Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/JVemFjs3QzTXPplg4XZ1WX9Lxls.roa
File: JVemFjs3QzTXPplg4XZ1WX9Lxls.roa (raw, json)
Hash identifier: kp/V4TCcfkX0FaUJrtv9QhUzi/rgXXZ/mt+0AilYagY=
Subject key identifier: 25:57:A6:16:3B:37:43:34:D7:3E:99:60:E1:76:75:59:7F:4B:C6:5B
Certificate issuer: /CN=a885cdbddfd7d1316845beb4f7398f3ce64facd0
Certificate serial: 018FDDECFF645E92FC48E771C0FAA81A89E1
Authority key identifier: A8:85:CD:BD:DF:D7:D1:31:68:45:BE:B4:F7:39:8F:3C:E6:4F:AC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIXNvd_X0TFoRb609zmPPOZPrNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/JVemFjs3QzTXPplg4XZ1WX9Lxls.roa
Signing time: Mon 03 Jun 2024 11:47:27 +0000
ROA not before: Mon 03 Jun 2024 11:47:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39684
IP address blocks: 81.88.80.0/22 maxlen: 22
81.88.84.0/24 maxlen: 24
81.88.85.0/24 maxlen: 24
81.88.86.0/24 maxlen: 24
81.88.87.0/24 maxlen: 24
81.88.88.0/24 maxlen: 24
81.88.94.0/24 maxlen: 24
81.88.95.0/24 maxlen: 24
185.200.140.0/24 maxlen: 24
185.200.141.0/24 maxlen: 24
185.200.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:ec:ff:64:5e:92:fc:48:e7:71:c0:fa:a8:1a:89:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a885cdbddfd7d1316845beb4f7398f3ce64facd0
Validity
Not Before: Jun 3 11:47:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2557a6163b374334d73e9960e17675597f4bc65b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b6:4a:69:8c:46:f5:48:e9:8b:03:27:48:cd:
98:c0:79:66:d4:91:db:b2:27:32:0a:4f:a3:a9:dd:
e7:fb:ee:ce:e8:61:b2:58:df:de:8d:c3:5e:f7:61:
a7:10:24:ca:c6:6e:ba:15:66:65:a4:fe:a2:19:4e:
43:36:3b:aa:96:ba:9c:eb:4b:71:be:b6:34:63:34:
83:20:df:14:e3:6f:5e:f4:5f:84:76:ec:ba:9f:a6:
fc:e2:f7:2e:ce:2d:7d:a0:ec:a8:78:8c:67:a4:6d:
d6:08:31:4a:8f:d3:b3:0a:bf:0b:1a:8d:e8:7c:c1:
2f:83:b7:cf:c2:33:d6:1b:a2:c4:30:f1:21:4e:82:
64:c6:b7:57:ca:81:2a:ed:b3:31:3e:96:30:36:c5:
bc:bb:ba:43:cf:46:0b:c4:6e:08:57:5e:08:43:16:
0a:32:48:86:71:83:d1:a8:c8:8e:37:f0:9f:0d:f4:
28:64:02:2e:27:44:82:53:2d:46:21:a0:f4:19:63:
21:34:f6:1b:0b:d0:02:25:56:3c:e9:32:56:8c:3b:
6a:eb:bb:66:53:e0:1f:df:ac:36:7d:0b:d6:d6:6f:
28:e9:16:dc:42:db:1e:1d:3a:4a:38:d6:45:fb:fa:
3d:49:b4:2f:51:d0:7b:c1:f7:24:ca:f4:a4:a0:27:
2b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:57:A6:16:3B:37:43:34:D7:3E:99:60:E1:76:75:59:7F:4B:C6:5B
X509v3 Authority Key Identifier:
keyid:A8:85:CD:BD:DF:D7:D1:31:68:45:BE:B4:F7:39:8F:3C:E6:4F:AC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIXNvd_X0TFoRb609zmPPOZPrNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/JVemFjs3QzTXPplg4XZ1WX9Lxls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/qIXNvd_X0TFoRb609zmPPOZPrNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.80.0-81.88.88.255
