Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/jFJSSkgb6c2DjoKgNUqvt1GZFuQ.roa
File: jFJSSkgb6c2DjoKgNUqvt1GZFuQ.roa (raw, json)
Hash identifier: MmwIuqNlvWE6o2TLV+NHY9+ngIyDNzmEBM7E1FiPp4M=
Subject key identifier: 8C:52:52:4A:48:1B:E9:CD:83:8E:82:A0:35:4A:AF:B7:51:99:16:E4
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 0193300627AA14B9FE7F931DE4D21EE3388A
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/jFJSSkgb6c2DjoKgNUqvt1GZFuQ.roa
Signing time: Fri 15 Nov 2024 13:32:09 +0000
ROA not before: Fri 15 Nov 2024 13:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 109.107.145.0/24 maxlen: 24
2a0a:d6c0:145::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:06:27:aa:14:b9:fe:7f:93:1d:e4:d2:1e:e3:38:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Nov 15 13:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c52524a481be9cd838e82a0354aafb7519916e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:37:85:71:78:58:be:88:f4:3c:33:4e:07:02:
ae:5f:fc:b4:d1:ed:ee:dc:5e:4d:f8:50:47:93:e9:
6b:48:3e:ac:f9:5e:67:18:b4:f0:77:38:01:72:f2:
f9:dd:cd:9b:72:dd:d0:0d:01:bc:04:3b:84:44:e6:
6c:69:10:4b:de:18:d1:35:e4:7a:28:73:26:d3:03:
88:df:8a:9a:4a:83:fd:8f:04:44:07:ac:12:03:8d:
75:ac:b2:7c:31:13:d4:37:37:db:0d:a1:34:1e:16:
89:8c:85:da:ea:1b:69:52:b7:e1:a5:bc:6a:94:d0:
0b:39:64:7c:b7:27:cb:85:48:35:72:4b:ce:f2:9c:
48:89:4f:15:04:3d:db:54:68:e5:5c:30:f4:e9:be:
44:cc:07:9d:2a:fe:61:bb:d5:6d:fa:fc:03:8b:b8:
77:b8:3d:04:a1:0e:47:10:57:80:0e:ed:3c:ab:aa:
aa:f8:ed:fc:70:2e:fe:ed:77:1c:99:24:81:90:77:
db:16:73:85:50:d7:d8:ed:e0:13:ea:44:82:bb:64:
bf:e9:26:bf:15:45:69:d9:78:20:c5:be:73:ec:9a:
a6:93:6a:66:94:8d:e0:58:40:d5:17:bf:28:d1:e1:
2e:e6:ed:c1:0e:00:d4:ae:99:aa:d3:30:a9:c4:e8:
41:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:52:52:4A:48:1B:E9:CD:83:8E:82:A0:35:4A:AF:B7:51:99:16:E4
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/jFJSSkgb6c2DjoKgNUqvt1GZFuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.145.0/24
IPv6:
2a0a:d6c0:145::/48
Signature Algorithm: sha256WithRSAEncryption
0c:6d:70:05:9c:77:2c:df:6c:87:b7:71:34:f5:04:fa:0d:2b:
dc:44:88:d1:f7:65:10:87:26:c7:23:59:8b:46:f9:c8:dd:6c:
ea:8e:77:97:52:52:9a:ea:a6:af:35:59:80:d2:f4:3b:fc:b8:
91:9b:a7:2e:ab:fa:2e:85:ab:58:c3:8b:9e:d6:0d:a0:0d:a7:
be:78:31:fa:50:07:23:f1:60:f5:6c:70:86:66:eb:24:ff:ab:
21:8e:4b:5e:3c:fe:c9:78:fa:be:a4:9d:75:f1:a3:49:da:ef:
81:b0:9c:07:1f:45:64:4e:b0:1c:5a:e2:2a:f6:01:f7:8c:f8:
29:30:ef:74:7e:4f:6e:89:83:98:f4:e4:3e:e8:5d:1c:c5:e9:
06:7f:6a:51:94:a5:00:9d:0f:2f:39:9e:f5:69:f2:7f:d5:83:
25:d8:93:a8:2a:d8:98:2f:12:db:6e:e3:c7:ea:ef:bc:22:9f:
76:9d:87:7e:b2:2f:a4:05:6d:17:d7:1f:07:06:45:ad:e2:85:
df:0d:29:de:13:59:29:b1:5f:b2:eb:79:1a:3f:1d:f9:36:56:
8e:c7:d0:fe:14:af:81:80:15:a7:bd:13:74:9f:38:57:a5:57:
9f:e8:dd:d5:93:f9:b5:36:f0:f7:33:ec:20:27:82:44:cc:35:
50:f9:7c:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZMwBieqFLn+f5Md5NIe4ziKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjQxMTE1MTMzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzUyNTI0YTQ4MWJlOWNkODM4ZTgyYTAzNTRhYWZiNzUxOTkxNmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujeFcXhYvoj0PDNOBwKuX/y00e3u
3F5N+FBHk+lrSD6s+V5nGLTwdzgBcvL53c2bct3QDQG8BDuEROZsaRBL3hjRNeR6
KHMm0wOI34qaSoP9jwREB6wSA411rLJ8MRPUNzfbDaE0HhaJjIXa6htpUrfhpbxq
lNALOWR8tyfLhUg1ckvO8pxIiU8VBD3bVGjlXDD06b5EzAedKv5hu9Vt+vwDi7h3
uD0EoQ5HEFeADu08q6qq+O38cC7+7XccmSSBkHfbFnOFUNfY7eAT6kSCu2S/6Sa/
FUVp2Xggxb5z7Jqmk2pmlI3gWEDVF78o0eEu5u3BDgDUrpmq0zCpxOhBLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIxSUkpIG+nNg46CoDVKr7dRmRbkMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvakZKU1NrZ2I2YzJEam9LZ05VcXZ0MUdaRnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAbWuRMA8E
AgACMAkDBwAqCtbAAUUwDQYJKoZIhvcNAQELBQADggEBAAxtcAWcdyzfbIe3cTT1
BPoNK9xEiNH3ZRCHJscjWYtG+cjdbOqOd5dSUprqpq81WYDS9Dv8uJGbpy6r+i6F
q1jDi57WDaANp754MfpQByPxYPVscIZm6yT/qyGOS148/sl4+r6knXXxo0na74Gw
nAcfRWROsBxa4ir2AfeM+Ckw73R+T26Jg5j05D7oXRzF6QZ/alGUpQCdDy85nvVp
8n/VgyXYk6gq2JgvEttu48fq77win3adh36yL6QFbRfXHwcGRa3ihd8NKd4TWSmx
X7LreRo/Hfk2Vo7H0P4Ur4GAFae9E3SfOFelV5/o3dWT+bU28Pcz7CAngkTMNVD5
fGY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:04:04 2025 by rpki-client