8ZZO3+3dU6weEagTIMB8GA1UdIwQY
MBaAFO9/1dMwYanekgrxwqE1E9Rt0kYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzNfVjB6QmhxZDZTQ3ZIQ29UVVQxRzNTUmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMzE5MGMtZTFhMC00YmE0LWIxZDgt
YTEwMmJlMzgyZTUxLzEvams0MFJIOXNXanhsazdmN2QxVHJCNFJxQk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yMzE5MGMtZTFhMC00YmE0LWIxZDgtYTEwMmJlMzgyZTUx
LzEvNzNfVjB6QmhxZDZTQ3ZIQ29UVVQxRzNTUmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSD0AwQA
2RyjMA0GCSqGSIb3DQEBCwUAA4IBAQAqNqzV33/d3dCwUCrHVBNd3Tibt5T1PNUT
zoYxv2FQTQYkEPk9J+oMWludwwn1DUkJjENpfjwHgVNcSxdwN2a2yv5veSogAlZY
asbwG1vwk80YpgdhPNvXYZt4Y4Hd4s25Yjs9+YpTRKTLmYseFabptq5E9MiRQoCz
VWdGinZmrYgC98AM+pw0KAJHjAbGO6lUNMP+0ChNlok6v0hCyfcEokouuyOsKRgD
vC+v7iU77G97ZJJI0onlm6TkvfCxeiiAenW9WI7z84O8SLPzhxXHdlEvak2zwthB
D9c8KKW5xU/kfCVq8FBojYHB553UTUnAbcHAjN7mrPfJvmg2Zqto
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:17:20 2025 by rpki-client