81.88.94.0/23
185.200.140.0-185.200.142.255
Signature Algorithm: sha256WithRSAEncryption
0e:e6:c9:78:b5:50:7a:43:b6:c1:f9:e3:6f:8e:15:ee:2a:04:
ae:11:df:92:39:3d:e1:ae:7d:9d:70:f0:e3:e4:bf:44:57:e0:
2d:a5:ae:b5:db:8a:1d:3b:ff:6d:da:ec:a4:78:29:ab:81:36:
0d:da:bc:a0:42:89:0b:4d:28:4f:e1:47:8b:7e:af:e9:eb:b5:
c8:f6:a6:6e:6b:d6:a1:c0:1c:d6:4b:bb:b2:35:2a:34:27:15:
f0:e3:49:d9:3c:23:0e:fe:38:ac:fb:9d:e6:44:62:f1:78:21:
a8:be:fc:cb:c4:89:2f:06:00:da:f9:c1:28:b5:7e:74:b0:3d:
3d:78:e7:dc:1c:66:0c:85:be:a7:a4:20:6e:24:3a:52:79:00:
2a:f4:b1:d4:6e:c5:45:3c:6e:86:02:ae:32:1e:ed:f4:13:c8:
26:50:63:d6:87:dd:dc:63:98:85:2e:2d:64:56:53:78:fb:25:
6e:65:69:3a:8c:3d:22:7f:27:64:58:c2:2f:37:71:eb:7d:c8:
65:6b:7c:70:29:f5:d9:5d:df:60:8a:5a:58:bc:77:d0:93:0f:
89:7c:0a:8b:9a:73:16:a4:c5:38:6c:aa:21:92:24:6c:f5:13:
57:36:d7:e9:5a:7e:44:5f:b0:df:97:22:69:34:76:3b:15:bb:
2e:e0:8c:4f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY/d7P9kXpL8SOdxwPqoGonhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODVjZGJkZGZkN2QxMzE2ODQ1YmViNGY3Mzk4ZjNjZTY0
ZmFjZDAwHhcNMjQwNjAzMTE0NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTU3YTYxNjNiMzc0MzM0ZDczZTk5NjBlMTc2NzU1OTdmNGJjNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybZKaYxG9UjpiwMnSM2YwHlm1JHb
sicyCk+jqd3n++7O6GGyWN/ejcNe92GnECTKxm66FWZlpP6iGU5DNjuqlrqc60tx
vrY0YzSDIN8U429e9F+Eduy6n6b84vcuzi19oOyoeIxnpG3WCDFKj9OzCr8LGo3o
fMEvg7fPwjPWG6LEMPEhToJkxrdXyoEq7bMxPpYwNsW8u7pDz0YLxG4IV14IQxYK
MkiGcYPRqMiON/CfDfQoZAIuJ0SCUy1GIaD0GWMhNPYbC9ACJVY86TJWjDtq67tm
U+Af36w2fQvW1m8o6RbcQtseHTpKONZF+/o9SbQvUdB7wfckyvSkoCcrJQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCVXphY7N0M01z6ZYOF2dVl/S8ZbMB8GA1UdIwQY
MBaAFKiFzb3f19ExaEW+tPc5jzzmT6zQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlYTnZkX1gwVEZvUmI2MDl6bVBQT1pQck5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iM2E1NzYtNTBjYi00ODY2LWJlODEt
ZjQ4Mjc4MDBiMGM4LzEvSlZlbUZqczNRelRYUHBsZzRYWjFXWDlMeGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iM2E1NzYtNTBjYi00ODY2LWJlODEtZjQ4Mjc4MDBiMGM4
LzEvcUlYTnZkX1gwVEZvUmI2MDl6bVBQT1pQck5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBARRWFAD
BABRWFgDBAFRWF4wDAMEArnIjAMEALnIjjANBgkqhkiG9w0BAQsFAAOCAQEADubJ
eLVQekO2wfnjb44V7ioErhHfkjk94a59nXDw4+S/RFfgLaWutduKHTv/bdrspHgp
q4E2Ddq8oEKJC00oT+FHi36v6eu1yPambmvWocAc1ku7sjUqNCcV8ONJ2TwjDv44
rPud5kRi8XghqL78y8SJLwYA2vnBKLV+dLA9PXjn3BxmDIW+p6QgbiQ6UnkAKvSx
1G7FRTxuhgKuMh7t9BPIJlBj1ofd3GOYhS4tZFZTePslbmVpOow9In8nZFjCLzdx
633IZWt8cCn12V3fYIpaWLx30JMPiXwKi5pzFqTFOGyqIZIkbPUTVzbX6Vp+RF+w
35ciaTR2OxW7LuCMTw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:22 2025 by rpki-client