Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Jetihvi75e8f2bsEcfhDqPkm6lI.roa
File: Jetihvi75e8f2bsEcfhDqPkm6lI.roa (raw, json)
Hash identifier: 1o7bBoj48/UShcZSdMooFK7p/7qATppggMNagPGG3gU=
Subject key identifier: 25:EB:62:86:F8:BB:E5:EF:1F:D9:BB:04:71:F8:43:A8:F9:26:EA:52
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018ED6B7B346D56F8EF55E32DB9769C37AA8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Jetihvi75e8f2bsEcfhDqPkm6lI.roa
Signing time: Sat 13 Apr 2024 09:09:06 +0000
ROA not before: Sat 13 Apr 2024 09:09:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 82.153.255.0/24 maxlen: 24
82.163.10.0/23 maxlen: 24
109.176.14.0/24 maxlen: 24
109.176.30.0/24 maxlen: 24
213.218.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 07:58:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d6:b7:b3:46:d5:6f:8e:f5:5e:32:db:97:69:c3:7a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 13 09:09:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25eb6286f8bbe5ef1fd9bb0471f843a8f926ea52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c2:30:57:7d:40:dd:f4:53:f2:b4:73:8a:a2:
8f:21:71:0a:50:54:a8:85:27:6b:4d:04:b2:67:88:
4e:6d:8d:40:53:8e:8f:c4:0e:e1:d5:f9:af:45:b5:
75:f8:d0:a8:f5:8c:e7:c3:5d:cc:33:83:29:b8:ec:
39:b2:9a:ed:9c:dc:c4:b6:99:e7:f8:a5:0a:ad:c8:
3d:f4:42:9f:19:b8:85:68:14:70:6a:98:99:30:6f:
47:b8:99:6c:8b:33:b1:df:fa:72:59:6f:57:dd:37:
ea:02:ff:77:15:dc:cc:76:01:e0:51:2a:f5:c4:75:
dd:7e:65:d6:aa:e8:7f:47:6c:ff:96:77:44:5a:5f:
1b:8d:b7:c0:4c:70:57:66:82:ec:8d:79:c1:e1:ba:
29:6f:33:f0:65:95:db:29:bb:b0:37:a4:54:2a:c3:
08:04:32:35:5c:54:5b:a5:a4:1c:fd:c1:e3:bf:26:
2d:45:4c:2b:e0:81:11:15:86:23:d3:9a:95:cc:ee:
4e:5b:1b:83:f5:30:13:5f:c7:f4:6d:4f:23:30:d5:
85:41:a6:02:a2:18:ee:9e:ef:46:e4:cc:e4:4e:53:
e4:17:79:7a:21:87:54:64:1c:43:3e:70:88:40:a2:
3e:b1:bd:72:dd:f2:64:67:9b:ef:83:68:8f:8c:3a:
a8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EB:62:86:F8:BB:E5:EF:1F:D9:BB:04:71:F8:43:A8:F9:26:EA:52
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Jetihvi75e8f2bsEcfhDqPkm6lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.255.0/24
82.163.10.0/23
109.176.14.0/24
109.176.30.0/24
213.218.248.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:b2:5d:aa:89:c2:57:5e:c6:73:b7:fb:85:01:45:28:78:16:
4f:57:bf:2b:3b:da:74:ec:08:c4:6a:3d:d5:86:7c:6b:c4:fc:
d3:8a:1a:f3:47:92:5c:57:5f:3b:42:ad:d4:2a:d4:a8:48:b4:
64:b1:52:75:1c:2e:be:3a:c9:c8:10:58:96:30:e4:60:28:41:
e5:fa:64:a5:43:14:c0:7e:12:07:f1:84:61:7a:85:9e:99:7a:
7e:fe:d3:ec:3b:9a:66:4d:d2:60:cc:15:e9:5a:10:3d:d9:97:
f0:03:55:f9:08:94:19:7f:f8:c4:15:5d:ff:a5:f2:2a:c7:9e:
46:59:98:3d:a0:5c:b6:ee:1c:d4:24:4a:27:1c:08:e9:06:dd:
8e:5a:4d:87:70:91:8f:29:83:2b:e1:9c:c9:47:78:f7:35:18:
00:b6:d0:85:40:21:1e:6f:d4:26:32:41:a1:cb:a8:1d:63:fc:
81:3c:b6:c6:8b:cf:ab:31:06:3c:83:1e:3d:16:83:13:a5:ba:
b2:d4:8e:20:d6:17:72:4c:2d:b9:3b:99:11:77:c7:8a:8f:39:
fc:e7:b3:9e:63:13:0d:32:00:55:7f:e8:cf:7d:91:e2:a2:06:
0b:8b:d5:a8:93:65:22:2d:c1:9b:15:6c:47:aa:50:4d:a8:f3:
ed:6d:1c:a7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7Wt7NG1W+O9V4y25dpw3qoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDEzMDkwOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWViNjI4NmY4YmJlNWVmMWZkOWJiMDQ3MWY4NDNhOGY5MjZlYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocIwV31A3fRT8rRziqKPIXEKUFSo
hSdrTQSyZ4hObY1AU46PxA7h1fmvRbV1+NCo9Yznw13MM4MpuOw5sprtnNzEtpnn
+KUKrcg99EKfGbiFaBRwapiZMG9HuJlsizOx3/pyWW9X3TfqAv93FdzMdgHgUSr1
xHXdfmXWquh/R2z/lndEWl8bjbfATHBXZoLsjXnB4bopbzPwZZXbKbuwN6RUKsMI
BDI1XFRbpaQc/cHjvyYtRUwr4IERFYYj05qVzO5OWxuD9TATX8f0bU8jMNWFQaYC
ohjunu9G5MzkTlPkF3l6IYdUZBxDPnCIQKI+sb1y3fJkZ5vvg2iPjDqo5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCXrYob4u+XvH9m7BHH4Q6j5JupSMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSmV0aWh2aTc1ZThmMmJzRWNmaERxUGttNmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpn/AwQB
UqMKAwQAbbAOAwQAbbAeAwQA1dr4MA0GCSqGSIb3DQEBCwUAA4IBAQAfsl2qicJX
XsZzt/uFAUUoeBZPV78rO9p07AjEaj3VhnxrxPzTihrzR5JcV187Qq3UKtSoSLRk
sVJ1HC6+OsnIEFiWMORgKEHl+mSlQxTAfhIH8YRheoWemXp+/tPsO5pmTdJgzBXp
WhA92ZfwA1X5CJQZf/jEFV3/pfIqx55GWZg9oFy27hzUJEonHAjpBt2OWk2HcJGP
KYMr4ZzJR3j3NRgAttCFQCEeb9QmMkGhy6gdY/yBPLbGi8+rMQY8gx49FoMTpbqy
1I4g1hdyTC25O5kRd8eKjzn857OeYxMNMgBVf+jPfZHiogYLi9Wok2UiLcGbFWxH
qlBNqPPtbRyn
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:40 2025 by rpki-client