Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/JUSEly9WKDJx99Y46JZJSte41KY.roa
File: JUSEly9WKDJx99Y46JZJSte41KY.roa (raw, json)
Hash identifier: qsa4hJZx9YkcsX2EdIfIAJUzdp54BP1HZKrJNSOeBXg=
Subject key identifier: 25:44:84:97:2F:56:28:32:71:F7:D6:38:E8:96:49:4A:D7:B8:D4:A6
Certificate issuer: /CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Certificate serial: 018CC64B358B13789D688D45203606BBE182
Authority key identifier: 95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/JUSEly9WKDJx99Y46JZJSte41KY.roa
Signing time: Mon 01 Jan 2024 18:31:06 +0000
ROA not before: Mon 01 Jan 2024 18:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8613
IP address blocks: 185.8.204.0/22 maxlen: 24
212.102.192.0/19 maxlen: 24
195.200.128.0/19 maxlen: 24
2a00:b300::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:35:8b:13:78:9d:68:8d:45:20:36:06:bb:e1:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Validity
Not Before: Jan 1 18:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=254484972f56283271f7d638e896494ad7b8d4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9d:bc:43:30:3c:f4:24:78:5a:2f:bd:d6:7f:
f5:93:5e:bf:a3:39:56:e6:68:ab:57:1e:0b:8a:db:
3f:b8:61:06:30:c9:d5:8b:03:8f:ba:34:2f:1c:d3:
37:b1:2f:2b:f4:1b:50:47:f8:04:b1:4c:07:0b:cd:
b1:97:4a:cc:e5:88:5e:2d:01:80:84:d7:73:09:e2:
0e:6b:11:03:59:87:39:5a:3f:cb:82:32:b4:6c:c3:
78:bc:e3:d8:40:7a:73:ef:91:72:d3:fb:99:2d:87:
72:b4:b3:4a:0f:e2:94:50:d0:16:1a:e7:3b:7a:36:
d1:05:9a:d8:ab:46:8f:02:bb:d2:89:03:23:51:f9:
0e:03:f0:14:1b:40:c6:9b:14:0b:20:a3:86:ac:b7:
67:6c:2a:f3:a0:51:8a:33:61:23:6f:fb:e1:4b:71:
36:0b:f0:4e:a1:36:f6:5f:a5:90:9f:8a:ca:6f:b5:
46:a2:42:60:1e:3c:7d:5d:34:1c:41:83:50:a8:64:
df:f4:a7:3f:d9:d9:c8:09:f0:e4:a0:f0:32:dc:53:
29:22:48:b8:60:24:eb:ee:d4:8d:e9:18:d2:03:4f:
c8:6a:8f:28:7c:74:d1:04:d5:24:2d:39:e2:b4:11:
b2:78:e0:88:e7:aa:be:fd:d9:ce:32:b5:3a:55:e1:
a4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:44:84:97:2F:56:28:32:71:F7:D6:38:E8:96:49:4A:D7:B8:D4:A6
X509v3 Authority Key Identifier:
keyid:95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/JUSEly9WKDJx99Y46JZJSte41KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.204.0/22
195.200.128.0/19
212.102.192.0/19
IPv6:
2a00:b300::/29
Signature Algorithm: sha256WithRSAEncryption
c8:22:b6:e5:8a:b4:4a:4c:5d:ed:97:e0:df:11:0e:42:b3:31:
61:67:25:b0:21:70:06:88:aa:72:52:66:b7:fc:77:79:d8:cc:
28:33:b7:14:36:db:89:38:9c:ad:ad:51:0b:df:b0:4c:4c:f1:
c2:e7:54:90:b4:0b:58:63:05:c9:73:de:4f:41:05:70:5a:98:
db:af:70:57:fd:33:83:b8:20:58:9f:30:57:b6:d3:e7:61:38:
86:5b:2c:a2:3a:2f:ab:75:fd:b6:03:28:1c:aa:f8:e5:5f:be:
67:04:3b:7b:69:02:1c:15:75:cf:81:75:20:c9:73:f4:90:81:
4d:ad:9d:e4:c3:e1:98:33:c1:2e:79:f6:74:64:95:94:82:ff:
f4:49:de:d1:83:79:f0:66:ae:a9:c2:8f:7b:a8:b4:60:48:aa:
75:26:bc:ec:15:14:d7:3b:10:d7:59:38:c5:af:3a:83:f6:93:
91:1a:ed:2e:c4:30:a7:74:f1:26:d5:20:9d:c1:07:12:8c:b3:
18:9f:d2:f1:a7:49:10:69:4d:12:1d:ad:d6:43:0f:d6:6c:84:
8c:0d:6e:34:fd:d1:88:31:01:d7:c6:a1:0e:87:6f:ab:b3:0b:
a6:fd:cf:cc:a3:84:1e:51:04:21:b9:79:8f:a8:b0:ca:33:41:
71:57:ae:ed
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSzWLE3idaI1FIDYGu+GCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTVhZGY2YWYxZmNjMDU3MGFkZjg1OGZkNWJmYmUyODc5
MWExODYwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTQ0ODQ5NzJmNTYyODMyNzFmN2Q2MzhlODk2NDk0YWQ3YjhkNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp28QzA89CR4Wi+91n/1k16/ozlW
5mirVx4Lits/uGEGMMnViwOPujQvHNM3sS8r9BtQR/gEsUwHC82xl0rM5YheLQGA
hNdzCeIOaxEDWYc5Wj/LgjK0bMN4vOPYQHpz75Fy0/uZLYdytLNKD+KUUNAWGuc7
ejbRBZrYq0aPArvSiQMjUfkOA/AUG0DGmxQLIKOGrLdnbCrzoFGKM2Ejb/vhS3E2
C/BOoTb2X6WQn4rKb7VGokJgHjx9XTQcQYNQqGTf9Kc/2dnICfDkoPAy3FMpIki4
YCTr7tSN6RjSA0/Iao8ofHTRBNUkLTnitBGyeOCI56q+/dnOMrU6VeGkVQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCVEhJcvVigycffWOOiWSUrXuNSmMB8GA1UdIwQY
MBaAFJWlrfavH8wFcK34WP1b++KHkaGGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTIt
MTYxOWQwOGM2OTY1LzEvSlVTRWx5OVdLREp4OTlZNDZKWkpTdGU0MUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTItMTYxOWQwOGM2OTY1
LzEvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQjMAwQF
w8iAAwQF1GbAMA0EAgACMAcDBQMqALMAMA0GCSqGSIb3DQEBCwUAA4IBAQDIIrbl
irRKTF3tl+DfEQ5CszFhZyWwIXAGiKpyUma3/Hd52MwoM7cUNtuJOJytrVEL37BM
TPHC51SQtAtYYwXJc95PQQVwWpjbr3BX/TODuCBYnzBXttPnYTiGWyyiOi+rdf22
AygcqvjlX75nBDt7aQIcFXXPgXUgyXP0kIFNrZ3kw+GYM8EuefZ0ZJWUgv/0Sd7R
g3nwZq6pwo97qLRgSKp1JrzsFRTXOxDXWTjFrzqD9pORGu0uxDCndPEm1SCdwQcS
jLMYn9Lxp0kQaU0SHa3WQw/WbISMDW40/dGIMQHXxqEOh2+rswum/c/Mo4QeUQQh
uXmPqLDKM0FxV67t
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:38:24 2025 by rpki-client