Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/JFttxtIqpzAqnZmZzUqXzftjeLU.roa
File: JFttxtIqpzAqnZmZzUqXzftjeLU.roa (raw, json)
Hash identifier: bBdb9EOTayTTjtBlc0isUw2G3DhBZnsy3p8gv/9u/iI=
Subject key identifier: 24:5B:6D:C6:D2:2A:A7:30:2A:9D:99:99:CD:4A:97:CD:FB:63:78:B5
Certificate issuer: /CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Certificate serial: 0192FB95A61A96665440B05EE095FDB8B707
Authority key identifier: 06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/JFttxtIqpzAqnZmZzUqXzftjeLU.roa
Signing time: Tue 05 Nov 2024 09:09:01 +0000
ROA not before: Tue 05 Nov 2024 09:09:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15965
IP address blocks: 80.64.144.0/20 maxlen: 20
193.91.32.0/20 maxlen: 20
194.48.193.0/24 maxlen: 24
194.48.252.0/23 maxlen: 24
195.43.96.0/19 maxlen: 19
217.31.64.0/20 maxlen: 24
2a02:3a8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Nov 2024 09:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fb:95:a6:1a:96:66:54:40:b0:5e:e0:95:fd:b8:b7:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Validity
Not Before: Nov 5 09:09:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=245b6dc6d22aa7302a9d9999cd4a97cdfb6378b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4c:01:c5:a5:91:a1:15:7a:03:9e:9a:95:ec:
1a:51:ff:f7:e8:2a:30:4e:c5:10:c4:96:f3:2d:b7:
1e:c2:3a:bd:ce:4b:f8:99:fe:b9:18:b7:dd:24:87:
30:e9:fe:b9:27:8c:f1:28:28:59:3c:bf:e4:01:a9:
79:8e:83:95:15:33:8a:ad:ec:2e:8d:4a:c7:35:9d:
6c:0a:65:29:29:2e:ab:3f:93:e8:5c:18:8e:6b:95:
19:f1:35:e2:7a:73:25:89:44:b3:9f:38:c0:4f:e8:
33:22:13:e0:40:9c:92:bc:f5:7b:e7:97:39:1a:75:
17:fd:65:90:7e:2b:fb:87:94:58:10:6a:a2:ab:e5:
3c:08:43:4f:51:bb:b4:4d:36:ef:ea:03:cd:02:65:
12:2b:1b:0c:a7:8f:f0:43:21:5e:c7:ed:d0:e3:ed:
28:23:eb:6d:84:69:c8:55:70:9f:e9:5f:87:fb:50:
ff:ef:41:48:e3:31:59:9f:19:6e:8e:f5:5a:55:d0:
ad:d3:b3:34:85:7c:bb:80:1a:7d:f9:c5:96:46:52:
0a:e1:9d:b6:ea:47:0b:bf:8e:51:43:7a:c4:3c:dd:
59:94:e6:a1:61:68:3f:17:b1:93:39:bb:78:6c:70:
84:9a:fd:b9:fa:6f:55:95:03:1e:1c:6d:db:e5:54:
48:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:5B:6D:C6:D2:2A:A7:30:2A:9D:99:99:CD:4A:97:CD:FB:63:78:B5
X509v3 Authority Key Identifier:
keyid:06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/JFttxtIqpzAqnZmZzUqXzftjeLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.144.0/20
193.91.32.0/20
194.48.193.0/24
194.48.252.0/23
195.43.96.0/19
217.31.64.0/20
IPv6:
