Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/0b55ab-acc8-41da-9c80-e8f20aadde99/1/jpDX3EMOQCvRVM5Xp9riwofhH4s.roa
File: jpDX3EMOQCvRVM5Xp9riwofhH4s.roa (raw, json)
Hash identifier: v4f+dMC/JbZsW4L9eHFGtOl/1fyzF5N8LgXPHOFoWfQ=
Subject key identifier: 8E:90:D7:DC:43:0E:40:2B:D1:54:CE:57:A7:DA:E2:C2:87:E1:1F:8B
Certificate issuer: /CN=dd158a0da03266df144c89a7b6e35a761c4998f7
Certificate serial: 01941F8C5E0D5849172AA2B3F9CEA043583D
Authority key identifier: DD:15:8A:0D:A0:32:66:DF:14:4C:89:A7:B6:E3:5A:76:1C:49:98:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3RWKDaAyZt8UTImntuNadhxJmPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/0b55ab-acc8-41da-9c80-e8f20aadde99/1/jpDX3EMOQCvRVM5Xp9riwofhH4s.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201364
IP address blocks: 46.36.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 22:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5e:0d:58:49:17:2a:a2:b3:f9:ce:a0:43:58:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd158a0da03266df144c89a7b6e35a761c4998f7
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e90d7dc430e402bd154ce57a7dae2c287e11f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:5a:0c:6d:86:99:89:09:42:e5:8d:38:a1:
bc:01:1c:3d:cd:b4:d1:12:05:bd:93:74:ce:04:72:
56:93:22:66:75:3b:70:c3:3d:be:7d:49:f0:51:2a:
3e:26:67:5b:9c:83:b3:29:58:cc:70:ef:ff:cd:ad:
7c:4a:2b:16:f4:56:51:ca:a0:00:0e:4f:90:b1:8c:
16:9b:b2:9a:ab:20:ca:fd:54:9e:b5:64:79:fd:f4:
d1:f5:61:68:db:a3:a4:32:d9:7a:99:01:84:12:33:
a3:50:79:c8:2b:a5:61:2a:10:81:92:8c:58:11:bc:
2e:8f:79:0b:26:70:21:df:52:1c:64:10:40:f3:e3:
c8:8e:4e:4e:91:84:7c:51:6a:bd:61:c9:81:d0:f7:
42:22:e8:eb:2e:d1:dc:e4:8f:9b:20:69:58:e4:a9:
bb:9e:dc:62:a9:b3:0a:89:c8:dc:bb:9c:0f:5e:4b:
5f:11:e0:05:f1:4b:ea:6e:c2:59:ad:d7:99:bb:5b:
d9:20:32:83:b5:ac:c2:5a:f6:66:b4:58:6a:d2:b8:
8c:9e:17:35:1e:06:0c:d2:97:9b:9c:88:a5:28:81:
3b:02:a4:d6:12:a5:8d:18:01:80:76:57:b9:26:82:
92:61:f8:0c:56:53:f9:ab:b2:44:53:9a:6b:2f:f8:
58:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:90:D7:DC:43:0E:40:2B:D1:54:CE:57:A7:DA:E2:C2:87:E1:1F:8B
X509v3 Authority Key Identifier:
keyid:DD:15:8A:0D:A0:32:66:DF:14:4C:89:A7:B6:E3:5A:76:1C:49:98:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3RWKDaAyZt8UTImntuNadhxJmPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/0b55ab-acc8-41da-9c80-e8f20aadde99/1/jpDX3EMOQCvRVM5Xp9riwofhH4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/0b55ab-acc8-41da-9c80-e8f20aadde99/1/3RWKDaAyZt8UTImntuNadhxJmPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.200.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:5b:81:4f:ab:1f:0f:6a:cd:2f:1c:68:e4:56:2b:72:52:da:
