Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/jeZWbJHlesOQs5t5O7qVybC9M9k.roa
File: jeZWbJHlesOQs5t5O7qVybC9M9k.roa (raw, json)
Hash identifier: J94VtexBNSXOlZ98RyVjw3l9T3/7OclAoyf8AKsaW7k=
Subject key identifier: 8D:E6:56:6C:91:E5:7A:C3:90:B3:9B:79:3B:BA:95:C9:B0:BD:33:D9
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018CC348F7B4C76C157299B5AF3C75B06787
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/jeZWbJHlesOQs5t5O7qVybC9M9k.roa
Signing time: Mon 01 Jan 2024 04:29:48 +0000
ROA not before: Mon 01 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8991
IP address blocks: 83.212.250.0/24 maxlen: 24
83.212.249.0/24 maxlen: 24
195.251.36.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f7:b4:c7:6c:15:72:99:b5:af:3c:75:b0:67:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8de6566c91e57ac390b39b793bba95c9b0bd33d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2b:08:bf:ad:6f:91:28:d5:01:18:54:bd:91:
76:5f:38:50:44:bb:a5:ca:c7:da:4a:02:69:39:23:
79:4f:b2:2d:cb:9e:49:2c:a5:26:8a:cf:05:5c:0a:
2d:23:c7:b8:7b:b9:b8:c1:ca:83:7e:86:7c:15:18:
69:75:22:06:79:67:ad:44:2a:71:81:80:47:cb:5d:
19:96:7c:4a:52:f3:8a:ce:80:2c:3f:32:42:a1:db:
59:15:37:d5:75:a1:bc:d3:b7:1c:0e:2b:e3:cd:be:
a3:dc:9d:e8:46:ba:76:ac:da:3e:77:d7:34:91:b0:
3b:0b:86:2a:47:b3:98:76:0c:6a:81:47:2c:26:89:
3e:5e:74:ef:04:da:e7:c5:49:17:a9:dc:31:94:86:
a1:94:a7:54:2a:58:bd:91:98:e6:ee:f8:24:48:53:
54:60:54:9a:40:72:3f:3d:36:19:88:0a:bc:f8:69:
30:b0:30:bf:2b:ed:fe:6d:3d:2c:27:38:7f:a2:a5:
74:ab:6f:a2:50:c3:3d:52:b3:c4:cd:d3:8d:2f:32:
e1:0a:c4:90:5c:03:90:19:48:b4:26:90:e5:66:bc:
3a:89:0e:2b:7b:14:2d:80:2d:b9:3f:b3:da:26:7e:
54:5d:d1:93:e1:6f:f3:18:bb:cc:ee:08:e4:72:cc:
32:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E6:56:6C:91:E5:7A:C3:90:B3:9B:79:3B:BA:95:C9:B0:BD:33:D9
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/jeZWbJHlesOQs5t5O7qVybC9M9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.212.249.0-83.212.250.255
195.251.36.0/23
Signature Algorithm: sha256WithRSAEncryption
38:3a:c3:14:f7:bf:2f:1c:f9:75:6d:4e:75:82:c2:db:0b:38:
ff:d5:04:3c:47:8f:35:b8:0f:e3:22:52:e3:47:b3:8d:9e:06:
d3:78:6a:3f:a5:52:ab:fd:18:6b:e4:fa:b6:e4:98:af:79:d9:
0e:d0:23:c9:10:62:db:db:19:96:d2:34:6e:0b:e3:b8:d4:a2:
7a:52:54:5c:fb:ce:1d:be:b3:56:9a:e1:0a:2e:87:49:00:a6:
9d:d9:92:7b:25:5a:fc:7b:99:66:80:e9:8d:7a:42:65:f2:17:
4d:b0:83:63:72:9b:97:91:b0:36:c5:17:3f:66:79:b6:d3:61:
01:8c:16:49:29:32:2d:c1:88:f2:82:f8:c5:89:5c:41:f8:22:
5c:05:ce:83:51:ca:66:fc:29:b6:99:87:58:4f:fd:d0:4f:b3:
dd:d6:05:60:4c:8d:fe:d6:ac:f3:1d:a8:2c:76:29:8a:c8:59:
1f:cd:b5:7e:30:9a:b8:86:e7:af:ce:3f:70:37:a3:65:6d:3e:
c2:d7:ca:92:f6:e0:11:52:32:52:02:09:6a:04:95:4d:7d:14:
d3:a8:7c:0b:cb:84:00:57:bb:03:9b:7e:86:ee:4d:c2:d4:64:
c1:5a:4b:a3:38:1f:7e:e5:43:6f:c8:92:58:0e:42:eb:73:6a:
45:d4:67:f7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzDSPe0x2wVcpm1rzx1sGeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGU2NTY2YzkxZTU3YWMzOTBiMzliNzkzYmJhOTVjOWIwYmQzM2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SsIv61vkSjVARhUvZF2XzhQRLul
ysfaSgJpOSN5T7Ity55JLKUmis8FXAotI8e4e7m4wcqDfoZ8FRhpdSIGeWetRCpx
gYBHy10ZlnxKUvOKzoAsPzJCodtZFTfVdaG807ccDivjzb6j3J3oRrp2rNo+d9c0
kbA7C4YqR7OYdgxqgUcsJok+XnTvBNrnxUkXqdwxlIahlKdUKli9kZjm7vgkSFNU
YFSaQHI/PTYZiAq8+GkwsDC/K+3+bT0sJzh/oqV0q2+iUMM9UrPEzdONLzLhCsSQ
XAOQGUi0JpDlZrw6iQ4rexQtgC25P7PaJn5UXdGT4W/zGLvM7gjkcswy5wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI3mVmyR5XrDkLObeTu6lcmwvTPZMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvamVaV2JKSGxlc09RczV0NU83cVZ5YkM5TTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABT1PkD
BABT1PoDBAHD+yQwDQYJKoZIhvcNAQELBQADggEBADg6wxT3vy8c+XVtTnWCwtsL
OP/VBDxHjzW4D+MiUuNHs42eBtN4aj+lUqv9GGvk+rbkmK952Q7QI8kQYtvbGZbS
NG4L47jUonpSVFz7zh2+s1aa4Qouh0kApp3ZknslWvx7mWaA6Y16QmXyF02wg2Ny
m5eRsDbFFz9mebbTYQGMFkkpMi3BiPKC+MWJXEH4IlwFzoNRymb8KbaZh1hP/dBP
s93WBWBMjf7WrPMdqCx2KYrIWR/NtX4wmriG56/OP3A3o2VtPsLXypL24BFSMlIC
CWoElU19FNOofAvLhABXuwObfobuTcLUZMFaS6M4H37lQ2/IklgOQutzakXUZ/c=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:00 2025 by rpki-client