Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/jgoyHd1HJ8VnY7HRRaUGc6O6r6k.roa
File: jgoyHd1HJ8VnY7HRRaUGc6O6r6k.roa (raw, json)
Hash identifier: VSkPdorjnOIIi+X60VwI3ok/ZlK57bRXqNDUO3yrZW8=
Subject key identifier: 8E:0A:32:1D:DD:47:27:C5:67:63:B1:D1:45:A5:06:73:A3:BA:AF:A9
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018CCA2B32A66816408407F9F55040F9C5EC
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/jgoyHd1HJ8VnY7HRRaUGc6O6r6k.roa
Signing time: Tue 02 Jan 2024 12:34:37 +0000
ROA not before: Tue 02 Jan 2024 12:34:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 123.253.212.0/24 maxlen: 24
46.175.130.0/24 maxlen: 24
185.110.63.0/24 maxlen: 24
123.253.213.0/24 maxlen: 24
141.98.139.0/24 maxlen: 24
141.98.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 20:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:32:a6:68:16:40:84:07:f9:f5:50:40:f9:c5:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Jan 2 12:34:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e0a321ddd4727c56763b1d145a50673a3baafa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f0:81:d3:13:f3:66:e2:b8:3d:6e:bb:ea:c0:
de:2a:7d:74:02:8b:87:55:22:9b:c8:0b:f8:a3:e9:
49:a3:61:42:8e:01:24:2e:3e:b7:3c:09:dd:c6:3b:
ba:9c:7d:28:e2:c3:a8:23:5c:b6:ac:ea:70:f7:83:
0d:34:84:bc:62:dc:e8:c5:1e:95:7b:20:eb:9e:36:
fa:af:d7:f3:12:96:2e:5c:1c:be:14:93:0f:c3:4e:
2a:48:e2:63:a0:b4:bb:cd:a9:18:1a:5d:52:b3:fb:
06:87:8f:1a:ef:48:7c:3c:2e:b3:e3:a1:a5:1f:c3:
70:fa:36:38:09:20:75:65:23:43:95:ee:41:86:9b:
de:1a:fd:0e:c5:72:fd:05:d3:86:33:10:ae:a3:0c:
a8:51:d2:8b:d2:93:66:b6:59:d4:46:a0:8d:c9:f4:
8c:68:5c:8a:bf:15:0d:c0:ac:80:e7:d3:ed:68:d8:
f8:eb:8a:6f:b8:77:e3:17:6b:e4:23:46:68:c8:80:
57:30:06:5f:00:c8:b0:e9:2f:db:b9:80:a4:6d:b9:
bf:0d:41:db:dd:d5:8c:10:fe:a5:de:95:4a:5c:9d:
27:93:d6:61:20:16:e0:56:f7:65:93:b3:da:d0:75:
09:40:ef:3b:36:a2:4c:e8:ff:09:12:2c:ea:8f:62:
4c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:0A:32:1D:DD:47:27:C5:67:63:B1:D1:45:A5:06:73:A3:BA:AF:A9
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/jgoyHd1HJ8VnY7HRRaUGc6O6r6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.130.0/24
123.253.212.0/23
141.98.137.0/24
141.98.139.0/24
185.110.63.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:6a:91:5b:90:1c:e7:da:6e:10:80:b4:87:31:dc:95:7c:53:
af:f5:41:19:24:82:19:bb:7e:47:06:b1:c1:b7:36:f6:81:7d:
08:79:d7:13:01:68:d2:05:f3:f3:2d:79:ba:1b:46:fd:78:1e:
1d:fc:15:0e:f8:f1:46:87:7e:92:b8:3f:4d:6c:e5:26:45:f8:
9a:14:7a:5f:26:ef:9d:f6:49:68:6e:6d:cb:ad:76:4f:c0:2b:
2f:1b:20:55:07:1d:da:69:b6:27:88:fd:eb:57:1e:f4:43:d9:
2e:99:39:68:75:00:7b:b7:50:94:22:d7:96:35:91:ad:cb:dd:
4c:fc:0a:6e:e9:57:f2:15:a6:14:3b:3f:9e:72:b8:b7:6d:0e:
8b:f6:92:01:e8:fb:5f:05:76:9d:c2:f3:96:e9:1a:58:ca:4e:
dc:1c:1c:77:60:b7:72:75:cd:a3:fe:58:71:d3:96:93:e8:09:
fb:b2:4e:c1:02:26:5a:c1:e7:40:81:2a:38:7d:fc:4b:8c:c3:
be:5a:4b:05:b5:4d:a5:0b:82:80:fa:a6:2b:2e:00:26:22:20:
25:09:5f:05:f8:e7:6a:8e:d5:f5:c9:9a:ff:52:2b:45:01:0c:
23:a5:61:fa:90:b1:ad:6d:ae:73:7e:22:4f:94:d8:bf:7c:9e:
dc:a0:d0:34
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKKzKmaBZAhAf59VBA+cXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjQwMTAyMTIzNDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTBhMzIxZGRkNDcyN2M1Njc2M2IxZDE0NWE1MDY3M2EzYmFhZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/CB0xPzZuK4PW676sDeKn10AouH
VSKbyAv4o+lJo2FCjgEkLj63PAndxju6nH0o4sOoI1y2rOpw94MNNIS8YtzoxR6V
eyDrnjb6r9fzEpYuXBy+FJMPw04qSOJjoLS7zakYGl1Ss/sGh48a70h8PC6z46Gl
H8Nw+jY4CSB1ZSNDle5BhpveGv0OxXL9BdOGMxCuowyoUdKL0pNmtlnURqCNyfSM
aFyKvxUNwKyA59PtaNj464pvuHfjF2vkI0ZoyIBXMAZfAMiw6S/buYCkbbm/DUHb
3dWMEP6l3pVKXJ0nk9ZhIBbgVvdlk7Pa0HUJQO87NqJM6P8JEizqj2JMcQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI4KMh3dRyfFZ2Ox0UWlBnOjuq+pMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvamdveUhkMUhKOFZuWTdIUlJhVUdjNk82cjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALq+CAwQB
e/3UAwQAjWKJAwQAjWKLAwQAuW4/MA0GCSqGSIb3DQEBCwUAA4IBAQBPapFbkBzn
2m4QgLSHMdyVfFOv9UEZJIIZu35HBrHBtzb2gX0IedcTAWjSBfPzLXm6G0b9eB4d
/BUO+PFGh36SuD9NbOUmRfiaFHpfJu+d9klobm3LrXZPwCsvGyBVBx3aabYniP3r
Vx70Q9kumTlodQB7t1CUIteWNZGty91M/Apu6VfyFaYUOz+ecri3bQ6L9pIB6Ptf
BXadwvOW6RpYyk7cHBx3YLdydc2j/lhx05aT6An7sk7BAiZawedAgSo4ffxLjMO+
WksFtU2lC4KA+qYrLgAmIiAlCV8F+OdqjtX1yZr/UitFAQwjpWH6kLGtba5zfiJP
lNi/fJ7coNA0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:54 2025 by rpki-client