Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/pDDjhRjMtuDj5ditfcVJa3NTZls.roa
File: pDDjhRjMtuDj5ditfcVJa3NTZls.roa (raw, json)
Hash identifier: 5UJw5LjoBYXxwniBy5YjFvfxFDDqRyCtnqYQ6jC2NBU=
Subject key identifier: A4:30:E3:85:18:CC:B6:E0:E3:E5:D8:AD:7D:C5:49:6B:73:53:66:5B
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 0194CBA4DEA76B8F2232D6BD48DC602EF940
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/pDDjhRjMtuDj5ditfcVJa3NTZls.roa
Signing time: Mon 03 Feb 2025 11:49:27 +0000
ROA not before: Mon 03 Feb 2025 11:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12989
IP address blocks: 2.59.22.0/24 maxlen: 24
212.104.140.0/24 maxlen: 24
213.254.179.0/24 maxlen: 24
2a01:e945::/48 maxlen: 48
2a01:e947::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Feb 2025 23:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:a4:de:a7:6b:8f:22:32:d6:bd:48:dc:60:2e:f9:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Feb 3 11:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a430e38518ccb6e0e3e5d8ad7dc5496b7353665b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:93:9c:c6:63:0a:0c:2c:c4:00:43:de:58:2f:
77:8a:8c:be:cf:f9:da:08:1c:47:2d:6c:ca:eb:e8:
1b:a9:70:bd:ca:f8:5a:fc:e1:54:49:cc:8d:3a:df:
94:41:f0:c1:c9:ae:38:ba:4e:e8:e3:bb:1f:ab:89:
8d:d9:23:e8:67:f4:5b:1e:ef:c9:80:6f:a3:9b:20:
05:7e:00:5e:96:54:24:a5:cc:97:9b:2f:c7:59:6f:
9d:9d:63:4d:f9:43:65:af:21:08:db:8f:67:15:d6:
34:44:00:df:ae:b1:c2:4b:26:b7:1d:f3:6c:76:5d:
ac:f2:7e:74:68:1e:a5:8b:60:f8:03:66:5d:e4:3f:
6e:34:19:8c:79:d8:40:51:b6:19:6d:34:e0:24:75:
83:a1:5e:46:d9:57:3c:49:c8:e3:1b:08:50:68:7b:
16:ce:fa:c8:72:35:a8:75:55:29:8b:5e:49:7b:9b:
73:23:69:4c:25:4d:59:e7:3e:cb:56:78:32:5e:9b:
6d:12:57:78:eb:16:65:93:22:31:95:5e:58:c3:66:
5d:f0:7d:87:6f:6b:c5:db:84:1a:15:86:e5:e9:2b:
4e:96:a0:ac:02:3e:b4:9d:96:da:19:83:f7:d1:37:
59:cb:d5:81:8c:1f:bb:fa:20:70:c3:2a:1e:ff:cb:
80:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:30:E3:85:18:CC:B6:E0:E3:E5:D8:AD:7D:C5:49:6B:73:53:66:5B
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/pDDjhRjMtuDj5ditfcVJa3NTZls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
212.104.140.0/24
213.254.179.0/24
IPv6:
2a01:e945::/48
2a01:e947::/48
Signature Algorithm: sha256WithRSAEncryption
88:14:26:77:94:e1:88:ae:48:57:fc:b8:55:4f:5b:bc:af:4f:
7a:bb:77:ed:ae:a0:03:7c:28:fa:46:c4:5b:f3:58:66:a4:a7:
ff:4a:b7:45:2d:20:ad:d9:e3:63:ac:0c:da:6b:29:8c:f2:14:
d2:10:9a:bb:05:c6:a4:9a:62:fc:d1:d1:ee:69:36:d1:9e:62:
88:e1:5a:87:68:ec:06:24:a6:20:c7:e4:a3:bd:95:5e:27:c5:
f1:2f:97:dc:7d:2a:fd:ac:fc:5a:b1:03:e8:a8:4e:56:13:93:
fd:8e:26:e0:81:46:c0:2d:04:fe:08:59:cb:1b:08:40:41:74:
66:76:42:90:92:d4:96:b0:44:f2:07:63:1a:9a:fb:b9:f9:7c:
4b:85:1a:a8:51:36:1f:16:75:1d:36:18:1d:e6:82:49:56:4c:
a6:42:8e:49:ac:67:b8:5b:e5:ca:31:40:94:f3:55:d6:38:d0:
e4:5f:98:f2:20:64:d3:bb:29:21:ab:0b:7f:5f:e5:20:67:11:
52:29:fa:8b:35:a6:fd:5b:7a:63:8e:93:aa:95:e0:b2:e4:a1:
f6:57:a1:26:d2:fa:9a:54:a6:57:cd:0b:eb:f9:cf:de:bf:1e:
20:de:9b:81:14:33:39:08:80:40:2c:e7:6b:39:7e:e6:bc:08:
90:3a:d9:f8
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZTLpN6na48iMta9SNxgLvlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMjAzMTE0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDMwZTM4NTE4Y2NiNmUwZTNlNWQ4YWQ3ZGM1NDk2YjczNTM2NjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5OcxmMKDCzEAEPeWC93ioy+z/na
CBxHLWzK6+gbqXC9yvha/OFUScyNOt+UQfDBya44uk7o47sfq4mN2SPoZ/RbHu/J
gG+jmyAFfgBellQkpcyXmy/HWW+dnWNN+UNlryEI249nFdY0RADfrrHCSya3HfNs
dl2s8n50aB6li2D4A2Zd5D9uNBmMedhAUbYZbTTgJHWDoV5G2Vc8ScjjGwhQaHsW
zvrIcjWodVUpi15Je5tzI2lMJU1Z5z7LVngyXpttEld46xZlkyIxlV5Yw2Zd8H2H
b2vF24QaFYbl6StOlqCsAj60nZbaGYP30TdZy9WBjB+7+iBwwyoe/8uApwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKQw44UYzLbg4+XYrX3FSWtzU2ZbMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvcEREamhSak10dURqNWRpdGZjVkphM05UWmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAAjsWAwQA
1GiMAwQA1f6zMBgEAgACMBIDBwAqAelFAAADBwAqAelHAAAwDQYJKoZIhvcNAQEL
BQADggEBAIgUJneU4YiuSFf8uFVPW7yvT3q7d+2uoAN8KPpGxFvzWGakp/9Kt0Ut
IK3Z42OsDNprKYzyFNIQmrsFxqSaYvzR0e5pNtGeYojhWodo7AYkpiDH5KO9lV4n
xfEvl9x9Kv2s/FqxA+ioTlYTk/2OJuCBRsAtBP4IWcsbCEBBdGZ2QpCS1JawRPIH
Yxqa+7n5fEuFGqhRNh8WdR02GB3mgklWTKZCjkmsZ7hb5coxQJTzVdY40ORfmPIg
ZNO7KSGrC39f5SBnEVIp+os1pv1bemOOk6qV4LLkofZXoSbS+ppUplfNC+v5z96/
HiDem4EUMzkIgEAs52s5fua8CJA62fg=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:58:06 2025 by rpki-client