Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/0047b7-f1e6-41a8-a8d2-4801198e75ca/1/J9oU4XaNlRxIY_t6YamLX1M3sGY.roa
File: J9oU4XaNlRxIY_t6YamLX1M3sGY.roa (raw, json)
Hash identifier: uJENOTxqTLS4Vnod3tFduaCEqJKAPLgMcnFnaBEr+8U=
Subject key identifier: 27:DA:14:E1:76:8D:95:1C:48:63:FB:7A:61:A9:8B:5F:53:37:B0:66
Certificate issuer: /CN=beed14bf4e46b13579583f97ff85910d103a53f8
Certificate serial: 018CC26CFE5D260AE2E932D881F5CFBF7598
Authority key identifier: BE:ED:14:BF:4E:46:B1:35:79:58:3F:97:FF:85:91:0D:10:3A:53:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vu0Uv05GsTV5WD-X_4WRDRA6U_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/0047b7-f1e6-41a8-a8d2-4801198e75ca/1/J9oU4XaNlRxIY_t6YamLX1M3sGY.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137
IP address blocks: 192.55.101.0/24 maxlen: 24
192.132.34.0/24 maxlen: 24
192.135.165.0/24 maxlen: 24
192.133.28.0/24 maxlen: 24
143.225.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fe:5d:26:0a:e2:e9:32:d8:81:f5:cf:bf:75:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beed14bf4e46b13579583f97ff85910d103a53f8
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27da14e1768d951c4863fb7a61a98b5f5337b066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:97:62:f7:10:70:5a:7a:be:f2:20:5c:f3:59:
6f:52:50:42:63:e7:3f:06:0b:13:63:07:d8:33:46:
34:38:6b:d8:3a:39:82:0d:0b:31:5e:2c:a3:5f:cf:
0f:c9:18:df:ba:b7:52:a8:de:db:48:23:50:56:3f:
3f:91:8d:d8:b8:67:36:9f:b8:a0:47:99:f4:e1:79:
f5:37:31:f4:ee:f6:69:b3:fe:a6:53:37:ec:7f:99:
7c:e8:e2:cc:ac:42:bf:2e:a3:1e:c2:7b:f5:42:4e:
05:15:49:b6:d4:75:4e:35:3f:cc:0f:7f:f3:c0:8e:
7a:f6:32:b8:11:7c:67:2f:ee:24:7c:a7:e7:e9:ee:
fa:d7:2f:9f:80:27:29:26:f3:31:6f:b2:9f:18:2f:
5b:e1:27:30:98:ef:2c:8c:93:c4:c9:41:ac:ea:70:
c9:f5:d5:04:64:4d:8c:c1:ba:ac:fb:0a:ea:2f:94:
83:ab:5c:b9:03:69:fd:a6:91:a5:5c:79:9f:c6:d1:
c3:45:52:51:66:f0:d0:49:60:39:c3:19:d0:18:ba:
ff:25:f9:11:21:b3:cb:68:57:9f:bf:07:d3:e0:e2:
f3:e2:07:06:67:1b:3a:d6:5b:40:0b:82:2a:7a:b7:
ee:8b:e3:15:5b:62:f1:31:d3:40:a8:f4:62:93:81:
3d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:DA:14:E1:76:8D:95:1C:48:63:FB:7A:61:A9:8B:5F:53:37:B0:66
X509v3 Authority Key Identifier:
keyid:BE:ED:14:BF:4E:46:B1:35:79:58:3F:97:FF:85:91:0D:10:3A:53:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vu0Uv05GsTV5WD-X_4WRDRA6U_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/0047b7-f1e6-41a8-a8d2-4801198e75ca/1/J9oU4XaNlRxIY_t6YamLX1M3sGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/0047b7-f1e6-41a8-a8d2-4801198e75ca/1/vu0Uv05GsTV5WD-X_4WRDRA6U_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.225.0.0/16
