Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/pJkz3QgM9UXbmkduiExsgkq_nNg.roa
File: pJkz3QgM9UXbmkduiExsgkq_nNg.roa (raw, json)
Hash identifier: RGorFkbMTi5GvieOcu5D5OKCl6gZK9E4T6FLJYP4VQY=
Subject key identifier: A4:99:33:DD:08:0C:F5:45:DB:9A:47:6E:88:4C:6C:82:4A:BF:9C:D8
Certificate issuer: /CN=987277fc47d848fa5634ce8031a174fc249fa673
Certificate serial: 019424B3D045E046B54DBAAD0872F657F81B
Authority key identifier: 98:72:77:FC:47:D8:48:FA:56:34:CE:80:31:A1:74:FC:24:9F:A6:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/pJkz3QgM9UXbmkduiExsgkq_nNg.roa
Signing time: Thu 02 Jan 2025 01:49:11 +0000
ROA not before: Thu 02 Jan 2025 01:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211908
IP address blocks: 185.194.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 07:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d0:45:e0:46:b5:4d:ba:ad:08:72:f6:57:f8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=987277fc47d848fa5634ce8031a174fc249fa673
Validity
Not Before: Jan 2 01:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a49933dd080cf545db9a476e884c6c824abf9cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:90:9c:23:1a:49:ad:ea:9f:c9:49:77:a2:31:
74:f0:5a:4a:8f:59:78:1c:7f:8e:4a:fb:44:bd:96:
20:42:57:bd:7f:c9:a7:de:d7:a9:b4:ed:f8:aa:ad:
93:25:fb:69:fd:d2:2c:6d:d7:af:66:b7:49:15:3a:
67:0a:d0:80:2c:d6:10:02:63:b6:f5:1d:f8:ad:43:
43:72:ca:0d:41:f4:00:b0:1a:3e:38:7e:12:f3:fc:
3d:db:6f:aa:18:fd:c8:83:95:d9:a8:a3:bb:ad:b0:
54:96:8b:f1:d9:50:89:7f:26:e2:49:a1:ff:95:28:
35:f5:68:f9:89:e1:65:dc:a0:4e:6e:7b:2f:1c:25:
86:b4:db:1c:16:78:c7:a8:2e:e4:39:d6:87:6b:95:
21:3e:b8:8d:2a:78:9f:c3:d3:41:82:72:76:fd:1d:
a1:51:52:99:1a:81:71:6c:fa:06:4a:07:c5:15:f4:
c8:c9:d2:6c:22:3b:f9:78:0d:7f:22:62:d3:89:e2:
22:1e:29:df:ac:41:de:df:7d:e2:d8:07:33:69:70:
7a:27:9c:5e:74:61:ab:1e:b0:a4:96:c3:c8:72:2d:
42:c2:e8:c7:83:19:e1:80:ff:24:63:11:26:7f:90:
0e:db:d9:27:17:d9:86:77:17:6b:0b:43:49:45:07:
22:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:99:33:DD:08:0C:F5:45:DB:9A:47:6E:88:4C:6C:82:4A:BF:9C:D8
X509v3 Authority Key Identifier:
keyid:98:72:77:FC:47:D8:48:FA:56:34:CE:80:31:A1:74:FC:24:9F:A6:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/pJkz3QgM9UXbmkduiExsgkq_nNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.8.0/24
Signature Algorithm: sha256WithRSAEncryption
91:53:30:8c:51:ef:f2:85:60:df:67:9b:59:3a:50:21:75:d0:
