Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/Jq5MOGMpox2nMb3NbvbzEHtvfPE.roa
File: Jq5MOGMpox2nMb3NbvbzEHtvfPE.roa (raw, json)
Hash identifier: aIfgttNM4bI1b8SubBQiQZShaiGWXvQ1vwE5DsAK9No=
Subject key identifier: 26:AE:4C:38:63:29:A3:1D:A7:31:BD:CD:6E:F6:F3:10:7B:6F:7C:F1
Certificate issuer: /CN=a14e499240cea588541a7dc74f321c9141744bb6
Certificate serial: 0193BB3795C13CB917BA554F3FB94F7875D5
Authority key identifier: A1:4E:49:92:40:CE:A5:88:54:1A:7D:C7:4F:32:1C:91:41:74:4B:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oU5JkkDOpYhUGn3HTzIckUF0S7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/Jq5MOGMpox2nMb3NbvbzEHtvfPE.roa
Signing time: Thu 12 Dec 2024 14:13:22 +0000
ROA not before: Thu 12 Dec 2024 14:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49603
IP address blocks: 46.19.152.0/21 maxlen: 24
185.88.60.0/22 maxlen: 24
185.92.152.0/22 maxlen: 24
2a05:ca80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:37:95:c1:3c:b9:17:ba:55:4f:3f:b9:4f:78:75:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a14e499240cea588541a7dc74f321c9141744bb6
Validity
Not Before: Dec 12 14:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26ae4c386329a31da731bdcd6ef6f3107b6f7cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:56:36:b7:48:ff:f0:f5:17:ff:63:71:0b:
c3:fd:a0:e1:19:74:ab:8a:86:1b:03:28:c0:a3:57:
0b:f5:32:be:70:1f:fe:a2:3d:69:11:d3:18:4f:43:
ce:f6:9a:80:cd:95:48:d0:15:a1:16:3a:d9:d8:78:
96:37:97:e5:9f:1f:04:e7:9b:b0:62:c4:6d:c9:b1:
0a:9d:68:65:c8:73:df:f6:52:47:55:a5:3e:8e:71:
b1:74:f6:cb:58:a1:93:14:22:74:67:3c:ad:f8:a3:
20:06:57:a5:60:8a:95:6d:0b:38:72:0a:ef:c0:0a:
a3:f9:80:44:fc:49:7d:c0:1f:0a:fd:41:92:a5:e4:
9b:89:ef:8c:65:f6:a4:78:30:98:fe:37:81:38:ea:
14:6f:f8:6e:2a:91:aa:0f:31:bc:a1:04:b4:b5:05:
9d:10:9d:54:90:90:48:00:f0:ac:e0:52:74:90:20:
cf:a7:0d:3c:d4:82:9a:5a:80:10:be:41:97:a2:78:
c2:63:02:2c:15:65:65:af:6f:52:87:95:e6:9b:88:
07:58:9c:c3:db:13:d8:02:ae:ac:a9:0d:a9:98:fe:
c4:dd:8b:e8:0e:45:91:7e:ea:89:11:5f:ea:b8:c6:
19:0f:78:19:7b:ed:9d:c3:aa:f0:9c:50:c9:27:f1:
89:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:AE:4C:38:63:29:A3:1D:A7:31:BD:CD:6E:F6:F3:10:7B:6F:7C:F1
X509v3 Authority Key Identifier:
keyid:A1:4E:49:92:40:CE:A5:88:54:1A:7D:C7:4F:32:1C:91:41:74:4B:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oU5JkkDOpYhUGn3HTzIckUF0S7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/Jq5MOGMpox2nMb3NbvbzEHtvfPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/oU5JkkDOpYhUGn3HTzIckUF0S7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.152.0/21
185.88.60.0/22
185.92.152.0/22
