Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/JOI9oLn6kz-5PvQp9ax3uxK-RD4.roa
File: JOI9oLn6kz-5PvQp9ax3uxK-RD4.roa (raw, json)
Hash identifier: qGUKkRVxA7Dq8rSCfuBCGjCgPWos+ORmtQSegkIsEI4=
Subject key identifier: 24:E2:3D:A0:B9:FA:93:3F:B9:3E:F4:29:F5:AC:77:BB:12:BE:44:3E
Certificate issuer: /CN=d6c269f9e93b0fb8bc4b1c947abc5b21f21f2305
Certificate serial: 018E3D81429F1C8E63253F94742B40E77782
Authority key identifier: D6:C2:69:F9:E9:3B:0F:B8:BC:4B:1C:94:7A:BC:5B:21:F2:1F:23:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/JOI9oLn6kz-5PvQp9ax3uxK-RD4.roa
Signing time: Thu 14 Mar 2024 15:07:45 +0000
ROA not before: Thu 14 Mar 2024 15:07:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.149.156.0/22 maxlen: 24
194.45.22.0/24 maxlen: 24
212.86.192.0/19 maxlen: 24
2a00:1970::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:81:42:9f:1c:8e:63:25:3f:94:74:2b:40:e7:77:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6c269f9e93b0fb8bc4b1c947abc5b21f21f2305
Validity
Not Before: Mar 14 15:07:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24e23da0b9fa933fb93ef429f5ac77bb12be443e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:25:de:fc:66:01:0f:0a:fe:eb:95:66:65:44:
3a:65:b4:ef:02:13:c3:5f:c0:0e:d5:e3:87:f6:c2:
86:3d:75:3d:52:63:d7:a3:79:fc:c0:7b:1e:24:ac:
99:c1:11:7c:09:06:90:f7:1c:37:1d:d0:ca:d1:0e:
66:2d:b6:89:15:e5:28:04:36:ef:a6:c4:6e:06:b0:
ef:97:e6:d4:52:68:03:22:3b:c2:fe:cd:0c:ef:c6:
e6:bb:e9:9d:e3:af:d4:c8:9c:76:c8:ec:e8:09:c2:
63:9f:de:d7:cd:9f:cd:77:8e:47:58:b8:c4:e8:66:
6f:fc:3f:f2:42:3e:8d:de:fb:5f:26:ca:35:4d:c7:
8f:57:21:d8:08:64:06:91:73:f2:07:a0:ca:3c:a0:
7e:ff:6d:74:46:5f:d6:bc:b3:4d:31:88:a7:c6:de:
40:67:8c:03:67:c8:1a:22:a4:ba:c9:13:b3:e8:dc:
60:ee:d3:36:d9:21:d7:c5:40:48:1c:25:b8:53:2d:
e9:77:12:51:4f:a5:9d:94:d7:bd:7d:62:e3:c5:1e:
aa:0b:62:75:72:6e:91:35:e4:5a:9f:8e:6a:c1:e9:
e8:bb:57:0f:8b:a4:44:38:31:2d:6d:05:5d:9f:94:
c5:6c:d4:75:ab:c7:33:5c:ff:a4:2f:25:fe:d7:e6:
f2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E2:3D:A0:B9:FA:93:3F:B9:3E:F4:29:F5:AC:77:BB:12:BE:44:3E
X509v3 Authority Key Identifier:
keyid:D6:C2:69:F9:E9:3B:0F:B8:BC:4B:1C:94:7A:BC:5B:21:F2:1F:23:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/JOI9oLn6kz-5PvQp9ax3uxK-RD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.156.0/22
194.45.22.0/24
212.86.192.0/19
IPv6:
2a00:1970::/32
Signature Algorithm: sha256WithRSAEncryption
aa:db:82:83:c0:3a:a3:7b:31:b3:8b:d0:a9:2f:51:cd:63:47:
