Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/jAxkwI6GEtqlYThaJJ1SGcktix4.roa
File: jAxkwI6GEtqlYThaJJ1SGcktix4.roa (raw, json)
Hash identifier: 2k0G4zPuMchks74/rNGgEZw9SIbp5USZxrC4OMNIb1k=
Subject key identifier: 8C:0C:64:C0:8E:86:12:DA:A5:61:38:5A:24:9D:52:19:C9:2D:8B:1E
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 018CC424836E0D0772AE7182508D0DC07BF8
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/jAxkwI6GEtqlYThaJJ1SGcktix4.roa
Signing time: Mon 01 Jan 2024 08:29:36 +0000
ROA not before: Mon 01 Jan 2024 08:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3177
IP address blocks: 195.28.11.0/24 maxlen: 24
103.215.223.0/24 maxlen: 24
103.215.221.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
103.215.220.0/24 maxlen: 24
195.238.231.0/24 maxlen: 24
2a05:63c0::/29 maxlen: 29
2a10:ef04:1000::/48 maxlen: 48
2a10:ef04:1001::/48 maxlen: 48
2a0f:c040::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 21 May 2024 08:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:83:6e:0d:07:72:ae:71:82:50:8d:0d:c0:7b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 08:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c0c64c08e8612daa561385a249d5219c92d8b1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:96:86:58:aa:f9:92:3e:e3:47:fa:96:bd:6a:
fc:56:e4:da:f3:50:d8:c8:79:67:3e:c7:f0:fe:f7:
58:b8:b1:df:4b:59:18:b8:38:2b:2e:ff:ea:35:02:
a7:20:27:0f:84:ff:35:59:8a:47:b8:d7:ff:60:eb:
75:94:25:4d:c5:59:a7:80:56:05:0a:ee:3f:c5:8f:
52:96:47:57:dc:a5:87:91:a1:28:d8:58:77:81:da:
28:3c:d3:aa:cc:b5:c7:69:a3:1e:b7:bc:95:9d:58:
76:ef:de:10:d0:06:c0:b8:d6:2e:ae:84:52:c1:7b:
e0:09:de:7b:b6:95:fd:0a:05:ca:05:f9:3a:5f:4e:
b9:d0:9a:84:1c:70:86:05:bf:28:72:5c:47:ef:28:
be:c6:aa:f9:bb:8d:07:0b:07:e2:80:85:86:a4:2c:
5c:c2:a2:62:93:2a:a3:4d:e8:32:94:52:70:16:c1:
a7:5d:0c:51:7e:db:69:f8:66:71:96:59:63:51:6d:
d5:10:b6:a8:1c:72:13:1d:ed:59:87:1d:91:86:f1:
be:77:5a:4b:4a:35:49:79:bf:ed:4f:77:81:a3:c1:
b5:6c:62:ce:35:85:ae:27:c9:94:b8:e7:1a:6e:97:
70:9c:1e:1b:5b:ca:65:99:7d:8e:2e:4a:13:e9:0a:
34:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0C:64:C0:8E:86:12:DA:A5:61:38:5A:24:9D:52:19:C9:2D:8B:1E
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/jAxkwI6GEtqlYThaJJ1SGcktix4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.220.0/22
195.28.11.0/24
195.238.231.0/24
IPv6:
2a05:63c0::/29
2a0f:c040::/29
2a10:ef04:1000::/47
Signature Algorithm: sha256WithRSAEncryption
99:24:ff:4f:3a:0e:14:3b:5c:69:f3:f7:be:aa:52:dc:6a:f6:
2c:02:45:e4:cf:10:46:b2:87:a2:06:0c:b4:04:7a:b1:64:53:
4a:e7:2f:9b:69:0e:07:da:8e:22:a3:8c:3a:90:b7:d2:92:c6:
da:0b:e5:4a:03:ab:b9:a9:59:42:60:16:92:01:56:00:bd:71:
55:3c:7f:79:fe:94:1e:92:f9:29:30:65:1e:6f:5c:10:1f:38:
74:05:9c:3e:4c:66:86:67:4a:3a:06:08:65:42:b8:38:1e:40:
71:0c:c1:73:bb:20:25:d9:e2:3f:1c:53:ab:84:26:23:8e:d8:
4e:0a:ab:01:60:32:e2:6a:93:62:4b:84:d9:bb:60:55:9a:76:
3d:77:58:c7:83:20:2b:41:2d:e3:cf:2d:94:25:36:2b:84:77:
2b:ae:1c:67:7d:05:f3:23:c5:3d:c8:3b:9e:2d:41:fd:0c:6e:
5e:f9:31:fd:41:f4:37:29:3b:1e:7e:7a:64:bf:60:a2:5a:8d:
e8:4f:f3:fa:66:e6:2d:2f:d3:f5:9d:04:04:f7:2b:47:21:79:
96:1d:f9:6c:d6:62:80:3b:91:99:cc:b5:40:8c:b8:66:48:13:
ae:dd:bf:4a:81:88:22:56:3b:ab:8d:65:20:6f:3a:0d:c6:5e:
82:64:e2:e0
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzEJINuDQdyrnGCUI0NwHv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjQwMTAxMDgyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzBjNjRjMDhlODYxMmRhYTU2MTM4NWEyNDlkNTIxOWM5MmQ4YjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZaGWKr5kj7jR/qWvWr8VuTa81DY
yHlnPsfw/vdYuLHfS1kYuDgrLv/qNQKnICcPhP81WYpHuNf/YOt1lCVNxVmngFYF
Cu4/xY9SlkdX3KWHkaEo2Fh3gdooPNOqzLXHaaMet7yVnVh2794Q0AbAuNYuroRS
wXvgCd57tpX9CgXKBfk6X0650JqEHHCGBb8oclxH7yi+xqr5u40HCwfigIWGpCxc
wqJikyqjTegylFJwFsGnXQxRfttp+GZxllljUW3VELaoHHITHe1Zhx2RhvG+d1pL
SjVJeb/tT3eBo8G1bGLONYWuJ8mUuOcabpdwnB4bW8plmX2OLkoT6Qo0nQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFIwMZMCOhhLapWE4WiSdUhnJLYseMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvakF4a3dJNkdFdHFsWVRoYUpKMVNHY2t0aXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAYBAIAATASAwQCZ9fcAwQA
wxwLAwQAw+7nMB0EAgACMBcDBQMqBWPAAwUDKg/AQAMHASoQ7wQQADANBgkqhkiG
9w0BAQsFAAOCAQEAmST/TzoOFDtcafP3vqpS3Gr2LAJF5M8QRrKHogYMtAR6sWRT
Sucvm2kOB9qOIqOMOpC30pLG2gvlSgOrualZQmAWkgFWAL1xVTx/ef6UHpL5KTBl
Hm9cEB84dAWcPkxmhmdKOgYIZUK4OB5AcQzBc7sgJdniPxxTq4QmI47YTgqrAWAy
4mqTYkuE2btgVZp2PXdYx4MgK0Et488tlCU2K4R3K64cZ30F8yPFPcg7ni1B/Qxu
Xvkx/UH0Nyk7Hn56ZL9golqN6E/z+mbmLS/T9Z0EBPcrRyF5lh35bNZigDuRmcy1
QIy4ZkgTrt2/SoGIIlY7q41lIG86DcZegmTi4A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:22 2025 by rpki-client