Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/jqUis0lkSR00BVJrd2B6iU9uHKY.roa
File: jqUis0lkSR00BVJrd2B6iU9uHKY.roa (raw, json)
Hash identifier: 0N8+0A6IZx0Vz4E3QFRbHXEzZOKYn9aRJ9yfmuax/Uk=
Subject key identifier: 8E:A5:22:B3:49:64:49:1D:34:05:52:6B:77:60:7A:89:4F:6E:1C:A6
Certificate issuer: /CN=12a657f3424c8dd55215af853b93307c366c538a
Certificate serial: 019425215A6571E5A69398DE4185F2E8E93C
Authority key identifier: 12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/jqUis0lkSR00BVJrd2B6iU9uHKY.roa
Signing time: Thu 02 Jan 2025 03:48:50 +0000
ROA not before: Thu 02 Jan 2025 03:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211995
IP address blocks: 46.22.225.0/24 maxlen: 24
46.22.226.0/24 maxlen: 24
46.22.227.0/24 maxlen: 24
46.22.228.0/24 maxlen: 24
46.22.229.0/24 maxlen: 24
46.22.230.0/24 maxlen: 24
46.22.231.0/24 maxlen: 24
46.22.232.0/24 maxlen: 24
46.22.233.0/24 maxlen: 24
46.22.234.0/24 maxlen: 24
46.22.235.0/24 maxlen: 24
46.22.236.0/24 maxlen: 24
46.22.237.0/24 maxlen: 24
46.22.238.0/24 maxlen: 24
46.22.239.0/24 maxlen: 24
46.28.237.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
109.237.112.0/20 maxlen: 20
109.237.112.0/24 maxlen: 24
109.237.113.0/24 maxlen: 24
109.237.114.0/24 maxlen: 24
185.55.36.0/22 maxlen: 22
185.55.36.0/24 maxlen: 24
185.55.37.0/24 maxlen: 24
185.55.38.0/24 maxlen: 24
185.55.39.0/24 maxlen: 24
185.77.3.0/24 maxlen: 24
185.136.207.0/24 maxlen: 24
185.233.35.0/24 maxlen: 24
194.164.222.0/24 maxlen: 24
213.142.158.0/24 maxlen: 24
2a10:d880::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 15 Jan 2025 04:52:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:5a:65:71:e5:a6:93:98:de:41:85:f2:e8:e9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12a657f3424c8dd55215af853b93307c366c538a
Validity
Not Before: Jan 2 03:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ea522b34964491d3405526b77607a894f6e1ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:77:e5:b8:fc:07:12:23:f1:4b:a2:9e:5e:41:
51:8a:f4:21:d8:4f:1a:fb:d4:d2:f1:a4:8b:26:6c:
d6:d0:e0:31:91:e5:6e:88:14:9b:6a:a8:c1:2a:73:
28:0d:2d:85:c2:bf:c5:bf:22:5d:21:98:a8:53:52:
54:53:13:d8:bd:d9:73:0c:85:0c:29:a9:d3:ce:08:
1b:d4:54:67:e2:2b:a4:4c:d7:d2:6d:8d:5e:b5:99:
dc:fc:d1:1f:4a:da:61:53:8c:ce:4d:3f:06:bf:15:
16:70:86:e6:af:97:6a:4e:1a:fe:72:69:12:6e:4b:
19:48:7f:31:ac:8f:20:a4:da:42:cd:b9:e6:2d:f5:
04:29:ec:cf:03:52:84:94:36:1f:93:ea:d3:c5:7e:
cb:d7:77:30:7e:3e:33:27:74:64:15:b1:95:db:7e:
87:a8:bc:7f:0a:35:65:2e:a2:c8:e8:3f:a0:e7:6e:
3f:06:f3:a5:09:71:37:34:21:3f:c1:36:a2:62:0f:
77:d3:b5:c9:fc:c5:21:be:70:45:fa:73:6c:f3:10:
a9:77:d5:48:c5:45:78:c3:16:f3:d3:94:10:e8:41:
28:9b:55:8e:c8:ae:fa:a4:a5:85:2c:33:a6:5a:ce:
3c:9a:78:76:17:9c:4a:c0:54:6e:56:bc:99:82:dd:
35:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A5:22:B3:49:64:49:1D:34:05:52:6B:77:60:7A:89:4F:6E:1C:A6
