Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/jRUDzm64cBjQ5XDuYV-0wnCaxrI.roa
File: jRUDzm64cBjQ5XDuYV-0wnCaxrI.roa (raw, json)
Hash identifier: 2A9hDfyhTsRpcHVSgDJit+izXI40ZzIs8ExbVkMp6DI=
Subject key identifier: 8D:15:03:CE:6E:B8:70:18:D0:E5:70:EE:61:5F:B4:C2:70:9A:C6:B2
Certificate issuer: /CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Certificate serial: 0193E978FAE6B2C319A11554B691DD7BFF42
Authority key identifier: 0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/jRUDzm64cBjQ5XDuYV-0wnCaxrI.roa
Signing time: Sat 21 Dec 2024 13:47:19 +0000
ROA not before: Sat 21 Dec 2024 13:47:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22427
IP address blocks: 194.99.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e9:78:fa:e6:b2:c3:19:a1:15:54:b6:91:dd:7b:ff:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Validity
Not Before: Dec 21 13:47:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d1503ce6eb87018d0e570ee615fb4c2709ac6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3f:c0:eb:0e:15:46:6c:f5:ff:8a:2d:d5:a2:
ff:c9:2a:09:d9:4d:29:7d:52:f0:1e:46:31:31:f8:
2d:a5:f6:63:bb:3b:42:9b:0e:55:c1:45:fc:43:8b:
e9:65:25:c8:67:b8:b2:94:4b:75:9f:5a:ce:8d:12:
43:ea:13:74:89:36:05:2c:6d:df:33:47:7f:a1:48:
d6:97:34:51:6a:f4:6c:9a:8e:9d:80:c0:70:c1:64:
64:fe:dd:67:8d:64:e9:68:e7:24:81:9c:2e:53:48:
11:81:77:fe:1e:94:01:b7:bf:34:9c:32:c9:4f:ad:
ad:23:ee:35:56:61:6b:ad:25:aa:95:1d:5f:d5:eb:
0d:5b:91:86:32:21:a3:d1:90:dd:8d:f1:03:00:68:
79:7a:23:2a:59:5f:20:21:43:88:90:51:8e:0b:3a:
cd:7a:69:c2:14:11:a1:cf:bf:93:c0:ea:f2:af:e7:
28:73:0e:6f:b7:1d:ef:6f:48:2f:23:1c:3f:d3:a8:
77:26:ef:72:7a:cd:fe:90:39:ea:2e:86:f3:ec:a8:
ce:12:b2:e0:9b:60:bd:b2:d4:72:fe:44:6e:3f:16:
6b:d8:aa:d5:e0:42:e6:38:50:17:e1:09:91:92:c2:
11:cc:f5:bd:94:5a:55:4a:f0:ac:df:7d:10:8c:3d:
1d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:15:03:CE:6E:B8:70:18:D0:E5:70:EE:61:5F:B4:C2:70:9A:C6:B2
X509v3 Authority Key Identifier:
keyid:0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/jRUDzm64cBjQ5XDuYV-0wnCaxrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.99.156.0/24
Signature Algorithm: sha256WithRSAEncryption
77:d2:71:00:30:08:0d:13:a5:80:57:91:c9:45:6c:22:3f:9a:
cd:18:6b:7a:27:0c:b0:76:47:26:5c:1c:37:69:60:3a:1e:0d:
80:87:98:7f:f2:23:f4:35:bb:45:62:b6:e9:37:f9:4b:b8:47:
b4:4b:83:67:d1:52:6f:fa:2b:d4:9c:e6:28:1b:dc:17:9f:29:
a4:f3:4a:3d:c9:35:99:84:05:3a:4a:f1:9f:bc:44:2b:ac:d1:
d7:dd:af:12:55:ce:ee:ed:a2:83:d5:e0:30:3a:c1:e9:5c:1a:
3c:cc:1f:50:70:40:6f:4c:45:57:f1:53:08:24:08:ef:75:cf:
cd:7d:93:7a:05:20:33:08:59:38:3a:ad:ee:45:7d:6f:11:ed:
10:33:a0:5b:93:f1:e7:f9:d8:b6:62:41:41:f0:bd:f0:ae:d9:
82:1e:0c:d8:c9:89:7d:d2:fc:c2:ee:e0:6a:46:54:f0:46:44:
5d:e3:49:89:0f:2f:72:bb:31:24:ab:78:68:56:fb:13:bf:66:
a8:b0:4c:2b:76:46:ac:02:80:22:ab:2c:32:de:00:a9:21:74:
40:97:88:0a:7d:82:65:b6:60:44:24:87:27:90:db:4e:e3:9f:
45:18:54:01:ab:cd:e0:c8:74:44:0e:aa:36:1f:fb:23:ed:36:
8f:0d:8d:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPpePrmssMZoRVUtpHde/9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWY4Yzk0NDdkNjE0Yjg2MTgyNzYzZDkzMzMyNTBlMmQ5
NDEyZTIwHhcNMjQxMjIxMTM0NzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDE1MDNjZTZlYjg3MDE4ZDBlNTcwZWU2MTVmYjRjMjcwOWFjNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxT/A6w4VRmz1/4ot1aL/ySoJ2U0p
fVLwHkYxMfgtpfZjuztCmw5VwUX8Q4vpZSXIZ7iylEt1n1rOjRJD6hN0iTYFLG3f
M0d/oUjWlzRRavRsmo6dgMBwwWRk/t1njWTpaOckgZwuU0gRgXf+HpQBt780nDLJ
T62tI+41VmFrrSWqlR1f1esNW5GGMiGj0ZDdjfEDAGh5eiMqWV8gIUOIkFGOCzrN
emnCFBGhz7+TwOryr+cocw5vtx3vb0gvIxw/06h3Ju9yes3+kDnqLobz7KjOErLg
m2C9stRy/kRuPxZr2KrV4ELmOFAX4QmRksIRzPW9lFpVSvCs330QjD0dxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0VA85uuHAY0OVw7mFftMJwmsayMB8GA1UdIwQY
MBaAFAtfjJRH1hS4YYJ2PZMzJQ4tlBLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYt
OGE5NWU2Mzc3MzMyLzEvalJVRHptNjRjQmpRNVhEdVlWLTB3bkNheHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYtOGE5NWU2Mzc3MzMy
LzEvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmOcMA0G
CSqGSIb3DQEBCwUAA4IBAQB30nEAMAgNE6WAV5HJRWwiP5rNGGt6JwywdkcmXBw3
aWA6Hg2Ah5h/8iP0NbtFYrbpN/lLuEe0S4Nn0VJv+ivUnOYoG9wXnymk80o9yTWZ
hAU6SvGfvEQrrNHX3a8SVc7u7aKD1eAwOsHpXBo8zB9QcEBvTEVX8VMIJAjvdc/N
fZN6BSAzCFk4Oq3uRX1vEe0QM6Bbk/Hn+di2YkFB8L3wrtmCHgzYyYl90vzC7uBq
RlTwRkRd40mJDy9yuzEkq3hoVvsTv2aosEwrdkasAoAiqywy3gCpIXRAl4gKfYJl
tmBEJIcnkNtO459FGFQBq83gyHREDqo2H/sj7TaPDY0O
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:25:17 2025 by rpki-client