Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/juSFNk9Nl3JHKpSdqqaOU9NtJSU.roa
File: juSFNk9Nl3JHKpSdqqaOU9NtJSU.roa (raw, json)
Hash identifier: 9Z5xePBIxgl53UrNRvXgFWvrsyiohCez85Rmc0Q/Bpc=
Subject key identifier: 8E:E4:85:36:4F:4D:97:72:47:2A:94:9D:AA:A6:8E:53:D3:6D:25:25
Certificate issuer: /CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b
Certificate serial: 018FEDF28F88886B41E9FD0C8DBC6E26F325
Authority key identifier: CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/juSFNk9Nl3JHKpSdqqaOU9NtJSU.roa
Signing time: Thu 06 Jun 2024 14:27:27 +0000
ROA not before: Thu 06 Jun 2024 14:27:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 91.197.164.0/22 maxlen: 24
94.247.232.0/21 maxlen: 24
95.81.128.0/18 maxlen: 24
185.215.136.0/22 maxlen: 24
185.241.96.0/22 maxlen: 24
213.205.96.0/19 maxlen: 24
217.71.208.0/21 maxlen: 24
2a00:1080::/32 maxlen: 48
2a02:3e8::/32 maxlen: 48
2a02:e10::/32 maxlen: 48
2a0c:a080::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:f2:8f:88:88:6b:41:e9:fd:0c:8d:bc:6e:26:f3:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b
Validity
Not Before: Jun 6 14:27:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ee485364f4d9772472a949daaa68e53d36d2525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a1:f4:21:8b:75:3c:04:fc:77:89:ac:93:d0:
2b:21:b7:75:ea:12:6a:89:76:9b:f6:0f:4a:54:f3:
27:7a:09:30:03:86:3b:84:ae:3c:9d:1d:21:3a:70:
49:46:d7:e0:e4:11:01:78:ee:10:8b:ca:19:4e:e4:
fd:25:58:1f:42:0f:37:aa:8d:04:e1:e9:7c:ca:66:
65:51:72:76:e8:c2:7c:96:08:5c:d9:45:d6:18:d0:
e7:c1:51:8d:98:8b:ce:3f:8b:90:15:31:85:f9:20:
66:74:97:b6:34:d1:77:ec:28:23:90:34:74:c4:73:
35:ef:08:70:c7:ba:ae:f8:58:64:bb:d4:71:30:44:
80:87:0b:ea:07:38:ed:ff:36:63:63:85:62:ed:46:
63:b3:a9:f8:3f:20:bd:e4:58:b4:b4:ba:63:4b:d6:
63:5e:b5:31:83:f1:28:65:fc:3a:9b:6c:46:1a:2c:
77:ec:89:95:c8:83:fe:a5:58:09:70:f5:0a:b7:e2:
1e:9c:8b:7d:5b:cd:55:70:d0:4e:67:89:6b:1c:81:
c8:72:cf:a3:79:26:71:8f:3a:2b:17:6a:62:f3:a0:
39:0e:97:29:ff:63:aa:c7:c7:cd:43:b4:e9:7a:c5:
51:20:f6:16:c3:4f:bc:91:da:f3:ad:a4:03:eb:52:
3b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E4:85:36:4F:4D:97:72:47:2A:94:9D:AA:A6:8E:53:D3:6D:25:25
X509v3 Authority Key Identifier:
keyid:CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/juSFNk9Nl3JHKpSdqqaOU9NtJSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.164.0/22
94.247.232.0/21
95.81.128.0/18
185.215.136.0/22
185.241.96.0/22
213.205.96.0/19
217.71.208.0/21
IPv6:
2a00:1080::/32
2a02:3e8::/32
2a02:e10::/32
2a0c:a080::/29
Signature Algorithm: sha256WithRSAEncryption