X509v3 Authority Key Identifier:
keyid:12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/jqUis0lkSR00BVJrd2B6iU9uHKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.225.0-46.22.239.255
46.28.237.0/24
93.114.130.0/24
109.237.112.0/20
185.55.36.0/22
185.77.3.0/24
185.136.207.0/24
185.233.35.0/24
194.164.222.0/24
213.142.158.0/24
IPv6:
2a10:d880::/29
Signature Algorithm: sha256WithRSAEncryption
94:0d:74:e1:6e:b9:84:37:32:0c:99:86:66:0b:de:17:ca:12:
ac:eb:3c:dc:4c:45:21:95:da:31:3c:e1:df:1c:c4:e6:21:6c:
8b:19:51:23:e4:c9:2b:39:22:81:87:78:3a:eb:49:7c:3c:d2:
03:3a:0a:52:8d:3e:c3:31:2e:a0:7e:93:c4:cb:6b:16:f5:0a:
8e:c6:dc:02:a2:10:35:fa:0c:3e:bf:41:75:7c:1e:e1:ce:bb:
27:d0:37:a7:48:dd:ab:dc:54:66:c0:ca:bc:b9:dc:34:cb:20:
f9:b1:53:64:b6:f6:c6:3e:58:96:13:aa:ee:fa:05:d0:c0:62:
53:78:6d:a0:05:83:ae:eb:1c:be:eb:4a:c5:c1:3f:82:11:76:
9c:cc:2d:85:99:68:8d:55:53:68:f7:b2:c2:c7:96:78:44:37:
6a:ce:d8:82:0c:bd:7b:ef:95:a9:d0:73:f6:0d:b7:2c:33:89:
af:6d:c3:30:71:3a:6f:73:56:02:5e:64:2f:bb:b3:9a:80:05:
a0:12:33:4d:5b:4a:2a:f2:49:e7:97:56:b2:e2:64:ed:52:92:
77:87:a6:59:7d:76:24:28:d6:a0:e0:50:4d:88:23:e7:99:3a:
31:31:a1:a1:a3:d1:35:8d:2f:93:98:21:02:86:ea:7a:51:b3:
cd:85:90:a0
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZQlIVplceWmk5jeQYXy6Ok8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYTY1N2YzNDI0YzhkZDU1MjE1YWY4NTNiOTMzMDdjMzY2
YzUzOGEwHhcNMjUwMTAyMDM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWE1MjJiMzQ5NjQ0OTFkMzQwNTUyNmI3NzYwN2E4OTRmNmUxY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnfluPwHEiPxS6KeXkFRivQh2E8a
+9TS8aSLJmzW0OAxkeVuiBSbaqjBKnMoDS2Fwr/FvyJdIZioU1JUUxPYvdlzDIUM
KanTzggb1FRn4iukTNfSbY1etZnc/NEfStphU4zOTT8GvxUWcIbmr5dqThr+cmkS
bksZSH8xrI8gpNpCzbnmLfUEKezPA1KElDYfk+rTxX7L13cwfj4zJ3RkFbGV236H
qLx/CjVlLqLI6D+g524/BvOlCXE3NCE/wTaiYg9307XJ/MUhvnBF+nNs8xCpd9VI
xUV4wxbz05QQ6EEom1WOyK76pKWFLDOmWs48mnh2F5xKwFRuVryZgt01pQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFI6lIrNJZEkdNAVSa3dgeolPbhymMB8GA1UdIwQY
MBaAFBKmV/NCTI3VUhWvhTuTMHw2bFOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMt
MDVmMDkzMzg1YWM4LzEvanFVaXMwbGtTUjAwQlZKcmQyQjZpVTl1SEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMtMDVmMDkzMzg1YWM4
LzEvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEMAwDBAAuFuED
BAQuFuADBAAuHO0DBABdcoIDBARt7XADBAK5NyQDBAC5TQMDBAC5iM8DBAC56SMD
BADCpN4DBADVjp4wDQQCAAIwBwMFAyoQ2IAwDQYJKoZIhvcNAQELBQADggEBAJQN
dOFuuYQ3MgyZhmYL3hfKEqzrPNxMRSGV2jE84d8cxOYhbIsZUSPkySs5IoGHeDrr
SXw80gM6ClKNPsMxLqB+k8TLaxb1Co7G3AKiEDX6DD6/QXV8HuHOuyfQN6dI3avc
VGbAyry53DTLIPmxU2S29sY+WJYTqu76BdDAYlN4baAFg67rHL7rSsXBP4IRdpzM
LYWZaI1VU2j3ssLHlnhEN2rO2IIMvXvvlanQc/YNtywzia9twzBxOm9zVgJeZC+7
s5qABaASM01bSirySeeXVrLiZO1SkneHpll9diQo1qDgUE2II+eZOjExoaGj0TWN
L5OYIQKG6npRs82FkKA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:03:15 2025 by rpki-client