Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/J4POA9rj5kGK9j0gLcdORWda6J8.roa
File: J4POA9rj5kGK9j0gLcdORWda6J8.roa (raw, json)
Hash identifier: z0+h282Eo9vkQd49t0gg9JJSAS6bbH2Hwr4y/9vXuAY=
Subject key identifier: 27:83:CE:03:DA:E3:E6:41:8A:F6:3D:20:2D:C7:4E:45:67:5A:E8:9F
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 019381F04FAB77C9721847CFEED80371F89A
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/J4POA9rj5kGK9j0gLcdORWda6J8.roa
Signing time: Sun 01 Dec 2024 11:17:09 +0000
ROA not before: Sun 01 Dec 2024 11:17:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8368
IP address blocks: 46.243.24.0/21 maxlen: 24
78.41.64.0/21 maxlen: 24
82.146.96.0/19 maxlen: 24
85.158.208.0/21 maxlen: 24
88.82.32.0/19 maxlen: 24
89.35.16.0/21 maxlen: 24
89.250.176.0/20 maxlen: 24
94.140.160.0/19 maxlen: 24
94.158.248.0/24 maxlen: 24
178.132.8.0/21 maxlen: 24
185.47.0.0/22 maxlen: 24
188.64.72.0/21 maxlen: 24
188.118.0.0/18 maxlen: 24
2001:4c40::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Dec 2024 18:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:81:f0:4f:ab:77:c9:72:18:47:cf:ee:d8:03:71:f8:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Dec 1 11:17:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2783ce03dae3e6418af63d202dc74e45675ae89f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:00:ad:ae:71:79:2e:9d:98:0b:77:b4:30:22:
bc:8d:78:7f:b3:48:b2:f1:5d:2f:69:b2:37:ae:90:
ee:23:59:f9:5c:b5:78:e1:a4:94:3b:a3:4c:c1:70:
8b:32:b3:ae:4f:2b:dd:8b:b7:40:93:ff:91:08:be:
2e:c2:26:22:8b:58:74:74:fb:9b:4a:19:c6:2e:72:
2f:60:57:36:f3:9a:10:9b:67:55:0c:e8:ad:dc:ed:
05:18:df:56:8e:ad:be:e8:6b:27:b4:d6:60:90:54:
be:67:6a:77:87:d8:f1:bc:a7:aa:c6:23:3e:89:1c:
5b:e2:3a:01:67:a4:2e:5b:98:ad:e9:1e:19:49:72:
f0:bf:9e:4a:b0:9e:08:15:ee:39:72:a7:a3:0f:6e:
a5:04:ee:dc:0a:c7:47:2a:22:3f:aa:a3:0d:61:c4:
56:e9:65:ae:f8:4c:f8:d9:17:58:11:6e:d5:50:b5:
e0:00:d6:c4:ff:d6:5c:60:fd:03:f5:03:83:94:48:
a5:30:14:8f:06:bc:6f:85:d9:a4:57:03:d2:05:5a:
2b:64:c2:d6:4e:bd:d7:44:36:ad:40:95:b3:a9:33:
e4:4c:f0:ed:63:f8:ae:c4:bc:83:47:8d:1d:0c:ed:
9c:2f:97:0f:11:50:9b:18:04:e1:ca:61:97:19:33:
f3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:83:CE:03:DA:E3:E6:41:8A:F6:3D:20:2D:C7:4E:45:67:5A:E8:9F
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/J4POA9rj5kGK9j0gLcdORWda6J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
78.41.64.0/21
82.146.96.0/19
