Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/JQy2lxMegD07vKdF0t1BKo0bX_s.roa
File: JQy2lxMegD07vKdF0t1BKo0bX_s.roa (raw, json)
Hash identifier: bxnR8u/1NZTUX5hsqCfW3IsLC/W2HpsaF33+m8c8N2k=
Subject key identifier: 25:0C:B6:97:13:1E:80:3D:3B:BC:A7:45:D2:DD:41:2A:8D:1B:5F:FB
Certificate issuer: /CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Certificate serial: 01928F2A602F76DB77CA3A731DD546B0C43E
Authority key identifier: 56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/JQy2lxMegD07vKdF0t1BKo0bX_s.roa
Signing time: Tue 15 Oct 2024 07:52:51 +0000
ROA not before: Tue 15 Oct 2024 07:52:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215419
IP address blocks: 195.234.80.0/25 maxlen: 25
2a13:7b40:40::/48 maxlen: 48
2a13:7b40:51::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 15 Oct 2024 19:18:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:2a:60:2f:76:db:77:ca:3a:73:1d:d5:46:b0:c4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Validity
Not Before: Oct 15 07:52:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=250cb697131e803d3bbca745d2dd412a8d1b5ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:66:f9:97:ec:ab:c8:e2:2d:6c:96:1f:6b:14:
5c:8f:62:1c:7c:3e:d8:45:46:75:1e:45:41:8b:50:
be:11:9c:50:ab:f7:82:2f:61:79:d5:68:e7:27:d9:
91:a8:fd:11:86:65:dc:d5:75:0c:90:9c:0f:a0:9a:
dc:c7:73:c3:8d:1e:07:b9:57:c9:63:15:43:dd:2a:
3c:52:76:93:18:f0:c8:d5:1b:ff:ce:90:64:a8:1d:
97:80:66:b4:d3:0f:ff:d9:37:ac:fc:a1:13:3b:c0:
d0:d3:2d:b0:f6:a3:03:61:72:42:c0:33:46:4a:ee:
18:42:5b:9f:12:2c:43:ed:38:24:b4:4d:ca:c9:df:
36:80:5c:15:d2:b3:93:ca:ea:09:d2:d6:e7:64:1e:
92:9e:f5:75:8c:94:27:5b:84:95:51:06:5c:94:23:
a4:5d:22:aa:56:fc:ae:96:5c:2e:fc:07:ca:8e:a6:
ee:b5:4e:bb:81:7c:13:f6:34:35:e0:23:e7:c5:de:
bb:14:82:f4:a4:41:e6:c9:06:bf:a9:9a:c7:59:58:
50:8a:e2:ac:6d:41:b5:70:c7:cc:71:d0:e4:d6:97:
7e:3f:47:14:08:75:ed:d4:fd:de:d0:19:c7:7e:63:
13:eb:3a:3f:58:63:06:0b:81:f7:23:4a:54:d1:6b:
da:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0C:B6:97:13:1E:80:3D:3B:BC:A7:45:D2:DD:41:2A:8D:1B:5F:FB
X509v3 Authority Key Identifier:
keyid:56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/JQy2lxMegD07vKdF0t1BKo0bX_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.80.0/25
IPv6:
2a13:7b40:40::/48
2a13:7b40:51::/48
Signature Algorithm: sha256WithRSAEncryption
8e:6b:a5:c9:7d:04:a6:3d:57:7f:f8:bc:d0:dd:a7:e8:58:65:
02:17:ad:0c:1c:c3:2c:22:ee:c6:ad:da:12:18:f3:5e:42:ad:
0d:2a:b0:a8:71:4d:d0:af:02:ef:6b:9a:28:12:71:fc:75:32:
a4:5d:65:5d:36:03:89:9a:ec:f8:b7:88:b3:3a:e4:92:01:3f:
d3:66:c2:23:e2:05:9b:cc:1f:1b:a0:d7:07:d7:0c:80:1a:a7:
40:6e:5d:4a:ea:c1:f6:47:42:83:a9:d7:6f:d1:0d:7f:f7:01:
49:e1:04:58:9d:e9:63:97:84:77:19:c8:fc:c1:c5:d1:fd:c7:
69:a9:f1:d3:d6:41:25:35:34:6f:62:4c:5a:a1:04:ba:6e:20:
d2:a5:1b:21:e6:ed:74:e5:68:2d:94:ae:06:72:38:80:fa:70:
a5:8c:87:26:92:a1:d3:06:9e:da:d1:37:37:eb:36:e8:bc:a0:
e3:4b:28:07:f5:5a:5e:7f:a5:1d:1d:f5:fb:f0:75:df:50:0b:
4c:76:0d:43:7b:a1:ba:42:5d:73:14:c5:17:df:80:a6:a5:d6:
a2:4b:24:16:82:7e:62:a5:9f:79:74:19:39:cf:a4:1a:41:95:
d7:62:e3:ea:7a:04:b7:81:0b:09:d4:3a:da:fd:e3:7f:23:40:
e5:31:da:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZKPKmAvdtt3yjpzHdVGsMQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ODhiNDIxNzVkNjIxNGEzMWE1NDA3ZGI4YjZjOTVmMWVj
NjBkNGUwHhcNMjQxMDE1MDc1MjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTBjYjY5NzEzMWU4MDNkM2JiY2E3NDVkMmRkNDEyYThkMWI1ZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGb5l+yryOItbJYfaxRcj2IcfD7Y
RUZ1HkVBi1C+EZxQq/eCL2F51WjnJ9mRqP0RhmXc1XUMkJwPoJrcx3PDjR4HuVfJ
YxVD3So8UnaTGPDI1Rv/zpBkqB2XgGa00w//2Tes/KETO8DQ0y2w9qMDYXJCwDNG
Su4YQlufEixD7TgktE3Kyd82gFwV0rOTyuoJ0tbnZB6SnvV1jJQnW4SVUQZclCOk
XSKqVvyullwu/AfKjqbutU67gXwT9jQ14CPnxd67FIL0pEHmyQa/qZrHWVhQiuKs
bUG1cMfMcdDk1pd+P0cUCHXt1P3e0BnHfmMT6zo/WGMGC4H3I0pU0WvaYQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCUMtpcTHoA9O7ynRdLdQSqNG1/7MB8GA1UdIwQY
MBaAFFaItCF11iFKMaVAfbi2yV8exg1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQt
OWY5NDJiYzEyYTdlLzEvSlF5Mmx4TWVnRDA3dktkRjB0MUJLbzBiWF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQtOWY5NDJiYzEyYTdl
LzEvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTANBAIAATAHAwUHw+pQADAY
BAIAAjASAwcAKhN7QABAAwcAKhN7QABRMA0GCSqGSIb3DQEBCwUAA4IBAQCOa6XJ
fQSmPVd/+LzQ3afoWGUCF60MHMMsIu7GrdoSGPNeQq0NKrCocU3QrwLva5ooEnH8
dTKkXWVdNgOJmuz4t4izOuSSAT/TZsIj4gWbzB8boNcH1wyAGqdAbl1K6sH2R0KD
qddv0Q1/9wFJ4QRYneljl4R3Gcj8wcXR/cdpqfHT1kElNTRvYkxaoQS6biDSpRsh
5u105WgtlK4GcjiA+nCljIcmkqHTBp7a0Tc36zbovKDjSygH9Vpef6UdHfX78HXf
UAtMdg1De6G6Ql1zFMUX34CmpdaiSyQWgn5ipZ95dBk5z6QaQZXXYuPqegS3gQsJ
1Dra/eN/I0DlMdoG
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:04:22 2025 by rpki-client