Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/JeA9dS8WbR6qpFTi0DHlS_QnuSc.roa
File: JeA9dS8WbR6qpFTi0DHlS_QnuSc.roa (raw, json)
Hash identifier: JcF1eJHjB5C12GJpIDfTCIgGvNNV72X3aOheSPHTzeM=
Subject key identifier: 25:E0:3D:75:2F:16:6D:1E:AA:A4:54:E2:D0:31:E5:4B:F4:27:B9:27
Certificate issuer: /CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Certificate serial: 019483F6A4494279751CCBBAF0E420A3CD12
Authority key identifier: 5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/JeA9dS8WbR6qpFTi0DHlS_QnuSc.roa
Signing time: Mon 20 Jan 2025 13:46:06 +0000
ROA not before: Mon 20 Jan 2025 13:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15987
IP address blocks: 46.41.0.0/18 maxlen: 22
46.41.14.0/24 maxlen: 24
46.41.32.0/24 maxlen: 24
46.41.47.0/24 maxlen: 24
46.41.48.0/24 maxlen: 24
46.41.49.0/24 maxlen: 24
46.41.52.0/24 maxlen: 24
46.41.54.0/24 maxlen: 24
46.41.56.0/24 maxlen: 24
46.41.59.0/24 maxlen: 24
185.112.252.0/22 maxlen: 24
188.246.0.0/19 maxlen: 22
188.246.0.0/23 maxlen: 24
188.246.17.0/24 maxlen: 24
188.246.23.0/24 maxlen: 24
217.144.128.0/20 maxlen: 20
217.144.128.0/24 maxlen: 24
217.144.129.0/24 maxlen: 24
217.144.138.0/24 maxlen: 24
217.144.141.0/24 maxlen: 24
217.144.143.0/24 maxlen: 24
2a02:a00::/29 maxlen: 29
2a02:a00::/32 maxlen: 32
2a02:a00::/34 maxlen: 34
2a02:a00:d::/48 maxlen: 48
2a02:a00:f::/48 maxlen: 48
2a02:a00:1f::/48 maxlen: 48
2a02:a00:1009::/48 maxlen: 48
2a02:a00:1049::/48 maxlen: 48
2a02:a00:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 20 Jan 2025 15:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:83:f6:a4:49:42:79:75:1c:cb:ba:f0:e4:20:a3:cd:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Validity
Not Before: Jan 20 13:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25e03d752f166d1eaaa454e2d031e54bf427b927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:be:c4:bb:29:b0:18:5d:3d:8a:4f:ba:5c:a5:
21:34:4f:f4:65:2d:1b:9d:63:88:b1:50:a5:3c:86:
55:ed:00:8e:85:b7:94:39:6b:db:87:0d:b7:b3:7a:
02:a4:81:0f:27:ea:6d:88:f3:8d:25:03:32:cd:20:
b6:30:a5:4f:63:e6:33:bb:1f:2e:6a:82:d6:b0:15:
96:0f:80:ea:10:79:33:fa:de:8d:9b:7d:cc:a7:01:
cf:d9:9b:4b:26:55:c2:a1:91:56:69:18:65:22:17:
ce:6e:bb:28:9c:ed:59:dd:6d:86:6a:3e:5f:20:f8:
29:f3:b1:b1:4c:e8:1b:84:4e:52:cc:92:7c:92:cd:
63:10:ad:2f:c6:02:36:cf:ca:54:38:b8:f7:a6:dc:
fb:cb:2d:80:01:36:2c:3a:17:60:d1:f3:6f:0a:4b:
72:61:6f:de:0b:a2:f7:76:89:6b:f0:42:29:f6:83:
fe:b5:89:b9:1d:64:8a:12:f6:3a:2a:e3:51:4f:08:
3e:af:1b:21:1b:56:1f:9d:8f:a5:db:46:bb:12:48:
17:2a:3a:72:9e:b5:be:76:82:2b:99:18:40:b5:79:
1c:22:62:c0:1c:46:e7:74:f8:fe:98:98:dc:e1:50:
71:79:08:f3:3e:1d:a0:70:0e:48:2e:af:b6:12:92:
ea:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E0:3D:75:2F:16:6D:1E:AA:A4:54:E2:D0:31:E5:4B:F4:27:B9:27
