Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/JGsZheuRhs8DKYCpOmUN_z2VC1Q.roa
File: JGsZheuRhs8DKYCpOmUN_z2VC1Q.roa (raw, json)
Hash identifier: NmN2EraaSOIl4gZKCV+KM9q/Zk379nRaBkrRS0ApyFk=
Subject key identifier: 24:6B:19:85:EB:91:86:CF:03:29:80:A9:3A:65:0D:FF:3D:95:0B:54
Certificate issuer: /CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Certificate serial: 018F2E591C2A0E8CBC3EA195F61C483CED8F
Authority key identifier: 48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/JGsZheuRhs8DKYCpOmUN_z2VC1Q.roa
Signing time: Tue 30 Apr 2024 09:32:22 +0000
ROA not before: Tue 30 Apr 2024 09:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203684
IP address blocks: 91.199.9.0/24 maxlen: 24
91.199.18.0/24 maxlen: 24
91.199.27.0/24 maxlen: 24
91.199.30.0/24 maxlen: 24
109.95.60.0/24 maxlen: 24
109.95.61.0/24 maxlen: 24
109.95.62.0/24 maxlen: 24
109.95.63.0/24 maxlen: 24
185.186.240.0/24 maxlen: 24
185.187.86.0/23 maxlen: 23
185.187.86.0/24 maxlen: 24
185.187.87.0/24 maxlen: 24
2a11:7700::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 30 Apr 2024 11:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:59:1c:2a:0e:8c:bc:3e:a1:95:f6:1c:48:3c:ed:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Validity
Not Before: Apr 30 09:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=246b1985eb9186cf032980a93a650dff3d950b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f5:61:29:39:b2:b8:df:e6:db:5f:1f:ef:a9:
0f:37:6c:dd:f3:fa:bd:28:42:49:7e:df:fe:bc:f8:
d8:90:3c:90:02:bc:32:b9:2b:da:66:cd:44:16:f2:
43:d5:12:9b:aa:12:cd:ba:92:34:17:eb:0a:e0:51:
61:31:57:77:bf:db:31:32:c4:9e:61:f3:ad:32:f6:
d1:cb:87:57:52:da:90:a5:ab:a3:d4:12:69:ff:a8:
2b:62:8a:d3:9c:c2:74:c0:09:5d:7c:7d:2c:d1:55:
d0:f1:18:4d:23:53:9c:29:61:36:f2:5e:6c:65:e3:
0a:27:b2:57:b8:bd:cf:e7:97:ab:d2:ff:9d:71:28:
d4:d5:30:ee:76:19:b3:3a:9e:d4:63:7c:73:84:4d:
45:f7:83:42:f4:6e:3e:23:5c:fd:a5:e9:84:e6:3d:
67:c2:e2:eb:b6:c4:11:39:28:26:47:55:f4:e9:46:
e2:d6:1b:db:62:3a:20:8e:17:8b:23:2f:86:70:03:
a3:a7:5f:f0:a2:1a:b0:25:90:4e:62:30:f6:40:12:
fc:48:65:bd:ed:ad:b5:96:53:82:04:fb:50:70:42:
48:a7:3a:d7:04:0a:c8:61:4c:c8:d0:43:74:ce:04:
a2:5d:6c:a0:5b:ab:f6:53:84:5e:86:6a:f8:d6:73:
1b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:6B:19:85:EB:91:86:CF:03:29:80:A9:3A:65:0D:FF:3D:95:0B:54
X509v3 Authority Key Identifier:
keyid:48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/JGsZheuRhs8DKYCpOmUN_z2VC1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.9.0/24
91.199.18.0/24
91.199.27.0/24
