Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/J1XYRihN4bBsjGOnNWYrquLkVck.roa
File: J1XYRihN4bBsjGOnNWYrquLkVck.roa (raw, json)
Hash identifier: xJpsOGEt9ROEEfXBrq1oXV43jmxLUGIeiK4XbwnmKSU=
Subject key identifier: 27:55:D8:46:28:4D:E1:B0:6C:8C:63:A7:35:66:2B:AA:E2:E4:55:C9
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01953C1BFFC92AACB0962BD2C2FA9914AD4C
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/J1XYRihN4bBsjGOnNWYrquLkVck.roa
Signing time: Tue 25 Feb 2025 07:57:02 +0000
ROA not before: Tue 25 Feb 2025 07:57:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23470
IP address blocks: 194.238.78.0/24 maxlen: 24
213.18.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 07:54:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:1b:ff:c9:2a:ac:b0:96:2b:d2:c2:fa:99:14:ad:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Feb 25 07:57:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2755d846284de1b06c8c63a735662baae2e455c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:36:7c:f6:80:3f:3c:14:2b:b3:b7:74:0e:4e:
19:7d:4e:34:f4:63:15:c7:6e:4e:8c:e5:14:97:60:
7e:ed:22:26:32:6c:6d:10:82:00:70:1a:ed:c4:64:
d3:7f:f7:51:67:28:d3:37:a5:f7:ba:cd:d4:8d:33:
d4:01:f6:80:76:8a:95:3a:6d:00:5f:f3:88:36:d8:
ae:12:4a:df:cf:68:7c:e9:e0:d9:c0:ca:f9:68:f7:
7a:41:9a:46:30:f2:47:56:75:f5:60:fe:71:6b:bd:
e2:66:fc:89:37:e7:78:9a:f4:ae:cf:b1:39:67:a8:
b2:41:1c:54:19:7d:f8:b2:da:76:82:1e:71:87:33:
db:d0:7b:4b:c7:b3:d8:91:4d:49:e6:e3:07:f0:db:
a6:e1:c0:ba:03:ee:64:61:15:d3:89:60:0d:ac:9e:
22:6b:8b:cc:c9:54:7e:cf:c3:4b:c9:bd:50:8e:18:
5b:22:7b:e2:fa:fc:03:00:36:7f:af:3b:79:7a:3f:
8c:ef:ab:f2:d7:f0:55:d6:80:8f:99:2b:7c:bf:a2:
ec:61:0b:2a:31:e9:88:0a:21:ed:18:06:9a:7d:9e:
19:47:d0:d8:67:16:74:9e:ed:3c:25:34:a6:c9:9c:
fd:91:7d:59:5c:ce:d1:5e:47:c6:9d:fd:60:3b:70:
0f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:55:D8:46:28:4D:E1:B0:6C:8C:63:A7:35:66:2B:AA:E2:E4:55:C9
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/J1XYRihN4bBsjGOnNWYrquLkVck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.78.0/24
213.18.245.0/24
Signature Algorithm: sha256WithRSAEncryption
98:ce:a2:3a:69:b2:a1:64:e1:14:83:18:bd:1c:3b:5f:d7:53:
56:05:bd:48:9b:6b:53:04:bf:c2:15:01:32:1c:36:30:c6:bd:
33:31:d6:55:d1:c7:09:80:65:85:8c:63:79:2a:d5:a8:1f:13:
aa:7a:c5:4a:e6:23:56:42:ac:a5:b7:d6:c6:ad:cd:2d:d7:67:
38:cd:94:b4:32:ab:4c:f2:95:bf:78:49:05:68:a9:c2:77:9c:
b2:a8:b1:63:f0:a8:4c:0c:ff:b3:a2:f9:41:83:e8:d7:89:ec:
be:72:d6:ad:12:9e:52:9d:0f:5b:7c:e5:54:ca:67:f9:53:df:
4c:a1:43:e3:f6:5e:bd:54:3f:d4:11:1b:54:33:39:d6:b9:b7:
ee:61:e5:4f:27:12:41:03:a5:03:7b:68:64:a0:95:e2:eb:39:
30:e5:21:ff:64:46:a6:5a:99:ca:1e:21:e7:42:95:88:45:a6:
82:c2:25:73:94:fb:76:ab:fd:e8:41:9a:22:71:1a:0d:cc:48:
cf:13:b1:1a:96:16:4a:bc:38:58:a1:f5:0a:75:2b:72:77:48:
2a:ca:bd:49:d5:9a:b5:7c:3c:50:55:f2:76:e4:5a:00:f7:fe:
b2:c8:03:69:ea:ac:a7:ef:f7:2d:23:6b:7d:ab:b9:c7:b5:a2:
68:b9:f2:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZU8G//JKqywlivSwvqZFK1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMjI1MDc1NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzU1ZDg0NjI4NGRlMWIwNmM4YzYzYTczNTY2MmJhYWUyZTQ1NWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzZ89oA/PBQrs7d0Dk4ZfU409GMV
x25OjOUUl2B+7SImMmxtEIIAcBrtxGTTf/dRZyjTN6X3us3UjTPUAfaAdoqVOm0A
X/OINtiuEkrfz2h86eDZwMr5aPd6QZpGMPJHVnX1YP5xa73iZvyJN+d4mvSuz7E5
Z6iyQRxUGX34stp2gh5xhzPb0HtLx7PYkU1J5uMH8Num4cC6A+5kYRXTiWANrJ4i
a4vMyVR+z8NLyb1QjhhbInvi+vwDADZ/rzt5ej+M76vy1/BV1oCPmSt8v6LsYQsq
MemICiHtGAaafZ4ZR9DYZxZ0nu08JTSmyZz9kX1ZXM7RXkfGnf1gO3APrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCdV2EYoTeGwbIxjpzVmK6ri5FXJMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvSjFYWVJpaE40YkJzakdPbk5XWXJxdUxrVmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwu5OAwQA
1RL1MA0GCSqGSIb3DQEBCwUAA4IBAQCYzqI6abKhZOEUgxi9HDtf11NWBb1Im2tT
BL/CFQEyHDYwxr0zMdZV0ccJgGWFjGN5KtWoHxOqesVK5iNWQqylt9bGrc0t12c4
zZS0MqtM8pW/eEkFaKnCd5yyqLFj8KhMDP+zovlBg+jXiey+ctatEp5SnQ9bfOVU
ymf5U99MoUPj9l69VD/UERtUMznWubfuYeVPJxJBA6UDe2hkoJXi6zkw5SH/ZEam
WpnKHiHnQpWIRaaCwiVzlPt2q/3oQZoicRoNzEjPE7EalhZKvDhYofUKdStyd0gq
yr1J1Zq1fDxQVfJ25FoA9/6yyANp6qyn7/ctI2t9q7nHtaJoufL1
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:26:35 2025 by rpki-client