192.55.101.0/24
192.132.34.0/24
192.133.28.0/24
192.135.165.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:f0:6e:5c:1b:4e:38:b4:63:04:63:19:9c:fd:ed:09:aa:73:
e2:62:69:78:ba:92:af:99:d9:5b:5a:74:52:32:68:ae:59:94:
53:42:ae:6d:32:88:8b:0a:d3:df:c6:0f:44:41:f1:c2:4e:7f:
4d:c5:0f:22:3e:a7:42:38:19:6f:7b:8a:2e:94:cb:ce:de:d9:
1d:b4:e0:a7:98:ea:70:b0:b4:1e:7b:d4:b1:53:45:ea:98:b1:
15:c1:a9:15:9a:63:0c:3a:5e:94:53:80:b6:fd:44:0c:9c:15:
4b:ae:f2:75:6a:5f:82:46:cb:e2:49:7e:c5:d7:51:03:d1:73:
a1:37:66:45:3f:d5:5c:00:a6:52:76:ed:21:5c:3b:ae:ae:68:
b3:53:de:d5:77:a5:80:96:10:76:ee:1d:40:cf:80:be:bf:b4:
62:24:d8:50:fd:ae:3a:ff:23:e2:0b:08:a0:e7:9b:c4:b8:3d:
af:c5:04:f8:99:6d:66:48:fc:83:fd:71:66:da:62:94:54:3b:
04:08:ec:7f:06:ff:47:ce:68:99:19:fc:db:f3:7d:a1:c3:e1:
79:5d:f4:e7:7d:d9:fd:60:e8:f7:83:e7:d7:8d:3d:6f:d7:ed:
9e:b6:cb:72:73:70:e7:3a:81:05:0f:f0:02:cc:0c:e5:75:87:
ae:82:6b:b5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzCbP5dJgri6TLYgfXPv3WYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZWQxNGJmNGU0NmIxMzU3OTU4M2Y5N2ZmODU5MTBkMTAz
YTUzZjgwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2RhMTRlMTc2OGQ5NTFjNDg2M2ZiN2E2MWE5OGI1ZjUzMzdiMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Zdi9xBwWnq+8iBc81lvUlBCY+c/
BgsTYwfYM0Y0OGvYOjmCDQsxXiyjX88PyRjfurdSqN7bSCNQVj8/kY3YuGc2n7ig
R5n04Xn1NzH07vZps/6mUzfsf5l86OLMrEK/LqMewnv1Qk4FFUm21HVONT/MD3/z
wI569jK4EXxnL+4kfKfn6e761y+fgCcpJvMxb7KfGC9b4ScwmO8sjJPEyUGs6nDJ
9dUEZE2Mwbqs+wrqL5SDq1y5A2n9ppGlXHmfxtHDRVJRZvDQSWA5wxnQGLr/JfkR
IbPLaFefvwfT4OLz4gcGZxs61ltAC4Iqerfui+MVW2LxMdNAqPRik4E9qQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCfaFOF2jZUcSGP7emGpi19TN7BmMB8GA1UdIwQY
MBaAFL7tFL9ORrE1eVg/l/+FkQ0QOlP4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnUwVXYwNUdzVFY1V0QtWF80V1JEUkE2VV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8wMDQ3YjctZjFlNi00MWE4LWE4ZDIt
NDgwMTE5OGU3NWNhLzEvSjlvVTRYYU5sUnhJWV90NllhbUxYMU0zc0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8wMDQ3YjctZjFlNi00MWE4LWE4ZDItNDgwMTE5OGU3NWNh
LzEvdnUwVXYwNUdzVFY1V0QtWF80V1JEUkE2VV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwMAj+EDBADA
N2UDBADAhCIDBADAhRwDBADAh6UwDQYJKoZIhvcNAQELBQADggEBAMnwblwbTji0
YwRjGZz97Qmqc+JiaXi6kq+Z2VtadFIyaK5ZlFNCrm0yiIsK09/GD0RB8cJOf03F
DyI+p0I4GW97ii6Uy87e2R204KeY6nCwtB571LFTReqYsRXBqRWaYww6XpRTgLb9
RAycFUuu8nVqX4JGy+JJfsXXUQPRc6E3ZkU/1VwAplJ27SFcO66uaLNT3tV3pYCW
EHbuHUDPgL6/tGIk2FD9rjr/I+ILCKDnm8S4Pa/FBPiZbWZI/IP9cWbaYpRUOwQI
7H8G/0fOaJkZ/NvzfaHD4Xld9Od92f1g6PeD59eNPW/X7Z62y3JzcOc6gQUP8ALM
DOV1h66Ca7U=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:00 2025 by rpki-client