5f:82:59:d1:68:56:81:82:e5:38:bf:36:d9:f0:b6:d5:35:7e:
e7:3b:be:9c:79:d6:ec:e4:c0:e0:80:ff:18:16:f0:c7:ba:00:
13:b4:7f:7e:06:82:f6:d5:ba:19:a8:bd:75:44:59:c8:ce:c3:
6b:81:02:ca:c2:93:b4:ef:ae:59:1e:5a:c5:15:35:2d:26:56:
0a:55:56:cf:aa:b4:10:02:3f:28:ab:fa:94:1b:e5:f2:36:ea:
1d:2c:6b:0c:c6:0d:75:55:57:65:d2:24:10:00:37:19:ec:90:
15:f5:d1:ae:d8:2c:a6:c0:16:a6:80:b4:93:36:ff:d5:e5:64:
a9:e6:0f:74:ad:bd:d7:d0:c6:e0:38:c2:a8:5a:f8:d5:c7:f2:
9a:e2:2a:49:56:d9:81:96:f3:9c:9d:f8:2a:c3:e1:dc:51:63:
06:2f:5d:38:8e:2f:e0:92:39:81:bf:5c:ee:c8:e8:5c:fd:56:
bb:b5:50:7d:0e:99:b8:b1:c5:80:0d:39:3a:71:89:f3:31:64:
f7:05:8c:46:29:00:16:9c:df:4c:37:e0:47:19:0a:b1:b9:48:
14:b6:cb:45:20:5e:e5:ac:ce:06:eb:a7:00:27:49:4d:dc:8d:
60:ea:c2:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks9BF4Ea1TbqtCHL2V/gbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NzI3N2ZjNDdkODQ4ZmE1NjM0Y2U4MDMxYTE3NGZjMjQ5
ZmE2NzMwHhcNMjUwMTAyMDE0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDk5MzNkZDA4MGNmNTQ1ZGI5YTQ3NmU4ODRjNmM4MjRhYmY5Y2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZCcIxpJreqfyUl3ojF08FpKj1l4
HH+OSvtEvZYgQle9f8mn3teptO34qq2TJftp/dIsbdevZrdJFTpnCtCALNYQAmO2
9R34rUNDcsoNQfQAsBo+OH4S8/w922+qGP3Ig5XZqKO7rbBUlovx2VCJfybiSaH/
lSg19Wj5ieFl3KBObnsvHCWGtNscFnjHqC7kOdaHa5UhPriNKnifw9NBgnJ2/R2h
UVKZGoFxbPoGSgfFFfTIydJsIjv5eA1/ImLTieIiHinfrEHe333i2AczaXB6J5xe
dGGrHrCklsPIci1CwujHgxnhgP8kYxEmf5AO29knF9mGdxdrC0NJRQciXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSZM90IDPVF25pHbohMbIJKv5zYMB8GA1UdIwQY
MBaAFJhyd/xH2Ej6VjTOgDGhdPwkn6ZzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUhKM19FZllTUHBXTk02QU1hRjBfQ1NmcG5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi83MTA5MzQtMzA0Yi00ZjVmLTk1MGUt
MTJlODI3NmZkYWM0LzEvcEprejNRZ005VVhibWtkdWlFeHNna3Ffbk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi83MTA5MzQtMzA0Yi00ZjVmLTk1MGUtMTJlODI3NmZkYWM0
LzEvbUhKM19FZllTUHBXTk02QU1hRjBfQ1NmcG5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucIIMA0G
CSqGSIb3DQEBCwUAA4IBAQCRUzCMUe/yhWDfZ5tZOlAhddBfglnRaFaBguU4vzbZ
8LbVNX7nO76cedbs5MDggP8YFvDHugATtH9+BoL21boZqL11RFnIzsNrgQLKwpO0
765ZHlrFFTUtJlYKVVbPqrQQAj8oq/qUG+XyNuodLGsMxg11VVdl0iQQADcZ7JAV
9dGu2CymwBamgLSTNv/V5WSp5g90rb3X0MbgOMKoWvjVx/Ka4ipJVtmBlvOcnfgq
w+HcUWMGL104ji/gkjmBv1zuyOhc/Va7tVB9Dpm4scWADTk6cYnzMWT3BYxGKQAW
nN9MN+BHGQqxuUgUtstFIF7lrM4G66cAJ0lN3I1g6sIG
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:45:37 2025 by rpki-client