Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/JfN0zQdkSgJEXyw6lVg9T-3aIzU.roa
File: JfN0zQdkSgJEXyw6lVg9T-3aIzU.roa (raw, json)
Hash identifier: FOuyjCKj/OIo0XSOzym5ECaoNeag28LMm70GGseday0=
Subject key identifier: 25:F3:74:CD:07:64:4A:02:44:5F:2C:3A:95:58:3D:4F:ED:DA:23:35
Certificate issuer: /CN=8c6eadb8659bc734dccb29f638421036bb922e36
Certificate serial: 018CC5DD2A2EE6536023C874D724017216B8
Authority key identifier: 8C:6E:AD:B8:65:9B:C7:34:DC:CB:29:F6:38:42:10:36:BB:92:2E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jG6tuGWbxzTcyyn2OEIQNruSLjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/JfN0zQdkSgJEXyw6lVg9T-3aIzU.roa
Signing time: Mon 01 Jan 2024 16:30:54 +0000
ROA not before: Mon 01 Jan 2024 16:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200781
IP address blocks: 45.13.124.0/22 maxlen: 22
45.13.124.0/23 maxlen: 23
45.13.126.0/23 maxlen: 23
185.96.42.0/23 maxlen: 23
185.96.40.0/23 maxlen: 23
185.96.40.0/22 maxlen: 22
2a03:fd80::/32 maxlen: 32
2a03:fd83::/32 maxlen: 48
2a03:fd80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 14 Jun 2024 20:17:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:2a:2e:e6:53:60:23:c8:74:d7:24:01:72:16:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c6eadb8659bc734dccb29f638421036bb922e36
Validity
Not Before: Jan 1 16:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25f374cd07644a02445f2c3a95583d4fedda2335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ab:cc:c8:36:70:01:f3:5a:c8:37:eb:3e:e4:
c2:23:f1:66:82:10:bd:0f:14:01:a1:da:31:14:d7:
e5:87:87:55:28:81:81:c6:10:bf:57:06:0e:b8:13:
d4:eb:da:8e:7e:a5:81:4c:ad:ac:a1:90:e4:2b:0d:
c6:17:79:f0:75:b9:57:67:55:26:a7:9f:50:fd:9e:
42:ba:ce:82:d6:c4:ce:de:dc:69:6f:7a:79:53:6f:
32:0d:55:aa:36:37:42:82:ce:aa:3a:69:8f:ef:a1:
c4:ad:7d:ea:52:aa:10:86:57:ec:9c:a6:5f:a2:d0:
5e:8d:3b:63:e8:5d:bb:27:a1:f8:2d:be:eb:a5:fa:
cc:02:c2:9f:e9:34:b9:35:33:78:f2:84:2d:da:05:
1a:28:3e:31:96:05:26:cc:8e:ff:d3:70:64:29:64:
3d:07:f1:7a:33:20:ef:3e:23:de:2d:6d:62:9d:ad:
4f:23:b6:a5:8e:14:1b:64:7b:3c:f2:87:19:f8:f3:
bc:6e:56:2c:81:45:45:73:84:8c:73:b1:92:86:d9:
12:36:57:8f:25:2c:d6:0b:a7:b7:32:85:4f:6a:ae:
78:45:17:25:fa:79:d9:ea:42:c3:14:e3:a8:0e:e0:
88:9c:44:4b:d7:88:a4:46:27:40:be:63:44:ca:32:
76:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F3:74:CD:07:64:4A:02:44:5F:2C:3A:95:58:3D:4F:ED:DA:23:35
X509v3 Authority Key Identifier:
keyid:8C:6E:AD:B8:65:9B:C7:34:DC:CB:29:F6:38:42:10:36:BB:92:2E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jG6tuGWbxzTcyyn2OEIQNruSLjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/JfN0zQdkSgJEXyw6lVg9T-3aIzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/jG6tuGWbxzTcyyn2OEIQNruSLjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.124.0/22