85.158.208.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
94.140.160.0/19
94.158.248.0/24
178.132.8.0/21
185.47.0.0/22
188.64.72.0/21
188.118.0.0/18
IPv6:
2001:4c40::/32
Signature Algorithm: sha256WithRSAEncryption
0c:14:fe:aa:86:17:31:25:be:d7:1c:9e:f7:3f:ea:f6:e9:6c:
eb:89:c3:21:8a:d8:a0:1a:64:16:cb:9b:21:e8:f6:a7:53:ec:
fc:9e:6a:3a:9d:22:05:de:ae:a2:72:8a:38:03:da:5b:8a:a1:
6e:f4:d7:ff:09:1f:7c:a7:0f:4a:26:03:2b:70:7c:89:b4:5a:
40:a3:9e:84:09:4e:c7:fd:4f:ab:20:21:55:a8:92:1f:2c:ce:
c7:5d:dd:bc:7a:9f:13:f0:0d:dd:c4:57:a5:eb:06:e8:7f:b7:
51:f6:60:2e:c8:7e:3b:4b:d3:f0:e2:78:a1:93:24:3e:41:fa:
66:ac:c1:4e:4f:fd:29:a9:a9:b4:23:e0:36:b0:54:e5:c1:5a:
88:a6:77:f4:2f:20:37:53:b4:0b:6b:47:32:60:b1:7c:7b:bf:
43:d3:8b:a8:47:f5:bf:48:5e:0b:d1:02:32:c0:49:ad:8d:7d:
b6:5a:7a:44:86:78:f5:e4:b7:4c:0f:93:ca:8e:8e:89:c5:e1:
49:cf:d8:d2:95:84:50:83:6c:ec:8b:c8:0c:6d:7f:34:2c:36:
cf:32:5f:c1:47:e8:16:70:98:46:db:ee:39:cd:fa:a3:d6:57:
83:34:b0:8e:85:a2:c8:aa:4d:8c:2c:1c:90:f2:96:41:47:2a:
a4:ed:e0:3a
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZOB8E+rd8lyGEfP7tgDcfiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjQxMjAxMTExNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzgzY2UwM2RhZTNlNjQxOGFmNjNkMjAyZGM3NGU0NTY3NWFlODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgCtrnF5Lp2YC3e0MCK8jXh/s0iy
8V0vabI3rpDuI1n5XLV44aSUO6NMwXCLMrOuTyvdi7dAk/+RCL4uwiYii1h0dPub
ShnGLnIvYFc285oQm2dVDOit3O0FGN9Wjq2+6GsntNZgkFS+Z2p3h9jxvKeqxiM+
iRxb4joBZ6QuW5it6R4ZSXLwv55KsJ4IFe45cqejD26lBO7cCsdHKiI/qqMNYcRW
6WWu+Ez42RdYEW7VULXgANbE/9ZcYP0D9QODlEilMBSPBrxvhdmkVwPSBVorZMLW
Tr3XRDatQJWzqTPkTPDtY/iuxLyDR40dDO2cL5cPEVCbGAThymGXGTPzwwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFCeDzgPa4+ZBivY9IC3HTkVnWuifMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvSjRQT0E5cmo1a0dLOWowZ0xjZE9SV2RhNko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQDLvMYAwQD
TilAAwQFUpJgAwQDVZ7QAwQFWFIgAwQDWSMQAwQEWfqwAwQFXoygAwQAXp74AwQD
soQIAwQCuS8AAwQDvEBIAwQGvHYAMA0EAgACMAcDBQAgAUxAMA0GCSqGSIb3DQEB
CwUAA4IBAQAMFP6qhhcxJb7XHJ73P+r26WzricMhitigGmQWy5sh6PanU+z8nmo6
nSIF3q6icoo4A9pbiqFu9Nf/CR98pw9KJgMrcHyJtFpAo56ECU7H/U+rICFVqJIf
LM7HXd28ep8T8A3dxFel6wbof7dR9mAuyH47S9Pw4nihkyQ+QfpmrMFOT/0pqam0
I+A2sFTlwVqIpnf0LyA3U7QLa0cyYLF8e79D04uoR/W/SF4L0QIywEmtjX22WnpE
hnj15LdMD5PKjo6JxeFJz9jSlYRQg2zsi8gMbX80LDbPMl/BR+gWcJhG2+45zfqj
1leDNLCOhaLIqk2MLByQ8pZBRyqk7eA6
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:14:50 2025 by rpki-client