91.199.30.0/24
109.95.60.0/22
185.186.240.0/24
185.187.86.0/23
IPv6:
2a11:7700::/29
Signature Algorithm: sha256WithRSAEncryption
99:b4:01:1b:73:a3:61:fc:b7:84:d6:77:40:93:e2:0d:99:26:
3c:cd:5c:a3:e1:fd:f7:43:4d:bf:67:3c:1f:9e:42:87:d0:96:
84:80:2e:a2:7e:10:69:5d:d0:ba:2c:5d:c7:1a:de:bd:74:f7:
34:29:4b:00:26:4f:28:71:b9:bc:0d:4c:30:9c:f7:8c:62:87:
70:68:18:91:1b:04:38:6f:2a:73:53:ce:b3:3a:22:55:7e:93:
99:dd:81:8a:47:05:03:b1:8a:7a:ce:5a:c6:e1:35:c6:9a:ea:
9a:0b:12:17:45:86:8c:12:c1:37:f8:97:a5:e2:dc:94:93:c3:
59:f3:67:59:32:72:94:49:26:54:03:c4:ad:2d:08:8e:65:61:
c5:83:36:99:8e:67:6d:82:a3:c0:d5:82:0d:84:1d:b9:ed:c8:
be:19:56:5f:a0:5f:80:44:6d:a8:cd:ce:8c:33:12:23:ba:ec:
d0:3d:6a:de:1b:f8:ec:be:0b:75:4c:01:55:db:77:d2:7b:3b:
eb:cc:d0:b5:25:0c:8f:3a:46:59:a5:4b:12:07:4a:d0:36:62:
1c:ad:0e:49:2c:4e:6f:e0:76:0b:f6:06:a0:4e:51:77:da:9a:
f9:b5:d7:23:cd:d5:c7:08:71:bd:f8:ab:a2:07:7a:fc:27:ac:
5f:1e:7f:17
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY8uWRwqDoy8PqGV9hxIPO2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDFhNWI4MTYxNThmMDdhOGNhOGFjYjM3ZTk3ZTJmMjBi
MDY5MTEwHhcNMjQwNDMwMDkzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDZiMTk4NWViOTE4NmNmMDMyOTgwYTkzYTY1MGRmZjNkOTUwYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPVhKTmyuN/m218f76kPN2zd8/q9
KEJJft/+vPjYkDyQArwyuSvaZs1EFvJD1RKbqhLNupI0F+sK4FFhMVd3v9sxMsSe
YfOtMvbRy4dXUtqQpauj1BJp/6grYorTnMJ0wAldfH0s0VXQ8RhNI1OcKWE28l5s
ZeMKJ7JXuL3P55er0v+dcSjU1TDudhmzOp7UY3xzhE1F94NC9G4+I1z9pemE5j1n
wuLrtsQROSgmR1X06Ubi1hvbYjogjheLIy+GcAOjp1/wohqwJZBOYjD2QBL8SGW9
7a21llOCBPtQcEJIpzrXBArIYUzI0EN0zgSiXWygW6v2U4Rehmr41nMbKQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCRrGYXrkYbPAymAqTplDf89lQtUMB8GA1UdIwQY
MBaAFEgBpbgWFY8HqMqKyzfpfi8gsGkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTkt
ZWU4MTBiODNhZGNkLzEvSkdzWmhldVJoczhES1lDcE9tVU5fejJWQzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTktZWU4MTBiODNhZGNk
LzEvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAW8cJAwQA
W8cSAwQAW8cbAwQAW8ceAwQCbV88AwQAubrwAwQBubtWMA0EAgACMAcDBQMqEXcA
MA0GCSqGSIb3DQEBCwUAA4IBAQCZtAEbc6Nh/LeE1ndAk+INmSY8zVyj4f33Q02/
ZzwfnkKH0JaEgC6ifhBpXdC6LF3HGt69dPc0KUsAJk8ocbm8DUwwnPeMYodwaBiR
GwQ4bypzU86zOiJVfpOZ3YGKRwUDsYp6zlrG4TXGmuqaCxIXRYaMEsE3+Jel4tyU
k8NZ82dZMnKUSSZUA8StLQiOZWHFgzaZjmdtgqPA1YINhB257ci+GVZfoF+ARG2o
zc6MMxIjuuzQPWreG/jsvgt1TAFV23fSezvrzNC1JQyPOkZZpUsSB0rQNmIcrQ5J
LE5v4HYL9gagTlF32pr5tdcjzdXHCHG9+KuiB3r8J6xfHn8X
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:44:49 2025 by rpki-client