Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JrXfCBg85g1wOhJG5tMcQeRiRUw.roa
File: JrXfCBg85g1wOhJG5tMcQeRiRUw.roa (raw, json)
Hash identifier: 3wQWSPVbDg7MrXpO0jwotYfBKQRbMgoygYxfGyD1xAA=
Subject key identifier: 26:B5:DF:08:18:3C:E6:0D:70:3A:12:46:E6:D3:1C:41:E4:62:45:4C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FDDC2E2CC168CA69096C5255CB1A233E4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JrXfCBg85g1wOhJG5tMcQeRiRUw.roa
Signing time: Mon 03 Jun 2024 11:01:27 +0000
ROA not before: Mon 03 Jun 2024 11:01:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 80.240.88.0/21 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.24.0/21 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Jun 2024 14:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:c2:e2:cc:16:8c:a6:90:96:c5:25:5c:b1:a2:33:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 3 11:01:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26b5df08183ce60d703a1246e6d31c41e462454c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:11:b1:35:07:93:d3:a6:73:6d:1e:16:36:
e0:ca:78:93:ba:b5:00:fb:f3:6b:e5:e8:8c:0c:8f:
13:00:a3:b2:30:c9:d3:06:f1:b8:1d:20:40:85:c1:
3e:d6:2c:6e:8d:8e:44:38:f0:aa:cd:c8:aa:b5:67:
49:92:72:69:0c:56:42:f7:32:46:cd:42:88:c9:60:
7f:89:6e:61:1c:b0:6e:8c:58:51:6f:5a:ed:dc:e4:
b8:bb:74:3d:6b:4a:b3:91:7a:2a:4f:7f:ca:49:b6:
5d:33:4b:fa:98:f4:77:e9:82:e7:fa:7c:4d:89:66:
73:a6:9b:61:68:39:c6:2b:62:c1:1a:21:4e:e3:c1:
fc:3c:fa:01:fc:18:79:b7:e2:df:09:47:b0:04:9e:
41:88:4a:f5:2b:7c:50:23:40:23:30:51:67:51:a9:
cd:c7:84:22:d7:34:f0:b1:b8:94:16:75:d1:e3:47:
8b:da:f9:2e:25:2c:87:63:1e:d5:a3:50:00:f8:d7:
e5:7d:c0:88:9c:ea:f8:0c:67:cc:2a:13:41:99:05:
49:10:b9:49:a7:ec:cc:33:de:f7:56:9a:07:83:b8:
9d:f2:e3:49:a6:20:68:19:8a:45:93:5d:bd:ee:b3:
f6:c8:f1:cb:5e:bf:c0:c8:5c:eb:9a:22:28:3c:5c:
2d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B5:DF:08:18:3C:E6:0D:70:3A:12:46:E6:D3:1C:41:E4:62:45:4C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JrXfCBg85g1wOhJG5tMcQeRiRUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.88.0/21
82.152.174.0/23
82.153.208.0/22
82.163.24.0/21
89.213.60.0/23
89.213.143.0/24
89.213.147.0/24
89.213.181.0/24
89.213.198.0-89.213.205.255
Signature Algorithm: sha256WithRSAEncryption
41:97:73:16:4b:5e:50:d7:48:12:4e:7c:f4:f6:14:51:e9:36:
47:52:ae:12:95:c3:89:e4:5f:dd:f6:52:fc:92:c6:ec:03:aa:
f1:1e:1f:cf:45:ce:c7:2e:32:4f:41:16:c5:3a:f8:1b:3f:be:
90:38:0c:0a:9b:c8:21:89:d7:26:9f:61:06:9a:bf:fd:3e:f7:
fb:ee:a3:ec:0f:61:19:80:ac:53:f8:38:57:36:a1:12:86:e4:
a4:1a:fe:3e:22:c7:f5:ad:6a:a1:55:f7:a3:e4:30:5e:f4:79:
31:8e:53:a9:ec:4b:bd:e6:13:31:7f:9b:58:8e:5c:fe:90:2d:
cf:3d:87:93:a8:c7:d7:96:4b:ba:f6:fe:66:22:9d:5b:5d:81:
6f:09:4f:62:ab:2b:4a:bb:6b:3c:d9:1e:c9:24:d2:1e:91:1d:
69:4d:eb:a7:50:94:e7:80:4f:7f:56:cd:a2:52:b9:19:6e:42:
19:73:69:7a:11:e5:8a:a9:c7:0d:5f:6c:9c:f6:e0:d1:62:5a:
ca:d1:bb:0d:9a:24:fd:ec:2b:ed:64:da:f1:b5:28:c5:25:ec:
70:42:53:16:76:8f:28:c3:3c:65:11:6d:ae:c1:44:a5:17:75:
e2:9f:63:78:e6:4b:e0:33:b2:1b:fb:36:65:30:fa:6f:c4:4a:
51:d0:fd:c0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY/dwuLMFoymkJbFJVyxojPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjAzMTEwMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmI1ZGYwODE4M2NlNjBkNzAzYTEyNDZlNmQzMWM0MWU0NjI0NTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9QRsTUHk9Omc20eFjbgyniTurUA
+/Nr5eiMDI8TAKOyMMnTBvG4HSBAhcE+1ixujY5EOPCqzciqtWdJknJpDFZC9zJG
zUKIyWB/iW5hHLBujFhRb1rt3OS4u3Q9a0qzkXoqT3/KSbZdM0v6mPR36YLn+nxN
iWZzppthaDnGK2LBGiFO48H8PPoB/Bh5t+LfCUewBJ5BiEr1K3xQI0AjMFFnUanN
x4Qi1zTwsbiUFnXR40eL2vkuJSyHYx7Vo1AA+NflfcCInOr4DGfMKhNBmQVJELlJ
p+zMM973VpoHg7id8uNJpiBoGYpFk1297rP2yPHLXr/AyFzrmiIoPFwtXQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCa13wgYPOYNcDoSRubTHEHkYkVMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSnJYZkNCZzg1ZzF3T2hKRzV0TWNRZVJpUlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDUPBYAwQB
UpiuAwQCUpnQAwQDUqMYAwQBWdU8AwQAWdWPAwQAWdWTAwQAWdW1MAwDBAFZ1cYD
BAFZ1cwwDQYJKoZIhvcNAQELBQADggEBAEGXcxZLXlDXSBJOfPT2FFHpNkdSrhKV
w4nkX932UvySxuwDqvEeH89FzscuMk9BFsU6+Bs/vpA4DAqbyCGJ1yafYQaav/0+
9/vuo+wPYRmArFP4OFc2oRKG5KQa/j4ix/WtaqFV96PkMF70eTGOU6nsS73mEzF/
m1iOXP6QLc89h5Oox9eWS7r2/mYinVtdgW8JT2KrK0q7azzZHskk0h6RHWlN66dQ
lOeAT39WzaJSuRluQhlzaXoR5Yqpxw1fbJz24NFiWsrRuw2aJP3sK+1k2vG1KMUl
7HBCUxZ2jyjDPGURba7BRKUXdeKfY3jmS+Azshv7NmUw+m/ESlHQ/cA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:47 2025 by rpki-client