Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/jaAtJfRbW-siqpg0fGl8wFvoUfE.roa
File: jaAtJfRbW-siqpg0fGl8wFvoUfE.roa (raw, json)
Hash identifier: sq8x9nVREB+X1ModXIQpBJhrkrL3D7mT9hmsWeNNnX0=
Subject key identifier: 8D:A0:2D:25:F4:5B:5B:EB:22:AA:98:34:7C:69:7C:C0:5B:E8:51:F1
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 0193CF67E5C49D8F5180572135662B3FB8C3
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/jaAtJfRbW-siqpg0fGl8wFvoUfE.roa
Signing time: Mon 16 Dec 2024 12:18:32 +0000
ROA not before: Mon 16 Dec 2024 12:18:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214038
IP address blocks: 93.115.77.0/24 maxlen: 24
95.173.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 06:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:67:e5:c4:9d:8f:51:80:57:21:35:66:2b:3f:b8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Dec 16 12:18:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8da02d25f45b5beb22aa98347c697cc05be851f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7c:1d:f0:53:35:46:de:b3:13:44:bf:36:27:
0f:ec:3b:ef:bb:d8:ec:1a:04:1d:33:32:20:da:30:
df:93:bb:c4:dd:27:0c:58:b6:65:50:e0:8d:27:b5:
e3:67:e2:82:2b:4c:10:b0:84:49:93:71:5c:31:8e:
27:2e:61:7e:1d:7c:b7:a9:59:cd:7c:88:dc:7d:3a:
ed:2f:13:b1:5b:3d:a7:4d:c8:38:5e:70:61:2b:21:
3b:07:71:1a:fd:d1:40:97:da:82:7b:ac:76:9d:fc:
be:48:ff:65:64:d1:b6:34:3c:32:17:ab:5f:ea:16:
81:d5:41:f7:16:75:b0:4b:97:9e:26:11:36:5c:5d:
6e:69:c0:f4:de:aa:5f:2c:d7:1f:a1:a4:95:34:f3:
ce:31:4b:8b:4e:9a:09:bd:47:60:e0:83:ea:b4:a7:
b6:d1:46:be:f5:95:c1:16:71:38:86:c3:b0:ff:31:
6a:8c:1c:7e:b2:4e:c4:8e:fa:e6:bd:4b:72:d2:48:
f7:92:21:22:55:77:b8:7c:ab:3c:64:4d:33:27:4f:
33:09:67:56:5f:91:a5:34:cf:9e:f9:a2:6d:5d:cc:
4a:4b:f5:dd:ec:2c:ee:42:21:4e:dd:7a:ed:ba:b3:
e3:d5:61:e2:03:bf:38:83:e4:22:55:17:d9:eb:e5:
64:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A0:2D:25:F4:5B:5B:EB:22:AA:98:34:7C:69:7C:C0:5B:E8:51:F1
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/jaAtJfRbW-siqpg0fGl8wFvoUfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.77.0/24
95.173.183.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:bf:0c:b2:45:25:8d:b5:db:92:85:c7:46:16:5c:58:81:52:
fb:68:85:04:8c:be:11:44:c0:f6:74:af:73:17:d1:98:ef:0d:
85:5b:7b:c1:d7:a5:0f:02:83:0a:e8:f8:7b:3a:05:3c:ec:e4:
97:7f:36:30:26:3a:4c:1c:03:93:3f:da:29:48:b6:b5:fd:a6:
7f:cc:26:8a:1d:77:06:a0:fc:7f:2d:1c:27:c9:8d:29:5f:26:
55:2a:45:b2:47:f7:c7:7c:86:39:f1:12:28:d2:99:77:31:e9:
11:a6:59:52:1d:16:50:71:76:09:16:5d:e3:6b:b7:10:03:a0:
cb:ff:05:24:63:85:e2:8a:69:18:5a:91:e9:bf:38:3a:34:5d:
e7:cf:64:17:27:19:da:6e:bf:32:a7:5d:41:be:19:67:37:db:
ff:09:d8:7a:27:20:70:97:87:12:b7:2a:83:7f:12:fc:2c:10:
8f:85:3c:40:f2:56:69:c1:a3:bf:55:9d:27:73:0f:a7:5b:e0:
11:ce:49:9a:c1:cf:e9:fb:e7:c8:f4:b7:1c:7f:05:21:c0:35:
84:0a:64:9f:18:66:5f:92:9a:9f:16:aa:00:fa:a7:2d:cf:48:
ce:28:0d:8e:a4:ea:a2:4f:1e:09:26:b8:34:42:4e:a2:81:57:
16:55:4e:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPPZ+XEnY9RgFchNWYrP7jDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjQxMjE2MTIxODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGEwMmQyNWY0NWI1YmViMjJhYTk4MzQ3YzY5N2NjMDViZTg1MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXwd8FM1Rt6zE0S/NicP7Dvvu9js
GgQdMzIg2jDfk7vE3ScMWLZlUOCNJ7XjZ+KCK0wQsIRJk3FcMY4nLmF+HXy3qVnN
fIjcfTrtLxOxWz2nTcg4XnBhKyE7B3Ea/dFAl9qCe6x2nfy+SP9lZNG2NDwyF6tf
6haB1UH3FnWwS5eeJhE2XF1uacD03qpfLNcfoaSVNPPOMUuLTpoJvUdg4IPqtKe2
0Ua+9ZXBFnE4hsOw/zFqjBx+sk7EjvrmvUty0kj3kiEiVXe4fKs8ZE0zJ08zCWdW
X5GlNM+e+aJtXcxKS/Xd7CzuQiFO3XrturPj1WHiA784g+QiVRfZ6+VkDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI2gLSX0W1vrIqqYNHxpfMBb6FHxMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvamFBdEpmUmJXLXNpcXBnMGZHbDh3RnZvVWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXXNNAwQA
X623MA0GCSqGSIb3DQEBCwUAA4IBAQAevwyyRSWNtduShcdGFlxYgVL7aIUEjL4R
RMD2dK9zF9GY7w2FW3vB16UPAoMK6Ph7OgU87OSXfzYwJjpMHAOTP9opSLa1/aZ/
zCaKHXcGoPx/LRwnyY0pXyZVKkWyR/fHfIY58RIo0pl3MekRpllSHRZQcXYJFl3j
a7cQA6DL/wUkY4XiimkYWpHpvzg6NF3nz2QXJxnabr8yp11BvhlnN9v/Cdh6JyBw
l4cStyqDfxL8LBCPhTxA8lZpwaO/VZ0ncw+nW+ARzkmawc/p++fI9LccfwUhwDWE
CmSfGGZfkpqfFqoA+qctz0jOKA2OpOqiTx4JJrg0Qk6igVcWVU6O
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:29:53 2025 by rpki-client