Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/_JHGeT-x9GRhKxp2QuqvVDfohMQ.roa
File: _JHGeT-x9GRhKxp2QuqvVDfohMQ.roa (raw, json)
Hash identifier: RGsVbh9hIPGcjkEsWudWK7EVFJfhTSBSAe+FImVtzE4=
Subject key identifier: FC:91:C6:79:3F:B1:F4:64:61:2B:1A:76:42:EA:AF:54:37:E8:84:C4
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 018E2CB0D516C4CEE2FC45C345E420844E7D
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/_JHGeT-x9GRhKxp2QuqvVDfohMQ.roa
Signing time: Mon 11 Mar 2024 08:46:10 +0000
ROA not before: Mon 11 Mar 2024 08:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24935
IP address blocks: 37.235.92.0/24 maxlen: 24
37.235.93.0/24 maxlen: 24
46.29.122.0/24 maxlen: 24
46.29.123.0/24 maxlen: 24
94.158.182.0/24 maxlen: 24
185.161.45.0/24 maxlen: 24
185.161.47.0/24 maxlen: 24
185.252.156.0/24 maxlen: 24
185.252.158.0/24 maxlen: 24
185.252.159.0/24 maxlen: 24
194.213.30.0/24 maxlen: 24
195.74.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 07:22:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:b0:d5:16:c4:ce:e2:fc:45:c3:45:e4:20:84:4e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Mar 11 08:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc91c6793fb1f464612b1a7642eaaf5437e884c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fa:ca:02:f5:94:8c:07:20:a3:c3:af:6a:77:
70:3a:8b:ba:9c:72:5e:9f:35:54:6d:f8:40:23:33:
7b:20:c0:53:72:6a:e6:1c:c3:74:2d:b2:72:f6:7a:
80:e9:12:f6:7d:f9:6a:9c:c8:27:27:6e:a7:a3:bb:
8e:ff:17:a6:98:84:87:62:d6:de:17:06:76:f1:03:
62:7c:39:07:fc:18:a0:39:45:d4:22:2a:0a:06:4c:
ba:84:8d:62:7b:2b:ca:9a:44:ea:8d:a0:d2:0f:f2:
25:bd:a4:fc:68:fe:03:39:14:74:b7:69:85:e6:e6:
d2:e6:7f:f3:f4:0d:04:1d:3e:17:ae:2b:c3:7a:d0:
f8:f1:16:f1:4a:42:be:57:69:f1:5f:f6:00:e3:9a:
1c:f0:3f:36:4c:9a:9a:8c:ab:c5:b5:23:6e:bf:d4:
7b:fb:c4:1f:12:1d:d3:b5:0c:38:4d:02:f3:b6:b0:
7a:f7:72:da:7f:d8:9b:24:bd:14:45:81:3a:9c:bc:
f9:d5:42:1f:2a:42:10:07:ad:46:ff:db:ce:16:85:
85:04:b5:80:37:dd:a1:84:87:78:1a:4e:0a:54:71:
df:00:4e:3f:68:b1:89:0b:ff:e8:f3:ad:30:a3:92:
f6:86:10:a5:7b:61:48:42:98:c8:fa:69:aa:61:fb:
02:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:91:C6:79:3F:B1:F4:64:61:2B:1A:76:42:EA:AF:54:37:E8:84:C4
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/_JHGeT-x9GRhKxp2QuqvVDfohMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.92.0/23
46.29.122.0/23
94.158.182.0/24
185.161.45.0/24
185.161.47.0/24
185.252.156.0/24
185.252.158.0/23
194.213.30.0/24
195.74.80.0/24
Signature Algorithm: sha256WithRSAEncryption
14:bf:35:c9:69:47:18:94:ef:54:24:53:9e:76:7d:22:7d:45:
ed:d1:a5:bd:a3:1c:8e:28:c9:53:6d:32:f5:ad:d9:32:36:e1:
80:53:05:46:40:5e:4c:7d:ec:3b:bc:c2:e1:a6:0c:78:90:85:
44:89:89:6f:48:a0:a3:81:38:36:25:5f:56:35:d4:7c:0a:3c:
bf:2d:d1:17:de:e6:2c:ee:d5:1a:e0:49:0e:71:f5:8c:09:e1:
af:24:e2:13:29:6b:c2:98:7c:9d:f4:a0:d7:f6:8a:40:f7:4e:
ff:19:b8:06:ef:de:85:3b:f2:81:ef:e8:ed:6c:3f:c8:00:16:
36:e2:a6:20:32:9e:00:ce:5b:99:71:a3:ae:64:fc:52:9e:e7:
9d:3e:60:22:f1:35:8b:bf:2f:a6:ad:6b:eb:fc:e6:01:da:63:
c7:c8:ce:d7:40:a3:3e:57:6a:6d:94:e7:10:16:e6:3a:77:6b:
94:1f:78:ef:59:4e:c2:8d:23:17:3d:aa:6e:ed:58:bb:7e:2d:
18:52:1a:14:19:8a:3e:e4:46:55:23:3d:05:a7:1c:58:89:13:
ed:59:3a:b7:a3:fb:2a:e2:34:40:69:98:9a:2d:2e:96:80:1d:
0c:c7:2f:3b:da:b8:db:2b:58:31:8f:4c:58:ca:b2:2e:ab:96:
d4:7a:99:9a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY4ssNUWxM7i/EXDReQghE59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwMzExMDg0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzkxYzY3OTNmYjFmNDY0NjEyYjFhNzY0MmVhYWY1NDM3ZTg4NGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/rKAvWUjAcgo8OvandwOou6nHJe
nzVUbfhAIzN7IMBTcmrmHMN0LbJy9nqA6RL2fflqnMgnJ26no7uO/xemmISHYtbe
FwZ28QNifDkH/BigOUXUIioKBky6hI1ieyvKmkTqjaDSD/IlvaT8aP4DORR0t2mF
5ubS5n/z9A0EHT4XrivDetD48RbxSkK+V2nxX/YA45oc8D82TJqajKvFtSNuv9R7
+8QfEh3TtQw4TQLztrB693Laf9ibJL0URYE6nLz51UIfKkIQB61G/9vOFoWFBLWA
N92hhId4Gk4KVHHfAE4/aLGJC//o860wo5L2hhCle2FIQpjI+mmqYfsC7wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPyRxnk/sfRkYSsadkLqr1Q36ITEMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvX0pIR2VULXg5R1JoS3hwMlF1cXZWRGZvaE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBJetcAwQB
Lh16AwQAXp62AwQAuaEtAwQAuaEvAwQAufycAwQBufyeAwQAwtUeAwQAw0pQMA0G
CSqGSIb3DQEBCwUAA4IBAQAUvzXJaUcYlO9UJFOedn0ifUXt0aW9oxyOKMlTbTL1
rdkyNuGAUwVGQF5Mfew7vMLhpgx4kIVEiYlvSKCjgTg2JV9WNdR8Cjy/LdEX3uYs
7tUa4EkOcfWMCeGvJOITKWvCmHyd9KDX9opA907/GbgG796FO/KB7+jtbD/IABY2
4qYgMp4AzluZcaOuZPxSnuedPmAi8TWLvy+mrWvr/OYB2mPHyM7XQKM+V2ptlOcQ
FuY6d2uUH3jvWU7CjSMXPapu7Vi7fi0YUhoUGYo+5EZVIz0FpxxYiRPtWTq3o/sq
4jRAaZiaLS6WgB0Mxy872rjbK1gxj0xYyrIuq5bUepma
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:27 2025 by rpki-client