X509v3 Authority Key Identifier:
keyid:5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/JeA9dS8WbR6qpFTi0DHlS_QnuSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.0.0/18
185.112.252.0/22
188.246.0.0/19
217.144.128.0/20
IPv6:
2a02:a00::/29
Signature Algorithm: sha256WithRSAEncryption
56:2b:41:8f:12:92:2a:a2:fb:73:24:bf:f9:b4:ab:5b:66:65:
2d:0b:6c:ae:4a:13:fb:00:95:eb:8f:f1:c1:ac:fe:b2:8e:68:
68:60:bf:eb:9e:c3:89:29:af:a9:ca:51:f4:0a:00:aa:27:af:
89:c1:1b:5d:c8:8d:19:69:fb:49:8b:5a:29:d6:ed:06:52:e0:
73:cf:94:ac:49:4b:bf:7d:42:3d:ae:cb:dc:47:55:76:ab:f6:
ac:ac:38:96:a8:aa:57:97:8a:7d:82:1c:ac:b9:23:f6:92:9a:
31:5e:7d:98:23:f2:24:2e:a3:3a:82:19:e0:58:3f:8f:09:86:
07:9b:1b:b8:8e:20:1d:e9:71:35:a9:da:69:5a:a1:20:11:b0:
9b:e5:bb:6f:18:d2:fa:39:14:f8:29:0e:cc:89:55:3b:e2:11:
f9:0b:b0:99:68:be:e2:77:9b:e6:44:81:b2:12:96:8b:75:85:
86:98:0b:c6:bc:d3:a6:a4:9f:fe:80:b7:e6:3c:fe:3e:14:a0:
c4:16:03:00:8c:2e:13:6f:7e:00:63:1a:c9:db:25:06:10:52:
4c:df:be:0a:42:67:cd:42:09:f2:9d:9c:c3:a5:6f:02:83:8a:
2e:7b:c8:d6:c5:91:a2:28:03:a0:0c:7f:a5:b9:49:ca:d8:52:
9b:79:b7:58
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZSD9qRJQnl1HMu68OQgo80SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZWRkNmIwZTM2ZjRiZDhmMWQ1N2UyNmNjMWMyZDE4YzY5
OTNjMDQwHhcNMjUwMTIwMTM0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWUwM2Q3NTJmMTY2ZDFlYWFhNDU0ZTJkMDMxZTU0YmY0MjdiOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL7EuymwGF09ik+6XKUhNE/0ZS0b
nWOIsVClPIZV7QCOhbeUOWvbhw23s3oCpIEPJ+ptiPONJQMyzSC2MKVPY+Yzux8u
aoLWsBWWD4DqEHkz+t6Nm33MpwHP2ZtLJlXCoZFWaRhlIhfObrsonO1Z3W2Gaj5f
IPgp87GxTOgbhE5SzJJ8ks1jEK0vxgI2z8pUOLj3ptz7yy2AATYsOhdg0fNvCkty
YW/eC6L3dolr8EIp9oP+tYm5HWSKEvY6KuNRTwg+rxshG1YfnY+l20a7EkgXKjpy
nrW+doIrmRhAtXkcImLAHEbndPj+mJjc4VBxeQjzPh2gcA5ILq+2EpLqxQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCXgPXUvFm0eqqRU4tAx5Uv0J7knMB8GA1UdIwQY
MBaAFF3t1rDjb0vY8dV+JswcLRjGmTwEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODkt
YzY5ODcxZjVkMzA1LzEvSmVBOWRTOFdiUjZxcEZUaTBESGxTX1FudVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODktYzY5ODcxZjVkMzA1
LzEvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGLikAAwQC
uXD8AwQFvPYAAwQE2ZCAMA0EAgACMAcDBQMqAgoAMA0GCSqGSIb3DQEBCwUAA4IB
AQBWK0GPEpIqovtzJL/5tKtbZmUtC2yuShP7AJXrj/HBrP6yjmhoYL/rnsOJKa+p
ylH0CgCqJ6+JwRtdyI0ZaftJi1op1u0GUuBzz5SsSUu/fUI9rsvcR1V2q/asrDiW
qKpXl4p9ghysuSP2kpoxXn2YI/IkLqM6ghngWD+PCYYHmxu4jiAd6XE1qdppWqEg
EbCb5btvGNL6ORT4KQ7MiVU74hH5C7CZaL7id5vmRIGyEpaLdYWGmAvGvNOmpJ/+
gLfmPP4+FKDEFgMAjC4Tb34AYxrJ2yUGEFJM374KQmfNQgnynZzDpW8Cg4oue8jW
xZGiKAOgDH+luUnK2FKbebdY
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:46:22 2025 by rpki-client