Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jjsYE609gSpHUSTbHL6zILuDS-g.roa
File: jjsYE609gSpHUSTbHL6zILuDS-g.roa (raw, json)
Hash identifier: AOeQsEdBbxrj88lGYNZxwq+IhgsoYzoxFAj3/5lpTeY=
Subject key identifier: 8E:3B:18:13:AD:3D:81:2A:47:51:24:DB:1C:BE:B3:20:BB:83:4B:E8
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01944B3CBE9AACF01E76A124171F76C3D4B5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jjsYE609gSpHUSTbHL6zILuDS-g.roa
Signing time: Thu 09 Jan 2025 13:24:19 +0000
ROA not before: Thu 09 Jan 2025 13:24:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398704
IP address blocks: 31.58.208.0/24 maxlen: 24
217.60.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Jan 2025 20:17:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4b:3c:be:9a:ac:f0:1e:76:a1:24:17:1f:76:c3:d4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 9 13:24:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e3b1813ad3d812a475124db1cbeb320bb834be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:73:d0:62:39:c1:e6:06:c1:18:50:6c:88:e1:
c2:c2:2f:71:97:b0:12:e1:a1:1f:4f:a4:a9:27:22:
a4:f1:50:a1:51:f5:3d:aa:86:16:9c:e0:fa:99:d7:
8c:de:dd:1c:1e:e5:70:7b:d7:29:b5:0c:81:51:58:
60:78:e4:5e:5c:f9:b1:16:bb:77:8b:d9:aa:77:22:
6c:60:45:c7:91:de:96:91:29:91:fa:93:23:4e:b3:
6d:57:55:ee:05:40:a8:52:34:e3:9c:94:6e:19:4d:
50:b9:ab:fa:d1:de:dc:da:37:ff:73:85:4a:a4:77:
3d:60:ad:d0:9e:7c:c8:d1:99:9c:1b:6f:f8:76:14:
0d:c6:de:39:b5:2d:cb:80:37:b9:75:a6:06:72:aa:
17:0a:c0:94:6e:38:11:a7:31:e1:4d:f9:0c:f9:74:
42:68:80:c8:a8:c9:a2:df:34:61:4f:46:86:99:30:
dd:0f:8e:ac:05:e1:34:85:8e:2e:3a:bb:a9:6c:2a:
da:f9:c3:9a:a2:d3:ba:83:1a:40:4a:36:47:f9:c1:
bb:04:1a:16:bf:dd:2b:e0:af:c8:db:b4:d1:40:9e:
3c:ce:da:19:7d:c1:d0:61:e9:61:1a:6a:ae:54:44:
32:78:44:c4:04:41:4a:12:01:17:12:50:85:22:21:
c7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:3B:18:13:AD:3D:81:2A:47:51:24:DB:1C:BE:B3:20:BB:83:4B:E8
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jjsYE609gSpHUSTbHL6zILuDS-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.208.0/24
217.60.192.0/24
Signature Algorithm: sha256WithRSAEncryption
11:0e:1f:1e:00:95:66:02:9a:85:04:79:a1:1c:d0:5d:54:4a:
97:e3:03:d9:db:b2:d7:3c:59:85:ed:78:fa:09:b8:4c:2b:55:
31:62:74:18:74:1e:4a:90:a7:88:83:22:1c:c8:1b:3d:d0:ca:
78:25:a2:f4:31:85:bc:4d:95:7f:68:7f:0a:9a:60:99:64:4f:
78:e6:da:c4:9a:34:96:3b:29:43:8f:e3:ba:7c:99:20:ac:84:
77:7a:a1:2f:98:11:b3:0f:9b:ba:88:3e:fd:83:63:14:52:93:
66:8e:e4:ce:4a:e1:ac:62:aa:71:9d:bb:d5:66:6e:b7:af:ba:
bc:90:50:1b:85:3a:f2:84:2b:4e:09:41:48:9b:de:e4:38:a5:
5c:8b:4d:8d:5d:60:3a:52:69:2c:62:ea:dd:47:65:d3:ea:0a:
8b:e3:35:e1:7e:56:e7:d5:e2:44:81:4e:12:a2:be:59:da:4e:
0b:ac:4b:f6:6d:03:0f:db:0b:20:85:0b:e9:47:58:43:66:06:
39:3b:f7:e6:46:af:57:73:53:7f:5a:47:38:04:81:f6:b4:b2:
d8:e5:b9:15:9c:84:7a:39:64:a6:17:5b:66:e2:4a:27:96:48:
5d:9d:e6:a8:01:03:a5:f8:bb:13:58:86:bf:a9:82:82:b3:df:
b1:17:d6:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRLPL6arPAedqEkFx92w9S1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA5MTMyNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTNiMTgxM2FkM2Q4MTJhNDc1MTI0ZGIxY2JlYjMyMGJiODM0YmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3PQYjnB5gbBGFBsiOHCwi9xl7AS
4aEfT6SpJyKk8VChUfU9qoYWnOD6mdeM3t0cHuVwe9cptQyBUVhgeOReXPmxFrt3
i9mqdyJsYEXHkd6WkSmR+pMjTrNtV1XuBUCoUjTjnJRuGU1Quav60d7c2jf/c4VK
pHc9YK3QnnzI0ZmcG2/4dhQNxt45tS3LgDe5daYGcqoXCsCUbjgRpzHhTfkM+XRC
aIDIqMmi3zRhT0aGmTDdD46sBeE0hY4uOrupbCra+cOaotO6gxpASjZH+cG7BBoW
v90r4K/I27TRQJ48ztoZfcHQYelhGmquVEQyeETEBEFKEgEXElCFIiHH4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI47GBOtPYEqR1Ek2xy+syC7g0voMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvampzWUU2MDlnU3BIVVNUYkhMNnpJTHVEUy1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHzrQAwQA
2TzAMA0GCSqGSIb3DQEBCwUAA4IBAQARDh8eAJVmApqFBHmhHNBdVEqX4wPZ27LX
PFmF7Xj6CbhMK1UxYnQYdB5KkKeIgyIcyBs90Mp4JaL0MYW8TZV/aH8KmmCZZE94
5trEmjSWOylDj+O6fJkgrIR3eqEvmBGzD5u6iD79g2MUUpNmjuTOSuGsYqpxnbvV
Zm63r7q8kFAbhTryhCtOCUFIm97kOKVci02NXWA6UmksYurdR2XT6gqL4zXhflbn
1eJEgU4Sor5Z2k4LrEv2bQMP2wsghQvpR1hDZgY5O/fmRq9Xc1N/Wkc4BIH2tLLY
5bkVnIR6OWSmF1tm4konlkhdneaoAQOl+LsTWIa/qYKCs9+xF9ZS
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:49:13 2025 by rpki-client