90:cf:43:ef:94:95:30:cd:bd:e7:1c:d0:45:d9:34:56:95:4e:
4b:c8:8d:4c:7e:3a:c9:f6:d6:3a:fd:be:bf:b3:3e:58:82:e9:
a0:e8:12:66:be:f3:93:8d:24:d7:40:dd:80:dc:61:dc:36:ee:
e5:fc:2b:0e:25:3a:03:00:f8:09:d9:91:c6:fb:41:22:9d:55:
f4:e5:bf:6e:33:29:6b:f7:8d:7a:7d:dc:d7:7a:be:1c:e9:8f:
31:01:42:c6:4c:5a:77:67:d7:19:20:ab:a6:b5:16:85:87:a5:
71:cd:15:e6:5c:4c:be:b2:1c:93:78:6f:25:81:df:43:57:46:
81:fd:6e:32:c4:8a:b3:d9:48:2b:03:77:6f:9c:4a:a6:6b:10:
96:11:2e:2e:5e:9b:3e:e2:a7:5a:44:13:49:55:da:53:c9:b8:
a2:1e:ad:cc:a4:2b:cf:6c:3b:cf:31:d1:03:69:d6:99:e4:ef:
8a:78:ea:e6:95:60:ff:c0:ac:51:14:d0:79:eb:99:bf:af:fd:
74:d7:22:37:22:67:37:8e:af:ef:76:b7:57:c8:1d:a4:04:0f:
c9:34:50:16:e6:fc:08:8a:7c:56:b1:b4:5b:da:db:ca:0b:52:
32:9d:a5:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjF4NWEkXKqKz+c6gQ1g9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTU4YTBkYTAzMjY2ZGYxNDRjODlhN2I2ZTM1YTc2MWM0
OTk4ZjcwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTkwZDdkYzQzMGU0MDJiZDE1NGNlNTdhN2RhZTJjMjg3ZTExZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPlaDG2GmYkJQuWNOKG8ARw9zbTR
EgW9k3TOBHJWkyJmdTtwwz2+fUnwUSo+JmdbnIOzKVjMcO//za18SisW9FZRyqAA
Dk+QsYwWm7KaqyDK/VSetWR5/fTR9WFo26OkMtl6mQGEEjOjUHnIK6VhKhCBkoxY
Ebwuj3kLJnAh31IcZBBA8+PIjk5OkYR8UWq9YcmB0PdCIujrLtHc5I+bIGlY5Km7
ntxiqbMKicjcu5wPXktfEeAF8UvqbsJZrdeZu1vZIDKDtazCWvZmtFhq0riMnhc1
HgYM0pebnIilKIE7AqTWEqWNGAGAdle5JoKSYfgMVlP5q7JEU5prL/hYOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI6Q19xDDkAr0VTOV6fa4sKH4R+LMB8GA1UdIwQY
MBaAFN0Vig2gMmbfFEyJp7bjWnYcSZj3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JXS0RhQXladDhVVEltbnR1TmFkaHhKbVBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8wYjU1YWItYWNjOC00MWRhLTljODAt
ZThmMjBhYWRkZTk5LzEvanBEWDNFTU9RQ3ZSVk01WHA5cml3b2ZoSDRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8wYjU1YWItYWNjOC00MWRhLTljODAtZThmMjBhYWRkZTk5
LzEvM1JXS0RhQXladDhVVEltbnR1TmFkaHhKbVBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiTIMA0G
CSqGSIb3DQEBCwUAA4IBAQDDW4FPqx8Pas0vHGjkVityUtqQz0PvlJUwzb3nHNBF
2TRWlU5LyI1MfjrJ9tY6/b6/sz5Ygumg6BJmvvOTjSTXQN2A3GHcNu7l/CsOJToD
APgJ2ZHG+0EinVX05b9uMylr9416fdzXer4c6Y8xAULGTFp3Z9cZIKumtRaFh6Vx
zRXmXEy+shyTeG8lgd9DV0aB/W4yxIqz2UgrA3dvnEqmaxCWES4uXps+4qdaRBNJ
VdpTybiiHq3MpCvPbDvPMdEDadaZ5O+KeOrmlWD/wKxRFNB565m/r/101yI3Imc3
jq/vdrdXyB2kBA/JNFAW5vwIinxWsbRb2tvKC1IynaUC
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:08:02 2025 by rpki-client