IPv6:
2a05:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
75:8b:c5:20:46:67:7a:a4:ae:bf:c5:9b:bf:10:0e:87:6f:64:
60:04:08:a0:5c:9b:46:4d:c6:07:36:07:26:57:0e:50:7a:4a:
ff:2a:3e:e8:fb:94:6b:ad:6c:a6:86:7c:cd:55:a4:73:ab:cd:
b0:d8:7d:d3:72:c3:35:1c:0e:33:6b:72:87:c6:94:ea:b8:87:
4d:c4:5e:ab:ba:c6:f0:56:83:5e:53:d3:f3:f0:01:80:63:39:
72:8d:2a:9a:0d:f7:35:30:66:48:b4:b3:d5:9a:37:73:09:80:
35:11:8f:83:01:dc:17:b9:ea:4b:7d:2e:70:77:14:d6:ee:1d:
8a:e5:c0:94:a4:d7:53:38:a8:87:9b:a8:3a:b0:be:42:c5:80:
82:2b:31:04:f2:51:a2:91:6b:f7:22:8e:1f:71:26:77:ad:69:
7a:13:c1:5b:57:50:66:cc:d9:9a:7b:a7:07:24:60:d5:8f:10:
c1:cb:cb:0d:cd:22:3c:33:3b:cd:a6:81:26:30:f4:dd:cd:93:
a8:32:1d:45:ad:68:6c:e2:32:6f:0b:64:3f:93:0e:f1:b3:f1:
8c:79:a9:20:c5:27:a4:32:9d:f4:1a:f5:96:9d:a3:12:37:45:
f8:cb:a3:8c:0c:70:c7:57:c8:57:1e:36:a0:01:cc:a8:61:ae:
2b:eb:34:ee
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZO7N5XBPLkXulVPP7lPeHXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNGU0OTkyNDBjZWE1ODg1NDFhN2RjNzRmMzIxYzkxNDE3
NDRiYjYwHhcNMjQxMjEyMTQxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmFlNGMzODYzMjlhMzFkYTczMWJkY2Q2ZWY2ZjMxMDdiNmY3Y2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm9WNrdI//D1F/9jcQvD/aDhGXSr
ioYbAyjAo1cL9TK+cB/+oj1pEdMYT0PO9pqAzZVI0BWhFjrZ2HiWN5flnx8E55uw
YsRtybEKnWhlyHPf9lJHVaU+jnGxdPbLWKGTFCJ0Zzyt+KMgBlelYIqVbQs4cgrv
wAqj+YBE/El9wB8K/UGSpeSbie+MZfakeDCY/jeBOOoUb/huKpGqDzG8oQS0tQWd
EJ1UkJBIAPCs4FJ0kCDPpw081IKaWoAQvkGXonjCYwIsFWVlr29Sh5Xmm4gHWJzD
2xPYAq6sqQ2pmP7E3YvoDkWRfuqJEV/quMYZD3gZe+2dw6rwnFDJJ/GJjQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCauTDhjKaMdpzG9zW728xB7b3zxMB8GA1UdIwQY
MBaAFKFOSZJAzqWIVBp9x08yHJFBdEu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1U1SmtrRE9wWWhVR24zSFR6SWNrVUYwUzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wODI4ZTctMWU1Ny00NzQ3LThlYTEt
MzZhODA4ZjNkMTRkLzEvSnE1TU9HTXBveDJuTWIzTmJ2YnpFSHR2ZlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wODI4ZTctMWU1Ny00NzQ3LThlYTEtMzZhODA4ZjNkMTRk
LzEvb1U1SmtrRE9wWWhVR24zSFR6SWNrVUYwUzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLhOYAwQC
uVg8AwQCuVyYMA0EAgACMAcDBQMqBcqAMA0GCSqGSIb3DQEBCwUAA4IBAQB1i8Ug
Rmd6pK6/xZu/EA6Hb2RgBAigXJtGTcYHNgcmVw5Qekr/Kj7o+5RrrWymhnzNVaRz
q82w2H3TcsM1HA4za3KHxpTquIdNxF6rusbwVoNeU9Pz8AGAYzlyjSqaDfc1MGZI
tLPVmjdzCYA1EY+DAdwXuepLfS5wdxTW7h2K5cCUpNdTOKiHm6g6sL5CxYCCKzEE
8lGikWv3Io4fcSZ3rWl6E8FbV1BmzNmae6cHJGDVjxDBy8sNzSI8MzvNpoEmMPTd
zZOoMh1FrWhs4jJvC2Q/kw7xs/GMeakgxSekMp30GvWWnaMSN0X4y6OMDHDHV8hX
HjagAcyoYa4r6zTu
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:37 2025 by rpki-client