Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/JDq7Hf38Q0zPj93aLTC1doh_qWU.roa
File: JDq7Hf38Q0zPj93aLTC1doh_qWU.roa (raw, json)
Hash identifier: rUT4lYazBsOYdxg2FCNGEF/3CfuGAxr+zyrYAEiM/Zw=
Subject key identifier: 24:3A:BB:1D:FD:FC:43:4C:CF:8F:DD:DA:2D:30:B5:76:88:7F:A9:65
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 0193787C92034F23118EB0C7E87072DCC519
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/JDq7Hf38Q0zPj93aLTC1doh_qWU.roa
Signing time: Fri 29 Nov 2024 15:14:09 +0000
ROA not before: Fri 29 Nov 2024 15:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 153.112.128.0/24 maxlen: 24
153.112.195.0/24 maxlen: 24
153.112.200.0/24 maxlen: 24
153.112.205.0/24 maxlen: 24
153.112.216.0/24 maxlen: 24
153.112.217.0/24 maxlen: 24
153.112.223.0/24 maxlen: 24
153.112.224.0/24 maxlen: 24
153.112.225.0/24 maxlen: 24
153.112.226.0/24 maxlen: 24
153.112.227.0/24 maxlen: 24
153.112.228.0/24 maxlen: 24
153.112.229.0/24 maxlen: 24
153.112.230.0/24 maxlen: 24
153.112.231.0/24 maxlen: 24
192.131.25.0/24 maxlen: 24
192.157.12.0/23 maxlen: 23
192.157.14.0/24 maxlen: 24
192.157.15.0/24 maxlen: 24
192.157.16.0/23 maxlen: 23
193.53.25.0/24 maxlen: 24
193.53.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 14:27:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:78:7c:92:03:4f:23:11:8e:b0:c7:e8:70:72:dc:c5:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Nov 29 15:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=243abb1dfdfc434ccf8fddda2d30b576887fa965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ac:30:22:61:75:bc:41:f2:13:bd:80:d2:0b:
a2:be:2f:4e:92:b5:4f:b3:a7:5b:8d:25:72:4e:cb:
6d:a4:74:c0:a3:24:94:04:bd:83:80:21:cb:72:7b:
df:c9:d1:71:e7:57:6c:c8:08:ad:b2:bb:66:ce:62:
91:18:83:38:de:5b:16:33:c3:b5:6b:e4:74:bb:35:
dc:30:69:f7:5b:48:82:94:b0:b7:c6:72:88:0c:ea:
bf:1a:0d:8b:e7:f5:81:c6:11:36:2a:38:48:c0:34:
49:76:c5:bd:29:da:cb:af:77:05:d7:19:5d:1c:3d:
40:29:0b:88:74:21:e9:65:d0:28:b6:af:26:7e:b0:
0a:0f:d9:58:e6:84:b5:73:82:92:5d:cc:47:2c:17:
b7:bc:76:51:4e:94:e9:79:74:cf:65:79:4c:ec:f8:
89:ba:b0:2e:95:4e:96:00:24:98:d2:d4:bd:ca:7d:
ce:8d:9f:c1:22:ee:a3:23:34:15:ba:c8:66:86:d4:
1a:a8:54:d5:14:4a:b1:c9:43:1e:d2:50:02:ec:3d:
69:90:81:b9:52:3b:e6:06:e8:ae:6a:ed:eb:38:87:
5b:17:c9:3b:a5:a3:17:f0:7c:7d:96:23:b7:c8:e5:
fc:aa:2e:77:99:0f:9a:38:e3:78:00:b7:93:ae:9c:
50:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3A:BB:1D:FD:FC:43:4C:CF:8F:DD:DA:2D:30:B5:76:88:7F:A9:65
