Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/jJOEPS1q3tfTnDSiQ2ZtA5pD4QU.roa
File: jJOEPS1q3tfTnDSiQ2ZtA5pD4QU.roa (raw, json)
Hash identifier: CzMX4MWFWpa87TFOaXAxUWwIGgHnxkvgU6HxmAxUsIQ=
Subject key identifier: 8C:93:84:3D:2D:6A:DE:D7:D3:9C:34:A2:43:66:6D:03:9A:43:E1:05
Certificate issuer: /CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae
Certificate serial: 0192B0538677466B3EF590E6785AC4EC9211
Authority key identifier: 72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/jJOEPS1q3tfTnDSiQ2ZtA5pD4QU.roa
Signing time: Mon 21 Oct 2024 18:25:16 +0000
ROA not before: Mon 21 Oct 2024 18:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43458
IP address blocks: 213.159.136.0/24 maxlen: 24
213.159.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 18:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b0:53:86:77:46:6b:3e:f5:90:e6:78:5a:c4:ec:92:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae
Validity
Not Before: Oct 21 18:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c93843d2d6aded7d39c34a243666d039a43e105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:11:a3:71:96:2c:20:c1:d6:bf:28:68:90:fc:
3c:72:9b:26:32:29:58:ac:ad:49:46:69:8c:a8:06:
6b:14:6b:0d:71:4b:29:68:a9:88:14:f0:c6:92:b2:
64:6c:f5:17:3f:f8:61:57:78:1b:22:f0:8b:bd:ca:
80:5e:62:8e:be:53:e3:94:7d:21:ed:4e:81:58:cc:
d4:30:61:56:ea:de:b1:f1:de:00:b5:40:5d:ea:e6:
b0:0b:f8:17:5f:2b:4c:c6:f1:d3:a9:f0:b3:90:8b:
e0:18:a9:09:59:65:72:1d:7f:8b:3f:f2:00:10:8f:
9d:89:a5:a1:62:21:df:ef:be:95:9d:68:5d:8c:c2:
d0:a5:4d:b3:3e:d0:6d:11:59:ee:97:74:fc:6e:7b:
ad:68:8d:39:ab:9f:2b:85:bb:f8:af:db:5e:9f:ca:
96:07:0a:14:14:e3:04:73:e7:39:ed:a8:4e:fc:22:
19:15:8d:c2:89:82:60:a2:45:a7:da:cd:0f:2a:20:
7e:f1:b8:78:95:34:5c:78:04:63:7d:f1:7d:f4:8a:
76:b2:be:eb:35:22:ff:1e:87:3e:d8:d2:c6:a2:f0:
97:4e:99:f7:4b:cc:f5:a7:82:81:82:d2:55:a6:6b:
b7:3c:c0:f1:20:1d:5f:5a:ed:c2:b5:69:2f:00:25:
ea:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:93:84:3D:2D:6A:DE:D7:D3:9C:34:A2:43:66:6D:03:9A:43:E1:05
X509v3 Authority Key Identifier:
keyid:72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/jJOEPS1q3tfTnDSiQ2ZtA5pD4QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.159.136.0/23
Signature Algorithm: sha256WithRSAEncryption
66:7f:13:ad:dc:f5:1c:ba:aa:92:0e:63:d3:21:ac:ad:45:dc:
63:8d:5b:86:44:ae:d1:a6:83:bd:e0:83:77:0a:cc:14:a9:0c:
c0:40:08:9e:3f:34:4e:05:3d:88:a0:cf:12:f0:c4:64:f2:b2:
4a:f5:5b:a1:91:af:9c:ab:a5:1f:d7:29:69:e2:15:01:64:06:
c6:de:73:c5:be:14:d0:ea:4d:fb:54:80:0a:90:52:ad:60:56:
df:e7:40:bb:05:47:dd:38:72:86:ae:3d:89:2f:dd:c2:63:fc:
b6:7c:8a:b6:ea:37:ca:7a:b9:fd:da:a0:c4:95:20:5d:43:ac:
1f:49:70:ee:c2:ba:87:ac:eb:26:11:2a:d7:16:bb:91:6d:10:
e4:7b:42:2c:c4:44:66:51:0a:01:b3:25:06:74:f4:e0:ce:74:
d1:8a:2a:9f:69:30:ee:ea:1a:c1:88:e8:37:45:58:43:d8:e9:
8d:2a:bd:76:a2:82:7e:d5:de:e6:b0:8c:2f:0a:44:0b:db:ec:
c4:0f:89:0e:27:49:10:84:52:bb:ec:ab:3b:8a:10:72:c5:92:
f4:89:dd:c2:fc:4b:24:41:14:b5:a6:13:11:07:b3:a1:a2:d5:
23:71:05:cf:83:1b:f2:30:df:cd:5b:8a:29:45:a5:32:4d:5c:
8d:35:78:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKwU4Z3Rms+9ZDmeFrE7JIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYmJkMmZhMTgzMTk2MzllMjVmZmJmNGJkYmZhMDA4NjYw
MTU4YWUwHhcNMjQxMDIxMTgyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzkzODQzZDJkNmFkZWQ3ZDM5YzM0YTI0MzY2NmQwMzlhNDNlMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBGjcZYsIMHWvyhokPw8cpsmMilY
rK1JRmmMqAZrFGsNcUspaKmIFPDGkrJkbPUXP/hhV3gbIvCLvcqAXmKOvlPjlH0h
7U6BWMzUMGFW6t6x8d4AtUBd6uawC/gXXytMxvHTqfCzkIvgGKkJWWVyHX+LP/IA
EI+diaWhYiHf776VnWhdjMLQpU2zPtBtEVnul3T8bnutaI05q58rhbv4r9ten8qW
BwoUFOMEc+c57ahO/CIZFY3CiYJgokWn2s0PKiB+8bh4lTRceARjffF99Ip2sr7r
NSL/Hoc+2NLGovCXTpn3S8z1p4KBgtJVpmu3PMDxIB1fWu3CtWkvACXqUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyThD0tat7X05w0okNmbQOaQ+EFMB8GA1UdIwQY
MBaAFHK70voYMZY54l/79L2/oAhmAViuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgt
MGFmMmU1NDE2NDZjLzEvakpPRVBTMXEzdGZUbkRTaVEyWnRBNXBENFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgtMGFmMmU1NDE2NDZj
LzEvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1Z+IMA0G
CSqGSIb3DQEBCwUAA4IBAQBmfxOt3PUcuqqSDmPTIaytRdxjjVuGRK7RpoO94IN3
CswUqQzAQAiePzROBT2IoM8S8MRk8rJK9Vuhka+cq6Uf1ylp4hUBZAbG3nPFvhTQ
6k37VIAKkFKtYFbf50C7BUfdOHKGrj2JL93CY/y2fIq26jfKern92qDElSBdQ6wf
SXDuwrqHrOsmESrXFruRbRDke0IsxERmUQoBsyUGdPTgznTRiiqfaTDu6hrBiOg3
RVhD2OmNKr12ooJ+1d7msIwvCkQL2+zED4kOJ0kQhFK77Ks7ihByxZL0id3C/Esk
QRS1phMRB7OhotUjcQXPgxvyMN/NW4opRaUyTVyNNXjw
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:29:40 2025 by rpki-client