Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/jpsqohY2nLYqd87r2ARTQz5oPgc.roa
File: jpsqohY2nLYqd87r2ARTQz5oPgc.roa (raw, json)
Hash identifier: MaM+jrqLwYjX4jFKfrvywm82BAW16lzniNZZljtQuMc=
Subject key identifier: 8E:9B:2A:A2:16:36:9C:B6:2A:77:CE:EB:D8:04:53:43:3E:68:3E:07
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 0194221F7EC6D2FBA2ACB2FA5B25439DC396
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/jpsqohY2nLYqd87r2ARTQz5oPgc.roa
Signing time: Wed 01 Jan 2025 13:47:56 +0000
ROA not before: Wed 01 Jan 2025 13:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213323
IP address blocks: 89.42.132.0/24 maxlen: 24
89.42.135.0/24 maxlen: 24
185.248.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 20:09:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7e:c6:d2:fb:a2:ac:b2:fa:5b:25:43:9d:c3:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 13:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e9b2aa216369cb62a77ceebd80453433e683e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:25:f6:6a:76:b6:36:8e:b3:f8:ec:dd:f6:98:
ee:d6:3d:89:9e:30:ec:17:da:7a:33:e2:6e:05:67:
4f:f6:94:cf:e3:b1:ff:4d:d5:4c:4d:6d:37:08:d4:
47:b1:45:50:68:b5:fe:fa:d6:19:09:7d:02:14:b6:
c0:75:e0:e0:de:11:49:ef:5c:85:54:81:d8:97:7a:
26:92:5a:6f:bb:4c:6e:02:f6:8f:b6:a9:64:76:9d:
41:2c:84:37:26:af:68:9a:70:9d:c5:15:6a:d5:b2:
4e:2d:83:30:dc:57:2e:e4:a8:8e:c9:61:3a:09:df:
ac:3e:93:36:68:07:c8:aa:f8:fd:7e:27:37:29:ed:
51:19:7b:f3:5f:d4:90:55:a7:fc:d1:90:13:60:ba:
cc:57:6a:0e:df:f3:4e:d3:03:6f:0f:31:0d:b8:6e:
32:91:56:7e:68:d2:6c:41:cb:5b:2b:fd:1a:57:02:
0a:0d:7e:f3:0a:d9:af:84:a0:1c:67:d0:98:7d:1b:
30:53:f0:28:aa:a3:8e:2b:58:31:ee:94:c7:ab:6e:
58:bb:8f:c8:bc:47:f4:7f:f8:8f:ee:54:28:11:53:
57:36:da:1c:36:83:98:fd:09:ee:de:38:95:b1:4c:
ad:f8:a5:3f:6d:a1:67:cf:25:0b:bd:8b:98:f6:5e:
47:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:9B:2A:A2:16:36:9C:B6:2A:77:CE:EB:D8:04:53:43:3E:68:3E:07
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/jpsqohY2nLYqd87r2ARTQz5oPgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.132.0/24
89.42.135.0/24
185.248.138.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:53:f2:9b:74:d4:00:9c:b4:bf:98:1b:50:4c:ca:ca:fa:08:
4d:73:ee:9d:8d:c6:e3:23:ad:eb:ed:ee:ba:8c:1a:09:60:e7:
33:01:1f:f5:1c:41:8b:7b:e5:b9:2b:1e:af:d4:f2:a4:38:b3:
ab:dd:64:ad:b7:b6:e1:63:a5:ea:9c:19:a4:80:54:aa:1c:9a:
d6:9c:28:83:e6:db:94:c4:c3:c8:a3:1e:c9:e1:1a:0a:d1:f5:
05:e5:5c:89:06:ed:d3:21:99:6c:64:6d:3b:39:ee:c4:ea:e5:
d2:f3:1c:17:c8:25:1e:c7:2e:aa:9a:dd:a7:64:41:49:af:a7:
0a:05:36:77:bc:37:52:33:50:d3:a2:96:14:87:c2:1f:91:d8:
27:ff:81:1e:93:5f:32:3f:67:c0:69:7c:c3:be:3f:0e:29:cd:
25:e4:77:02:28:0c:cd:18:f5:de:d7:eb:cd:25:a4:f4:16:84:
7f:1f:fe:8f:ec:0f:5b:91:18:5f:22:ca:bc:ec:f0:57:fd:56:
8a:f0:8c:5f:33:f6:1f:5c:ae:a1:2c:bf:bc:c0:1f:63:68:b6:
e2:cd:7e:33:5e:2c:f0:1b:46:a0:81:e2:cc:54:25:9f:66:4a:
28:45:d4:53:cf:dc:2b:73:d3:45:86:39:0f:0f:8d:e0:be:a1:
ff:e0:cf:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH37G0vuirLL6WyVDncOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjUwMTAxMTM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTliMmFhMjE2MzY5Y2I2MmE3N2NlZWJkODA0NTM0MzNlNjgzZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCX2ana2No6z+Ozd9pju1j2JnjDs
F9p6M+JuBWdP9pTP47H/TdVMTW03CNRHsUVQaLX++tYZCX0CFLbAdeDg3hFJ71yF
VIHYl3omklpvu0xuAvaPtqlkdp1BLIQ3Jq9omnCdxRVq1bJOLYMw3Fcu5KiOyWE6
Cd+sPpM2aAfIqvj9fic3Ke1RGXvzX9SQVaf80ZATYLrMV2oO3/NO0wNvDzENuG4y
kVZ+aNJsQctbK/0aVwIKDX7zCtmvhKAcZ9CYfRswU/AoqqOOK1gx7pTHq25Yu4/I
vEf0f/iP7lQoEVNXNtocNoOY/Qnu3jiVsUyt+KU/baFnzyULvYuY9l5HvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI6bKqIWNpy2KnfO69gEU0M+aD4HMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvanBzcW9oWTJuTFlxZDg3cjJBUlRRejVvUGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSqEAwQA
WSqHAwQAufiKMA0GCSqGSIb3DQEBCwUAA4IBAQDIU/KbdNQAnLS/mBtQTMrK+ghN
c+6djcbjI63r7e66jBoJYOczAR/1HEGLe+W5Kx6v1PKkOLOr3WStt7bhY6XqnBmk
gFSqHJrWnCiD5tuUxMPIox7J4RoK0fUF5VyJBu3TIZlsZG07Oe7E6uXS8xwXyCUe
xy6qmt2nZEFJr6cKBTZ3vDdSM1DTopYUh8Ifkdgn/4Eek18yP2fAaXzDvj8OKc0l
5HcCKAzNGPXe1+vNJaT0FoR/H/6P7A9bkRhfIsq87PBX/VaK8IxfM/YfXK6hLL+8
wB9jaLbizX4zXizwG0aggeLMVCWfZkooRdRTz9wrc9NFhjkPD43gvqH/4M9k
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:12:13 2025 by rpki-client