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/JDq7Hf38Q0zPj93aLTC1doh_qWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.112.128.0/24
153.112.195.0/24
153.112.200.0/24
153.112.205.0/24
153.112.216.0/23
153.112.223.0-153.112.231.255
192.131.25.0/24
192.157.12.0-192.157.17.255
193.53.25.0/24
193.53.29.0/24
Signature Algorithm: sha256WithRSAEncryption
89:05:17:19:bc:57:2d:b8:d4:f5:25:83:f7:3d:4a:f8:71:d2:
48:01:3a:1a:5b:2b:8b:85:4a:a1:20:ea:c1:18:4c:fd:7b:2b:
1d:c3:95:ab:ae:4c:f8:15:d3:99:c7:8e:d1:98:a8:79:59:60:
aa:57:27:bc:ad:c9:ec:fa:92:86:41:5b:47:6a:b3:eb:07:95:
94:83:1a:12:ca:86:28:93:06:2c:66:f5:f6:b6:52:00:5b:7c:
63:3e:14:33:7f:57:92:64:05:ee:e0:ca:66:de:05:ce:eb:f1:
7a:6c:b5:1c:bf:78:07:0d:f8:b0:4e:0d:04:0b:2f:e2:87:ca:
1c:bb:66:44:a9:12:4d:e8:b9:41:9d:57:8a:48:18:81:b1:87:
7a:d8:c3:71:19:15:f4:d1:ea:ae:5d:7b:08:cc:3b:14:9e:18:
b6:3e:0c:4c:e8:ea:8a:f4:30:80:6b:47:89:4e:5a:6a:81:58:
0a:d0:26:62:b9:19:8f:eb:ca:cd:9e:51:b3:2c:63:7b:63:1d:
28:7d:a7:86:64:f4:99:fa:0d:f4:35:cf:3a:0b:b2:ba:59:72:
1e:45:fc:0c:4c:f9:a6:c0:67:4f:8d:43:a0:e7:ea:a7:dc:4b:
59:66:b8:be:aa:a3:8c:72:08:c9:ad:8b:e6:1a:bc:1d:6a:76:
b8:25:a4:25
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZN4fJIDTyMRjrDH6HBy3MUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjQxMTI5MTUxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDNhYmIxZGZkZmM0MzRjY2Y4ZmRkZGEyZDMwYjU3Njg4N2ZhOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qwwImF1vEHyE72A0guivi9OkrVP
s6dbjSVyTsttpHTAoySUBL2DgCHLcnvfydFx51dsyAitsrtmzmKRGIM43lsWM8O1
a+R0uzXcMGn3W0iClLC3xnKIDOq/Gg2L5/WBxhE2KjhIwDRJdsW9KdrLr3cF1xld
HD1AKQuIdCHpZdAotq8mfrAKD9lY5oS1c4KSXcxHLBe3vHZRTpTpeXTPZXlM7PiJ
urAulU6WACSY0tS9yn3OjZ/BIu6jIzQVushmhtQaqFTVFEqxyUMe0lAC7D1pkIG5
UjvmBuiuau3rOIdbF8k7paMX8Hx9liO3yOX8qi53mQ+aOON4ALeTrpxQSQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCQ6ux39/ENMz4/d2i0wtXaIf6llMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvSkRxN0hmMzhRMHpQajkzYUxUQzFkb2hfcVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAmXCAAwQA
mXDDAwQAmXDIAwQAmXDNAwQBmXDYMAwDBACZcN8DBAOZcOADBADAgxkwDAMEAsCd
DAMEAcCdEAMEAME1GQMEAME1HTANBgkqhkiG9w0BAQsFAAOCAQEAiQUXGbxXLbjU
9SWD9z1K+HHSSAE6Glsri4VKoSDqwRhM/XsrHcOVq65M+BXTmceO0ZioeVlgqlcn
vK3J7PqShkFbR2qz6weVlIMaEsqGKJMGLGb19rZSAFt8Yz4UM39XkmQF7uDKZt4F
zuvxemy1HL94Bw34sE4NBAsv4ofKHLtmRKkSTei5QZ1XikgYgbGHetjDcRkV9NHq
rl17CMw7FJ4Ytj4MTOjqivQwgGtHiU5aaoFYCtAmYrkZj+vKzZ5Rsyxje2MdKH2n
hmT0mfoN9DXPOguyullyHkX8DEz5psBnT41DoOfqp9xLWWa4vqqjjHIIya2L5hq8
HWp2uCWkJQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:10:01 2025 by rpki-client