185.96.40.0/22
IPv6:
2a03:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
59:4a:62:6f:8c:78:24:a2:b3:b2:f1:8c:6d:95:e9:f1:47:d9:
0b:ed:49:aa:4f:27:b2:0c:5c:63:47:ea:8a:8b:26:ec:e2:71:
73:54:76:d1:58:7a:cb:22:fc:9b:5e:94:fd:df:b6:c9:2c:36:
88:3d:c4:78:64:8a:73:8d:87:07:6d:d0:31:a6:7e:67:b9:85:
17:08:87:16:fa:3c:63:cb:09:31:c8:54:b1:a3:5d:e6:c8:e0:
67:f7:3e:04:a5:fb:1f:d4:12:15:93:fa:c4:e4:94:7f:c3:55:
0d:60:5a:a3:bf:85:ce:f5:5a:95:1d:62:d0:42:86:94:56:0c:
80:05:7b:9b:cf:d3:14:01:bf:48:64:fe:79:51:55:07:00:86:
3e:12:81:66:de:4a:0f:fc:fb:8b:94:70:dc:52:7a:d4:a0:14:
07:e9:d0:be:5d:c6:00:61:ed:a1:50:95:c2:16:82:ab:53:9c:
05:55:8b:1d:67:f8:e3:88:0f:b3:23:c8:99:cf:1d:48:86:94:
e1:8e:a3:bb:22:08:8f:b4:64:87:ee:42:f0:23:16:ea:cb:c3:
a9:04:05:28:76:11:65:b8:7f:a5:1f:ec:86:01:54:64:fb:f1:
c6:44:ed:89:27:25:13:d8:91:c2:27:b1:4a:39:ef:99:47:61:
9e:15:a3:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3Sou5lNgI8h01yQBcha4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNmVhZGI4NjU5YmM3MzRkY2NiMjlmNjM4NDIxMDM2YmI5
MjJlMzYwHhcNMjQwMTAxMTYzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWYzNzRjZDA3NjQ0YTAyNDQ1ZjJjM2E5NTU4M2Q0ZmVkZGEyMzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqvMyDZwAfNayDfrPuTCI/FmghC9
DxQBodoxFNflh4dVKIGBxhC/VwYOuBPU69qOfqWBTK2soZDkKw3GF3nwdblXZ1Um
p59Q/Z5Cus6C1sTO3txpb3p5U28yDVWqNjdCgs6qOmmP76HErX3qUqoQhlfsnKZf
otBejTtj6F27J6H4Lb7rpfrMAsKf6TS5NTN48oQt2gUaKD4xlgUmzI7/03BkKWQ9
B/F6MyDvPiPeLW1ina1PI7aljhQbZHs88ocZ+PO8blYsgUVFc4SMc7GShtkSNleP
JSzWC6e3MoVPaq54RRcl+nnZ6kLDFOOoDuCInERL14ikRidAvmNEyjJ2fwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCXzdM0HZEoCRF8sOpVYPU/t2iM1MB8GA1UdIwQY
MBaAFIxurbhlm8c03Msp9jhCEDa7ki42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakc2dHVHV2J4elRjeXluMk9FSVFOcnVTTGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZmRiYTAtMmM2MC00MDI3LWFmMGQt
NjY0NWRkM2Q2MjRiLzEvSmZOMHpRZGtTZ0pFWHl3NmxWZzlULTNhSXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZmRiYTAtMmM2MC00MDI3LWFmMGQtNjY0NWRkM2Q2MjRi
LzEvakc2dHVHV2J4elRjeXluMk9FSVFOcnVTTGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQ18AwQC
uWAoMA0EAgACMAcDBQMqA/2AMA0GCSqGSIb3DQEBCwUAA4IBAQBZSmJvjHgkorOy
8YxtlenxR9kL7UmqTyeyDFxjR+qKiybs4nFzVHbRWHrLIvybXpT937bJLDaIPcR4
ZIpzjYcHbdAxpn5nuYUXCIcW+jxjywkxyFSxo13myOBn9z4Epfsf1BIVk/rE5JR/
w1UNYFqjv4XO9VqVHWLQQoaUVgyABXubz9MUAb9IZP55UVUHAIY+EoFm3koP/PuL
lHDcUnrUoBQH6dC+XcYAYe2hUJXCFoKrU5wFVYsdZ/jjiA+zI8iZzx1IhpThjqO7
IgiPtGSH7kLwIxbqy8OpBAUodhFluH+lH+yGAVRk+/HGRO2JJyUT2JHCJ7FKOe+Z
R2GeFaMu
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:13:50 2025 by rpki-client