44:a1:9d:85:b4:14:f2:ff:35:44:c9:e5:28:05:28:f4:2b:c4:
92:b6:df:78:86:a4:2d:e4:0b:3e:db:e3:5c:ca:16:83:02:ce:
c7:71:af:9a:ca:f4:f4:84:b6:aa:72:3c:b4:e3:08:19:c9:be:
65:5a:f7:ba:97:c8:13:f9:8c:64:7a:ad:6f:da:d7:13:c9:bd:
07:fa:4a:f3:18:25:25:8c:62:e2:b3:c9:23:79:b1:d1:b1:88:
5b:0c:b5:ec:c1:71:5b:17:4d:80:d6:7d:34:6a:96:e1:02:a9:
8c:44:56:dd:8f:b0:d9:97:32:36:f4:47:a2:fd:af:c4:8f:01:
ec:fa:8e:25:3f:cc:ed:3b:3c:97:48:d7:1f:15:1e:94:78:1e:
37:c4:57:35:63:89:54:c4:a6:aa:ba:23:80:40:06:66:c4:25:
ad:33:15:b0:c6:c7:43:a0:33:19:f7:85:b7:9a:76:92:b1:46:
b8:36:ab:5a:34:d1:45:1c:e4:13:f6:90:da:8a:20:a2:c8:c5:
93:16:81:b9:ce:87:3e:76:a5:74:87:54:d1:e4:f1:39:31:36:
ac:72:a5:09:2f:5f:10:87:f0:93:cb:75:74:72:89:5f:25:eb:
98:e6:c9:36:34:2f:7a:51:03:eb:9c:6f:fb:22:ec:13:6e:65:
05:f1:37:fc
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY/t8o+IiGtB6f0MjbxuJvMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMGNhMzQ4YWM4OTFjMzM2ZDhjNzk0NWE1YmQ1YjMzMjVl
YjVmMGIwHhcNMjQwNjA2MTQyNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWU0ODUzNjRmNGQ5NzcyNDcyYTk0OWRhYWE2OGU1M2QzNmQyNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaH0IYt1PAT8d4msk9ArIbd16hJq
iXab9g9KVPMnegkwA4Y7hK48nR0hOnBJRtfg5BEBeO4Qi8oZTuT9JVgfQg83qo0E
4el8ymZlUXJ26MJ8lghc2UXWGNDnwVGNmIvOP4uQFTGF+SBmdJe2NNF37CgjkDR0
xHM17whwx7qu+Fhku9RxMESAhwvqBzjt/zZjY4Vi7UZjs6n4PyC95Fi0tLpjS9Zj
XrUxg/EoZfw6m2xGGix37ImVyIP+pVgJcPUKt+IenIt9W81VcNBOZ4lrHIHIcs+j
eSZxjzorF2pi86A5Dpcp/2Oqx8fNQ7TpesVRIPYWw0+8kdrzraQD61I7TQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFI7khTZPTZdyRyqUnaqmjlPTbSUlMB8GA1UdIwQY
MBaAFMsMo0isiRwzbYx5RaW9WzMl618LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXd5alNLeUpIRE50akhsRnBiMWJNeVhyWHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lZjYxZDYtMDVkMS00ZmIyLWE2ZWEt
NDI1MjMyZmQ1NjQzLzEvanVTRk5rOU5sM0pIS3BTZHFxYU9VOU50SlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lZjYxZDYtMDVkMS00ZmIyLWE2ZWEtNDI1MjMyZmQ1NjQz
LzEveXd5alNLeUpIRE50akhsRnBiMWJNeVhyWHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAwBAIAATAqAwQCW8WkAwQD
XvfoAwQGX1GAAwQCudeIAwQCufFgAwQF1c1gAwQD2UfQMCIEAgACMBwDBQAqABCA
AwUAKgID6AMFACoCDhADBQMqDKCAMA0GCSqGSIb3DQEBCwUAA4IBAQBEoZ2FtBTy
/zVEyeUoBSj0K8SStt94hqQt5As+2+NcyhaDAs7Hca+ayvT0hLaqcjy04wgZyb5l
Wve6l8gT+Yxkeq1v2tcTyb0H+krzGCUljGLis8kjebHRsYhbDLXswXFbF02A1n00
apbhAqmMRFbdj7DZlzI29Eei/a/EjwHs+o4lP8ztOzyXSNcfFR6UeB43xFc1Y4lU
xKaquiOAQAZmxCWtMxWwxsdDoDMZ94W3mnaSsUa4NqtaNNFFHOQT9pDaiiCiyMWT
FoG5zoc+dqV0h1TR5PE5MTascqUJL18Qh/CTy3V0colfJeuY5sk2NC96UQPrnG/7
IuwTbmUF8Tf8
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:47:25 2025 by rpki-client