Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/JavpkSkoM9e790yU3TnuhgW8ylw.roa
File: JavpkSkoM9e790yU3TnuhgW8ylw.roa (raw, json)
Hash identifier: K0huhuOIi/YylYQX8/KlGDJnv0NGX9aiJ2WzJN9WFP0=
Subject key identifier: 25:AB:E9:91:29:28:33:D7:BB:F7:4C:94:DD:39:EE:86:05:BC:CA:5C
Certificate issuer: /CN=c62d7cac1ffb2c3fbde284625bf1af4c6bae6b0e
Certificate serial: 018E12D56F5E2A0C2BD59F515FFE126E49E6
Authority key identifier: C6:2D:7C:AC:1F:FB:2C:3F:BD:E2:84:62:5B:F1:AF:4C:6B:AE:6B:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xi18rB_7LD-94oRiW_GvTGuuaw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/JavpkSkoM9e790yU3TnuhgW8ylw.roa
Signing time: Wed 06 Mar 2024 08:16:01 +0000
ROA not before: Wed 06 Mar 2024 08:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29156
IP address blocks: 147.29.0.0/17 maxlen: 17
147.29.128.0/20 maxlen: 20
147.29.144.0/22 maxlen: 22
147.29.148.0/23 maxlen: 23
147.29.152.0/21 maxlen: 21
147.29.160.0/19 maxlen: 19
147.29.192.0/18 maxlen: 18
158.173.0.0/16 maxlen: 16
159.195.0.0/16 maxlen: 16
2a01:5440::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 14 Mar 2024 12:42:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:d5:6f:5e:2a:0c:2b:d5:9f:51:5f:fe:12:6e:49:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c62d7cac1ffb2c3fbde284625bf1af4c6bae6b0e
Validity
Not Before: Mar 6 08:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25abe991292833d7bbf74c94dd39ee8605bcca5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c8:75:67:6c:76:b0:2f:2b:c8:47:e0:69:40:
74:11:92:20:8b:ae:5b:a6:07:1f:98:b1:a8:c0:7a:
8e:6c:ec:de:48:d4:ea:a0:ff:c5:f5:d6:cf:e8:69:
91:01:dc:9d:fb:e2:86:b0:45:ea:af:5a:cf:7b:78:
32:ee:d8:30:c6:b2:a6:9a:81:b4:45:57:48:d3:b0:
e4:48:0d:60:c5:d8:c9:f1:dd:8e:e6:57:ec:6d:db:
7d:6a:86:b9:91:d7:c2:74:89:77:42:22:06:9b:f6:
d6:29:7b:ae:59:53:92:50:8a:d7:41:7e:3e:7e:d6:
ac:e1:a3:67:19:65:b4:ad:2a:d0:24:01:90:0c:bb:
b9:2b:41:7c:0b:68:ce:39:07:7f:87:7e:87:5d:ad:
ed:0e:56:3f:ac:f2:cc:3a:05:8c:7d:65:3c:b2:e7:
6a:a5:1b:c2:14:4d:e1:f8:50:bf:d2:40:68:35:a9:
21:0b:d5:34:aa:1a:ac:2e:c9:fb:7f:d9:58:6a:c4:
65:1f:d4:73:a0:4f:79:e7:8a:33:63:ad:70:78:4a:
f5:47:4e:6f:00:aa:7b:9e:45:7c:bc:2c:26:16:28:
a4:de:f7:17:7c:22:29:64:ed:91:4b:6d:5c:47:92:
61:3a:61:a4:d7:23:1e:59:fc:2a:21:24:06:e4:0a:
99:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:AB:E9:91:29:28:33:D7:BB:F7:4C:94:DD:39:EE:86:05:BC:CA:5C
X509v3 Authority Key Identifier:
keyid:C6:2D:7C:AC:1F:FB:2C:3F:BD:E2:84:62:5B:F1:AF:4C:6B:AE:6B:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xi18rB_7LD-94oRiW_GvTGuuaw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/JavpkSkoM9e790yU3TnuhgW8ylw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/xi18rB_7LD-94oRiW_GvTGuuaw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.29.0.0-147.29.149.255
