Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/JNiBqjiZ8o0fEuCExZ1WzPg1H04.roa
File: JNiBqjiZ8o0fEuCExZ1WzPg1H04.roa (raw, json)
Hash identifier: 2Fp9KPMsFl+AjIYLOyygEIe6amosXgl14EI9/qi38EM=
Subject key identifier: 24:D8:81:AA:38:99:F2:8D:1F:12:E0:84:C5:9D:56:CC:F8:35:1F:4E
Certificate issuer: /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial: 018CC80156E9CB95ED849DB6BE2743DF6ACC
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/JNiBqjiZ8o0fEuCExZ1WzPg1H04.roa
Signing time: Tue 02 Jan 2024 02:29:40 +0000
ROA not before: Tue 02 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211947
IP address blocks: 195.64.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:56:e9:cb:95:ed:84:9d:b6:be:27:43:df:6a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Validity
Not Before: Jan 2 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24d881aa3899f28d1f12e084c59d56ccf8351f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d1:bd:56:a8:de:e7:69:6a:5c:d2:d3:7a:59:
58:4e:14:55:9c:49:b7:a1:cc:79:7d:aa:dc:4c:fd:
c8:2d:99:98:ab:11:17:86:3a:e9:4f:24:f5:68:39:
39:60:ac:53:e0:c2:9f:01:e7:ee:49:71:7b:4f:a5:
23:86:e4:d2:19:72:da:77:7e:20:45:11:db:be:cc:
d2:55:f0:1c:dd:7f:92:14:38:3c:3e:f5:54:ce:48:
d5:b0:c1:2a:7e:c0:35:c1:d3:42:d0:10:ad:57:99:
9c:45:c8:7d:50:12:5f:1b:92:68:aa:86:65:ce:f1:
b6:21:fe:ae:c7:e0:4e:2f:69:fa:df:a4:0d:cb:3f:
7b:02:e2:8d:71:f2:61:40:5d:1b:bb:12:cc:6a:77:
82:ae:11:9d:ba:ea:f8:be:98:47:05:d8:41:21:29:
74:62:ad:49:b4:98:5d:09:1d:59:4f:4f:f1:d2:f6:
e9:d7:76:60:be:0b:51:e5:6c:fc:69:68:f2:f5:15:
35:7c:b4:9a:72:b4:01:b0:7f:29:70:ac:55:c0:71:
4c:14:df:a6:7b:8c:68:2e:b8:1d:4f:76:c6:d6:9b:
68:d1:bc:f3:bf:e8:5e:6c:cd:e9:e9:d4:f3:31:7f:
5d:50:bc:97:d0:94:85:8f:fd:db:4d:ca:8d:f3:0d:
d1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D8:81:AA:38:99:F2:8D:1F:12:E0:84:C5:9D:56:CC:F8:35:1F:4E
X509v3 Authority Key Identifier:
keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/JNiBqjiZ8o0fEuCExZ1WzPg1H04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.231.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c7:72:ea:da:29:01:82:3d:f0:6a:1a:88:27:88:18:1d:10:
56:65:c3:ad:c1:28:8a:38:06:f1:24:20:52:2a:80:37:c7:df:
ed:18:46:41:29:71:be:52:45:84:ef:b3:d9:f3:0c:c5:fe:81:
bc:88:98:6c:df:64:b0:c0:ed:fa:4e:1d:46:02:85:90:72:12:
fd:fa:ab:f1:8e:0f:73:31:7f:a4:f4:45:9d:07:c1:53:d3:2f:
3d:35:38:c0:ab:04:7a:e6:ed:7f:5d:ca:da:4e:cc:1a:e4:ac:
2a:ad:a2:eb:34:21:40:bf:06:61:cf:59:b6:33:c6:d4:7f:77:
8b:84:f7:d8:33:31:48:63:78:8e:0f:39:5a:0a:c9:60:97:e6:
f4:69:9c:2a:9f:59:9f:2d:26:68:c4:86:26:3d:53:bd:a1:b6:
92:4f:6e:4d:f8:c0:b4:d9:20:40:15:83:96:25:b4:8c:01:62:
a5:7c:fc:14:60:ad:0c:dc:0f:b3:e3:0e:a1:7e:c9:4b:78:aa:
d7:18:46:ac:fe:46:be:a5:90:22:53:48:b2:60:41:5c:66:95:
bb:56:c5:6a:36:05:23:ca:73:24:11:a0:e5:05:d3:94:33:47:
3e:b7:09:5c:73:ac:73:8a:d1:06:64:81:98:ef:01:6c:0c:db:
1f:2b:e7:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAVbpy5XthJ22vidD32rMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZmE0OGY0MGJjODQ1NDBjNDZiZDIzYmU5YjkwODk3YWEx
ODRmNGQwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGQ4ODFhYTM4OTlmMjhkMWYxMmUwODRjNTlkNTZjY2Y4MzUxZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidG9Vqje52lqXNLTellYThRVnEm3
ocx5farcTP3ILZmYqxEXhjrpTyT1aDk5YKxT4MKfAefuSXF7T6UjhuTSGXLad34g
RRHbvszSVfAc3X+SFDg8PvVUzkjVsMEqfsA1wdNC0BCtV5mcRch9UBJfG5JoqoZl
zvG2If6ux+BOL2n636QNyz97AuKNcfJhQF0buxLManeCrhGduur4vphHBdhBISl0
Yq1JtJhdCR1ZT0/x0vbp13ZgvgtR5Wz8aWjy9RU1fLSacrQBsH8pcKxVwHFMFN+m
e4xoLrgdT3bG1pto0bzzv+hebM3p6dTzMX9dULyX0JSFj/3bTcqN8w3ROwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTYgao4mfKNHxLghMWdVsz4NR9OMB8GA1UdIwQY
MBaAFIH6SPQLyEVAxGvSO+m5CJeqGE9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEt
OGU5M2NiNWM1MzU1LzEvSk5pQnFqaVo4bzBmRXVDRXhaMVd6UGcxSDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEtOGU5M2NiNWM1MzU1
LzEvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0DnMA0G
CSqGSIb3DQEBCwUAA4IBAQAjx3Lq2ikBgj3wahqIJ4gYHRBWZcOtwSiKOAbxJCBS
KoA3x9/tGEZBKXG+UkWE77PZ8wzF/oG8iJhs32SwwO36Th1GAoWQchL9+qvxjg9z
MX+k9EWdB8FT0y89NTjAqwR65u1/XcraTswa5KwqraLrNCFAvwZhz1m2M8bUf3eL
hPfYMzFIY3iODzlaCslgl+b0aZwqn1mfLSZoxIYmPVO9obaST25N+MC02SBAFYOW
JbSMAWKlfPwUYK0M3A+z4w6hfslLeKrXGEas/ka+pZAiU0iyYEFcZpW7VsVqNgUj
ynMkEaDlBdOUM0c+twlcc6xzitEGZIGY7wFsDNsfK+do
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:39 2025 by rpki-client