Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/jdSAQkXRU1EcDxGVMXB4lIxMwpQ.roa
File: jdSAQkXRU1EcDxGVMXB4lIxMwpQ.roa (raw, json)
Hash identifier: ybTgf6BpBUeMEIIaBWP/Q1N0ojjZeqh3yi1EvVdPwMs=
Subject key identifier: 8D:D4:80:42:45:D1:53:51:1C:0F:11:95:31:70:78:94:8C:4C:C2:94
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018CC5DC9FE00DD40E05991F2D1CBE7B618C
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/jdSAQkXRU1EcDxGVMXB4lIxMwpQ.roa
Signing time: Mon 01 Jan 2024 16:30:19 +0000
ROA not before: Mon 01 Jan 2024 16:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212025
IP address blocks: 85.158.145.0/24 maxlen: 24
5.178.2.0/24 maxlen: 24
5.10.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 13:33:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:9f:e0:0d:d4:0e:05:99:1f:2d:1c:be:7b:61:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 16:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dd4804245d153511c0f1195317078948c4cc294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:24:5e:53:3f:af:52:4e:68:98:76:d7:70:06:
9e:b9:b4:25:40:d9:fc:c0:9f:2e:29:d5:ab:3e:78:
e2:df:2f:f4:8a:bb:83:90:17:5a:3c:94:d4:fe:e5:
e5:ed:ff:3b:b9:6c:fc:0f:69:04:5d:f3:fd:fc:dd:
0a:29:80:f0:25:30:c8:d1:43:b6:6f:fa:84:85:8c:
3a:f7:c0:1b:e5:b0:bc:68:88:ca:e7:c1:ba:a2:15:
16:24:c6:7b:0a:3d:d9:0e:2c:e7:f0:3b:ae:0c:12:
ff:23:d7:eb:17:b8:0b:e2:c9:73:7a:8e:43:f5:ea:
7d:12:84:b9:53:1f:c9:fe:79:63:c9:3b:de:dc:f4:
39:84:65:27:a8:e4:3f:84:eb:9a:d5:2e:ed:1a:f0:
8f:19:67:55:4b:f4:78:4c:d7:17:54:93:1d:34:e8:
5f:9b:fb:7c:c5:11:28:38:8f:e1:b6:71:ea:9f:e2:
83:9f:a6:83:f8:ae:ad:89:8e:aa:d5:0a:76:39:d4:
25:9e:0a:0d:1c:b2:43:4f:a1:d4:c8:eb:ea:9f:aa:
fb:92:0b:eb:ac:01:fe:9a:47:7c:31:61:6b:e9:5b:
23:6c:d8:02:28:32:58:7f:2d:ce:52:1d:08:57:02:
a4:e9:df:5f:82:f0:25:38:ae:b7:b1:3b:2a:fe:bf:
27:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D4:80:42:45:D1:53:51:1C:0F:11:95:31:70:78:94:8C:4C:C2:94
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/jdSAQkXRU1EcDxGVMXB4lIxMwpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.249.0/24
5.178.2.0/24
85.158.145.0/24
Signature Algorithm: sha256WithRSAEncryption
58:13:90:5a:3d:2d:3c:a8:05:51:5a:32:53:cb:28:08:bc:68:
4e:ed:a9:2b:77:d5:b0:ef:f1:1b:88:2b:61:f1:3c:2c:f1:0f:
33:8d:40:1c:59:d8:f6:22:ea:33:91:24:7d:ba:28:54:db:d6:
6a:91:78:f0:63:b6:6c:0c:e4:d1:27:1d:47:e2:62:7b:18:17:
20:61:e3:44:b4:ba:14:e1:9f:86:1d:f1:c6:ba:a8:42:50:64:
35:d3:5f:41:df:17:3e:89:d5:c1:a8:ce:15:c7:00:a3:da:89:
f5:7e:26:00:30:a4:3c:82:a9:6b:48:f1:7e:8c:17:6a:c7:6f:
29:c0:f1:2e:e6:a1:81:28:51:a8:59:6c:98:17:fb:b1:d7:e1:
96:6d:8e:53:54:99:ec:68:31:9c:98:6a:6a:31:3a:25:eb:8d:
98:23:a4:72:63:e4:92:52:f9:68:6a:da:5b:66:da:fc:7a:ec:
37:58:de:5c:53:28:f1:62:67:c8:82:ba:28:f5:07:6f:c8:66:
40:d6:26:15:4f:3d:a5:0d:7e:79:00:ec:a1:e9:c2:a1:e9:02:
04:8d:d0:e8:46:55:27:77:63:a4:1a:e4:ab:26:d3:04:f8:3a:
bb:c4:fa:6c:5e:3a:c1:45:8d:b6:be:d2:0c:6d:26:56:4d:ab:
8a:41:ab:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzF3J/gDdQOBZkfLRy+e2GMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMTAxMTYzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQ0ODA0MjQ1ZDE1MzUxMWMwZjExOTUzMTcwNzg5NDhjNGNjMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCReUz+vUk5omHbXcAaeubQlQNn8
wJ8uKdWrPnji3y/0iruDkBdaPJTU/uXl7f87uWz8D2kEXfP9/N0KKYDwJTDI0UO2
b/qEhYw698Ab5bC8aIjK58G6ohUWJMZ7Cj3ZDizn8DuuDBL/I9frF7gL4slzeo5D
9ep9EoS5Ux/J/nljyTve3PQ5hGUnqOQ/hOua1S7tGvCPGWdVS/R4TNcXVJMdNOhf
m/t8xREoOI/htnHqn+KDn6aD+K6tiY6q1Qp2OdQlngoNHLJDT6HUyOvqn6r7kgvr
rAH+mkd8MWFr6VsjbNgCKDJYfy3OUh0IVwKk6d9fgvAlOK63sTsq/r8npQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI3UgEJF0VNRHA8RlTFweJSMTMKUMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvamRTQVFrWFJVMUVjRHhHVk1YQjRsSXhNd3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABQr5AwQA
BbICAwQAVZ6RMA0GCSqGSIb3DQEBCwUAA4IBAQBYE5BaPS08qAVRWjJTyygIvGhO
7akrd9Ww7/EbiCth8Tws8Q8zjUAcWdj2IuozkSR9uihU29ZqkXjwY7ZsDOTRJx1H
4mJ7GBcgYeNEtLoU4Z+GHfHGuqhCUGQ1019B3xc+idXBqM4VxwCj2on1fiYAMKQ8
gqlrSPF+jBdqx28pwPEu5qGBKFGoWWyYF/ux1+GWbY5TVJnsaDGcmGpqMTol642Y
I6RyY+SSUvloatpbZtr8euw3WN5cUyjxYmfIgroo9QdvyGZA1iYVTz2lDX55AOyh
6cKh6QIEjdDoRlUnd2OkGuSrJtME+Dq7xPpsXjrBRY22vtIMbSZWTauKQavG
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:11 2025 by rpki-client