Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jkfqGV4IXehFKdZhcFxFCbSaC0M.roa
File: jkfqGV4IXehFKdZhcFxFCbSaC0M.roa (raw, json)
Hash identifier: Thebxt7Mf2QTJj1aGMW2hS3P12vdW28dpTgPVfmIAm0=
Subject key identifier: 8E:47:EA:19:5E:08:5D:E8:45:29:D6:61:70:5C:45:09:B4:9A:0B:43
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3ABA7BE4F646EC8A5A52FDE7152E1
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jkfqGV4IXehFKdZhcFxFCbSaC0M.roa
Signing time: Thu 02 Jan 2025 15:47:53 +0000
ROA not before: Thu 02 Jan 2025 15:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206150
IP address blocks: 45.130.140.0/24 maxlen: 24
2a07:e342::/32 maxlen: 48
2a0f:f40::/32 maxlen: 48
2a0f:f41::/32 maxlen: 48
2a0f:f43::/32 maxlen: 48
2a0f:f45::/32 maxlen: 48
2a0f:f46::/32 maxlen: 48
2a0f:e386::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Jan 2025 06:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:ab:a7:be:4f:64:6e:c8:a5:a5:2f:de:71:52:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e47ea195e085de84529d661705c4509b49a0b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:91:25:a2:c1:85:8e:40:d1:e9:2d:05:aa:0f:
b6:bc:67:f0:1e:fb:31:a6:aa:81:65:1e:d8:82:38:
2b:87:e4:c1:3c:64:61:c7:d5:b8:7e:51:cb:f2:5a:
50:c2:e8:2d:3d:09:f7:2f:7e:03:1d:b8:64:e9:ea:
f0:7f:23:46:9b:3d:70:67:32:e7:cf:d1:c4:d0:1a:
28:45:44:b9:4b:d5:03:40:37:6a:bb:3d:dc:c7:71:
d6:aa:27:d3:93:7f:76:37:f4:a9:a5:61:11:64:4f:
da:47:49:a4:06:a1:3f:d3:2b:3d:82:3a:10:1f:1b:
83:3b:d5:90:dd:cd:35:cb:eb:2b:9f:94:6c:ba:10:
f0:46:b2:a2:ef:fd:b0:7f:dd:11:f5:e8:02:de:7d:
37:de:33:36:3f:84:8b:f4:9a:36:87:22:9d:a7:ab:
cd:85:d1:37:6d:14:1d:32:64:b5:60:9e:ed:fa:ab:
58:7f:85:a8:5f:20:1b:3e:6f:b4:a6:3c:64:30:2b:
1e:63:52:29:c3:1f:d6:1b:8e:32:cc:3d:68:97:64:
fc:48:68:d6:1a:b5:93:8d:51:b5:11:f2:a6:86:e3:
f3:81:f0:a5:5f:b5:b8:7b:b8:44:45:78:cf:0c:af:
ee:2b:a6:f5:4d:c0:a9:7f:23:6b:cb:68:d5:5e:0a:
34:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:47:EA:19:5E:08:5D:E8:45:29:D6:61:70:5C:45:09:B4:9A:0B:43
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jkfqGV4IXehFKdZhcFxFCbSaC0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.140.0/24
IPv6:
2a07:e342::/32
2a0f:f40::/31
2a0f:f43::/32
2a0f:f45::-2a0f:f46:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:e386::/32
Signature Algorithm: sha256WithRSAEncryption
45:e6:9e:ca:a6:0f:44:6c:5d:64:15:f5:42:2f:81:42:f6:9c:
60:70:d0:71:a0:aa:11:fe:a4:f3:ec:de:7d:cb:a3:7d:fa:94:
67:f4:8a:c8:11:5a:07:79:c4:b4:57:ab:ea:3a:79:b0:88:6c:
cc:55:b5:bd:f7:18:ff:d0:a8:30:12:a5:e9:34:48:a7:d1:e1:
a4:52:64:e9:5c:51:9a:4d:b5:15:a6:3c:5d:4c:dc:a9:4f:32:
73:6f:dc:1c:8e:fd:57:64:f7:e1:b5:0e:09:de:1a:49:2f:f5:
cb:a0:25:0a:14:be:53:ff:20:ef:3a:ea:f7:33:16:33:6c:b7:
f6:5d:e0:c7:ea:0c:95:d2:8f:51:09:8c:34:c6:3d:43:41:3d:
6b:0f:0c:de:8a:8c:ce:d0:14:11:95:78:d6:a7:ca:ef:e4:76:
ab:e5:06:db:af:6e:5b:ba:1a:6d:19:4e:d2:8e:5f:f8:d2:3e:
fc:14:ad:1d:98:fc:00:13:ed:10:31:a8:78:39:a8:b4:7a:34:
c8:38:a2:5a:01:f5:52:ab:8a:d4:43:04:8d:da:c7:44:66:e4:
a4:7f:b4:46:30:ac:56:14:5d:d9:2d:27:ed:e7:a7:23:99:51:
ae:8a:1d:8e:a6:e7:6e:18:ad:70:e1:24:94:0f:ea:f6:65:e6:
8c:9a:a0:3b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQns6unvk9kbsilpS/ecVLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTQ3ZWExOTVlMDg1ZGU4NDUyOWQ2NjE3MDVjNDUwOWI0OWEwYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupElosGFjkDR6S0Fqg+2vGfwHvsx
pqqBZR7Ygjgrh+TBPGRhx9W4flHL8lpQwugtPQn3L34DHbhk6erwfyNGmz1wZzLn
z9HE0BooRUS5S9UDQDdquz3cx3HWqifTk392N/SppWERZE/aR0mkBqE/0ys9gjoQ
HxuDO9WQ3c01y+srn5RsuhDwRrKi7/2wf90R9egC3n033jM2P4SL9Jo2hyKdp6vN
hdE3bRQdMmS1YJ7t+qtYf4WoXyAbPm+0pjxkMCseY1Ipwx/WG44yzD1ol2T8SGjW
GrWTjVG1EfKmhuPzgfClX7W4e7hERXjPDK/uK6b1TcCpfyNry2jVXgo0tQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFI5H6hleCF3oRSnWYXBcRQm0mgtDMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvamtmcUdWNElYZWhGS2RaaGNGeEZDYlNhQzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAMBAIAATAGAwQALYKMMDIE
AgACMCwDBQAqB+NCAwUBKg8PQAMFACoPD0MwDgMFACoPD0UDBQAqDw9GAwUAKg/j
hjANBgkqhkiG9w0BAQsFAAOCAQEAReaeyqYPRGxdZBX1Qi+BQvacYHDQcaCqEf6k
8+zefcujffqUZ/SKyBFaB3nEtFer6jp5sIhszFW1vfcY/9CoMBKl6TRIp9HhpFJk
6VxRmk21FaY8XUzcqU8yc2/cHI79V2T34bUOCd4aSS/1y6AlChS+U/8g7zrq9zMW
M2y39l3gx+oMldKPUQmMNMY9Q0E9aw8M3oqMztAUEZV41qfK7+R2q+UG269uW7oa
bRlO0o5f+NI+/BStHZj8ABPtEDGoeDmotHo0yDiiWgH1UquK1EMEjdrHRGbkpH+0
RjCsVhRd2S0n7eenI5lRroodjqbnbhitcOEklA/q9mXmjJqgOw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:38:32 2025 by rpki-client