2a02:3a8::/32
Signature Algorithm: sha256WithRSAEncryption
e4:0b:0a:20:e7:22:47:83:2b:cf:19:15:39:44:4b:fb:db:c3:
3b:0b:80:fa:7e:67:07:12:b3:35:c2:66:e9:d8:74:7e:9c:01:
36:76:e5:de:56:90:e8:17:cf:ab:e3:53:db:8c:82:dd:73:59:
16:d1:ba:7a:96:31:d5:f6:a3:c0:d7:88:00:d6:0d:62:7d:44:
32:c4:d9:39:57:45:af:51:e8:bb:39:74:4e:e9:92:bc:69:df:
4c:e6:03:71:6c:b2:48:03:2e:04:fd:75:39:f7:be:99:86:dc:
7f:7a:99:6f:2e:bb:c6:50:b7:51:3c:fd:d9:40:1b:d6:e5:24:
1b:08:fd:a9:7a:dc:b3:72:a4:b9:d1:d7:e9:d8:a4:5c:71:89:
38:48:91:97:fc:2a:16:10:7c:b5:af:fb:9d:13:72:47:4e:dd:
86:0c:97:1b:9d:79:af:25:e7:0c:74:d0:7b:09:ac:42:77:09:
fc:b9:ee:7f:01:51:0c:c7:d4:74:2f:2c:65:c1:6c:48:53:37:
e2:1b:9f:bf:53:e7:ee:d5:c8:5f:41:b5:65:bf:a8:e2:eb:95:
bd:87:d9:91:52:9a:53:2d:fa:c2:d0:03:e5:7c:c4:c7:f4:e2:
b0:36:2a:37:13:9f:1a:1e:ff:58:fd:c6:a4:16:c4:e7:24:09:
38:f9:ff:09
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZL7laYalmZUQLBe4JX9uLcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YjdlZGVmNjE4NTg3MjNjNGFkZWJlM2VlNWE4OWY3MDA1
OGQ1ZmUwHhcNMjQxMTA1MDkwOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDViNmRjNmQyMmFhNzMwMmE5ZDk5OTljZDRhOTdjZGZiNjM3OGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0wBxaWRoRV6A56alewaUf/36Cow
TsUQxJbzLbcewjq9zkv4mf65GLfdJIcw6f65J4zxKChZPL/kAal5joOVFTOKrewu
jUrHNZ1sCmUpKS6rP5PoXBiOa5UZ8TXienMliUSznzjAT+gzIhPgQJySvPV755c5
GnUX/WWQfiv7h5RYEGqiq+U8CENPUbu0TTbv6gPNAmUSKxsMp4/wQyFex+3Q4+0o
I+tthGnIVXCf6V+H+1D/70FI4zFZnxlujvVaVdCt07M0hXy7gBp9+cWWRlIK4Z22
6kcLv45RQ3rEPN1ZlOahYWg/F7GTObt4bHCEmv25+m9VlQMeHG3b5VRISwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCRbbcbSKqcwKp2Zmc1Kl837Y3i1MB8GA1UdIwQY
MBaAFAa37e9hhYcjxK3r4+5aifcAWNX+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUt
ODk1NTFlOGNjZTEyLzEvSkZ0dHh0SXFwekFxblptWnpVcVh6ZnRqZUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUtODk1NTFlOGNjZTEy
LzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUECQAwQE
wVsgAwQAwjDBAwQBwjD8AwQFwytgAwQE2R9AMA0EAgACMAcDBQAqAgOoMA0GCSqG
SIb3DQEBCwUAA4IBAQDkCwog5yJHgyvPGRU5REv728M7C4D6fmcHErM1wmbp2HR+
nAE2duXeVpDoF8+r41PbjILdc1kW0bp6ljHV9qPA14gA1g1ifUQyxNk5V0WvUei7
OXRO6ZK8ad9M5gNxbLJIAy4E/XU5976Zhtx/eplvLrvGULdRPP3ZQBvW5SQbCP2p
etyzcqS50dfp2KRccYk4SJGX/CoWEHy1r/udE3JHTt2GDJcbnXmvJecMdNB7CaxC
dwn8ue5/AVEMx9R0LyxlwWxIUzfiG5+/U+fu1chfQbVlv6ji65W9h9mRUppTLfrC
0APlfMTH9OKwNio3E58aHv9Y/cakFsTnJAk4+f8J
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:06 2025 by rpki-client