aa:21:25:26:c5:8a:ec:79:27:fa:f7:24:af:cd:b2:73:22:26:
f9:31:d2:6e:2f:55:1f:2c:c0:2e:48:1e:29:23:37:3f:18:26:
4c:10:bb:37:68:5d:88:43:96:fa:ad:7b:da:b0:e7:88:48:bb:
6d:eb:3e:f4:01:b8:f2:6b:ed:6b:af:7a:63:1d:51:ab:b6:61:
bc:73:9a:7e:80:94:51:e0:b8:6f:a4:1e:3f:2f:ff:b7:77:95:
4a:76:09:10:d2:56:ff:07:21:ef:63:4e:ac:84:99:52:82:4e:
34:9b:d9:33:43:8f:cc:79:76:42:63:7a:d9:d1:41:ad:f4:ec:
cd:59:59:ff:eb:77:86:e0:dc:8c:ab:b2:eb:5c:9b:d5:f5:93:
ae:c4:be:9b:34:fc:52:a7:5b:91:3e:f8:6b:59:93:f2:b9:6d:
71:79:9f:b7:8a:05:dd:96:1f:c3:ec:b9:3c:03:ef:1b:9b:10:
e1:4f:b1:ca:f6:64:bf:f7:55:ed:5a:09:f1:13:32:16:f5:c7:
a3:ec:00:26:d1:be:44:06:3b:cb:60:d5:fc:4a:92:1a:4f:2a:
3b:49:bb:a9:72:87:04:3a:b6:58:55:4a:c7:9a:29:95:fa:c3:
79:93:97:15
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY49gUKfHI5jJT+UdCtA53eCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YzI2OWY5ZTkzYjBmYjhiYzRiMWM5NDdhYmM1YjIxZjIx
ZjIzMDUwHhcNMjQwMzE0MTUwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGUyM2RhMGI5ZmE5MzNmYjkzZWY0MjlmNWFjNzdiYjEyYmU0NDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/CXe/GYBDwr+65VmZUQ6ZbTvAhPD
X8AO1eOH9sKGPXU9UmPXo3n8wHseJKyZwRF8CQaQ9xw3HdDK0Q5mLbaJFeUoBDbv
psRuBrDvl+bUUmgDIjvC/s0M78bmu+md46/UyJx2yOzoCcJjn97XzZ/Nd45HWLjE
6GZv/D/yQj6N3vtfJso1TcePVyHYCGQGkXPyB6DKPKB+/210Rl/WvLNNMYinxt5A
Z4wDZ8gaIqS6yROz6Nxg7tM22SHXxUBIHCW4Uy3pdxJRT6WdlNe9fWLjxR6qC2J1
cm6RNeRan45qwenou1cPi6REODEtbQVdn5TFbNR1q8czXP+kLyX+1+by7QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCTiPaC5+pM/uT70KfWsd7sSvkQ+MB8GA1UdIwQY
MBaAFNbCafnpOw+4vEsclHq8WyHyHyMFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXNKcC1lazdEN2k4U3h5VWVyeGJJZklmSXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jMjUzZTMtNDEzMy00YTE2LTkwNjEt
Yjc5Y2ZjMjRkM2I3LzEvSk9JOW9MbjZrei01UHZRcDlheDN1eEstUkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9jMjUzZTMtNDEzMy00YTE2LTkwNjEtYjc5Y2ZjMjRkM2I3
LzEvMXNKcC1lazdEN2k4U3h5VWVyeGJJZklmSXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuZWcAwQA
wi0WAwQF1FbAMA0EAgACMAcDBQAqABlwMA0GCSqGSIb3DQEBCwUAA4IBAQCq24KD
wDqjezGzi9CpL1HNY0eqISUmxYrseSf69ySvzbJzIib5MdJuL1UfLMAuSB4pIzc/
GCZMELs3aF2IQ5b6rXvasOeISLtt6z70Abjya+1rr3pjHVGrtmG8c5p+gJRR4Lhv
pB4/L/+3d5VKdgkQ0lb/ByHvY06shJlSgk40m9kzQ4/MeXZCY3rZ0UGt9OzNWVn/
63eG4NyMq7LrXJvV9ZOuxL6bNPxSp1uRPvhrWZPyuW1xeZ+3igXdlh/D7Lk8A+8b
mxDhT7HK9mS/91XtWgnxEzIW9cej7AAm0b5EBjvLYNX8SpIaTyo7SbupcocEOrZY
VUrHmimV+sN5k5cV
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:40 2025 by rpki-client