147.29.152.0-147.29.255.255
158.173.0.0/16
159.195.0.0/16
IPv6:
2a01:5440::/32
Signature Algorithm: sha256WithRSAEncryption
b6:b9:96:9b:87:a3:1c:18:d2:a7:8f:5e:e6:a0:56:94:04:0a:
14:a2:df:ea:d5:02:54:f5:19:e0:19:50:e3:7c:95:ff:7a:f9:
f5:8d:8c:64:88:c7:cc:6a:ca:cc:76:3c:ef:35:82:a4:e0:0e:
2d:bd:d9:c6:4d:dd:4c:8a:13:87:00:a8:0a:f7:db:27:e4:12:
5b:57:79:9c:74:2d:9e:55:7d:94:2d:bc:5b:72:1b:02:f4:0a:
1f:ac:ae:97:aa:69:5c:3b:a8:5d:34:b0:9f:5d:28:91:36:63:
58:0f:52:0a:50:72:07:6e:15:d7:6e:fb:8d:ea:15:b4:96:4b:
2f:f8:52:70:05:0a:78:88:ca:c3:dd:40:cd:77:6b:24:ad:22:
44:aa:d5:30:fd:ca:4f:24:08:19:c1:67:ca:07:43:11:b0:7d:
12:d5:ed:96:63:51:da:89:30:fd:9e:be:40:43:0f:09:f2:ad:
22:c5:10:80:57:e8:4f:f9:e7:60:a3:fa:8a:f0:81:02:e4:c3:
5d:4a:0c:5a:0c:91:9c:6f:ad:64:88:c1:66:c6:71:63:5e:ac:
da:37:a3:af:c3:8d:1c:c7:14:45:2b:2e:28:10:b9:f0:93:05:
6e:47:d8:b8:e4:e7:e6:2d:3a:93:71:de:46:1c:08:79:08:a1:
b2:c7:6c:1e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY4S1W9eKgwr1Z9RX/4SbknmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MmQ3Y2FjMWZmYjJjM2ZiZGUyODQ2MjViZjFhZjRjNmJh
ZTZiMGUwHhcNMjQwMzA2MDgxNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWFiZTk5MTI5MjgzM2Q3YmJmNzRjOTRkZDM5ZWU4NjA1YmNjYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosh1Z2x2sC8ryEfgaUB0EZIgi65b
pgcfmLGowHqObOzeSNTqoP/F9dbP6GmRAdyd++KGsEXqr1rPe3gy7tgwxrKmmoG0
RVdI07DkSA1gxdjJ8d2O5lfsbdt9aoa5kdfCdIl3QiIGm/bWKXuuWVOSUIrXQX4+
ftas4aNnGWW0rSrQJAGQDLu5K0F8C2jOOQd/h36HXa3tDlY/rPLMOgWMfWU8sudq
pRvCFE3h+FC/0kBoNakhC9U0qhqsLsn7f9lYasRlH9RzoE9554ozY61weEr1R05v
AKp7nkV8vCwmFiik3vcXfCIpZO2RS21cR5JhOmGk1yMeWfwqISQG5AqZIQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCWr6ZEpKDPXu/dMlN057oYFvMpcMB8GA1UdIwQY
MBaAFMYtfKwf+yw/veKEYlvxr0xrrmsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGkxOHJCXzdMRC05NG9SaVdfR3ZUR3V1YXc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82Y2Q1ZmMtNjBjYy00NWRlLWJkOGEt
MTU0NGI0NGQ1OWNhLzEvSmF2cGtTa29NOWU3OTB5VTNUbnVoZ1c4eWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82Y2Q1ZmMtNjBjYy00NWRlLWJkOGEtMTU0NGI0NGQ1OWNh
LzEveGkxOHJCXzdMRC05NG9SaVdfR3ZUR3V1YXc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkMAsDAwCTHQME
AZMdlDALAwQDkx2YAwMBkxwDAwCerQMDAJ/DMA0EAgACMAcDBQAqAVRAMA0GCSqG
SIb3DQEBCwUAA4IBAQC2uZabh6McGNKnj17moFaUBAoUot/q1QJU9RngGVDjfJX/
evn1jYxkiMfMasrMdjzvNYKk4A4tvdnGTd1MihOHAKgK99sn5BJbV3mcdC2eVX2U
LbxbchsC9AofrK6XqmlcO6hdNLCfXSiRNmNYD1IKUHIHbhXXbvuN6hW0lksv+FJw
BQp4iMrD3UDNd2skrSJEqtUw/cpPJAgZwWfKB0MRsH0S1e2WY1HaiTD9nr5AQw8J
8q0ixRCAV+hP+edgo/qK8IEC5MNdSgxaDJGcb61kiMFmxnFjXqzaN6Ovw40cxxRF
Ky4oELnwkwVuR9i45OfmLTqTcd5GHAh5CKGyx2we
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:20 2025 by rpki-client