Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jH3_QU9R2bGHxfJR2icLBRzZZbo.roa
File: jH3_QU9R2bGHxfJR2icLBRzZZbo.roa (raw, json)
Hash identifier: Ezguwt255QlMraKIBe1zdTV2QTRcTTU5QNJM2/vt3aI=
Subject key identifier: 8C:7D:FF:41:4F:51:D9:B1:87:C5:F2:51:DA:27:0B:05:1C:D9:65:BA
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AEFB1E45692A13F6D3F30F3505D080
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jH3_QU9R2bGHxfJR2icLBRzZZbo.roa
Signing time: Tue 26 Nov 2024 13:35:18 +0000
ROA not before: Tue 26 Nov 2024 13:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396578
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ae:fb:1e:45:69:2a:13:f6:d3:f3:0f:35:05:d0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c7dff414f51d9b187c5f251da270b051cd965ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:17:bb:30:5d:b4:59:17:df:17:e8:95:b0:c1:
32:76:b4:dd:84:c8:dc:0e:69:21:46:07:bf:b5:b6:
d5:6d:9f:a9:f1:fa:7f:3c:d6:e5:0d:70:45:04:54:
97:6e:5f:18:68:01:98:32:d1:a4:b3:a4:0b:29:3f:
41:79:1d:09:14:62:43:3f:9a:de:32:fc:e9:4b:57:
9e:ac:28:e5:ff:ef:6c:c9:f3:d1:d4:da:e9:3c:bd:
da:34:a2:7c:50:97:de:30:7f:90:1b:3b:b2:44:48:
84:1c:46:d5:f7:06:51:28:dd:96:8c:67:b2:82:d9:
cc:47:35:f6:e3:15:9d:88:1f:3d:99:86:e2:5c:19:
94:57:a8:72:d6:5b:53:81:1b:55:65:68:3f:07:b1:
f2:96:4b:f4:18:46:70:6b:73:14:6c:60:f3:17:b6:
9e:d4:a6:5d:ab:30:97:4c:d6:66:45:6c:5b:fa:a0:
28:97:19:68:64:f3:ad:31:53:e7:b2:be:2d:93:0f:
09:44:92:bf:a8:10:20:e4:4c:99:06:03:0a:9d:c0:
bc:ce:c0:72:81:0e:dd:55:94:43:3b:dd:3c:9c:59:
a0:49:ac:1b:39:80:95:6e:fd:da:26:0b:4c:e8:83:
67:f8:3c:cd:a9:59:b5:02:a0:1a:58:17:4f:f5:f8:
e6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:7D:FF:41:4F:51:D9:B1:87:C5:F2:51:DA:27:0B:05:1C:D9:65:BA
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jH3_QU9R2bGHxfJR2icLBRzZZbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
7b:cf:b9:34:d7:0b:f7:da:8c:fe:a5:f0:e7:c9:72:fc:f2:41:
d5:f6:a7:78:d6:82:19:f8:12:5c:e8:fe:bc:dd:59:db:97:52:
ab:04:90:92:01:ad:33:2a:56:f4:e9:0e:6d:5b:e8:39:6a:66:
62:ce:59:1d:24:51:e8:26:17:1a:b4:63:39:93:01:7a:92:f8:
bb:4b:8f:e3:c3:39:5e:19:c1:67:0d:db:a5:54:ef:21:d2:9b:
81:1f:b5:ff:e5:17:d9:4f:0f:76:2a:12:ae:95:46:14:43:16:
08:60:94:f6:97:c0:f5:eb:2a:2c:71:58:24:3a:1a:10:8e:84:
68:50:49:4a:1d:20:9f:32:54:a4:08:b8:94:9c:7b:23:11:fd:
54:77:9a:bf:cd:de:5e:40:80:28:5e:a9:d8:25:e3:3f:f9:1c:
4c:ff:ed:90:4e:8e:7d:f9:ff:3c:3c:da:c5:b5:56:13:22:9c:
b8:20:14:fb:ab:59:f4:34:e2:cd:29:78:49:fc:71:13:0a:c1:
d6:39:30:e3:de:4d:1c:26:13:29:49:74:cf:46:f1:62:ae:67:
a3:cc:70:b0:eb:ab:42:55:24:24:6e:51:a3:75:f4:78:ae:18:
2f:07:5b:86:bc:9a:68:01:04:fc:23:be:54:7a:8a:05:01:5d:
1b:e3:11:07
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNorvseRWkqE/bT8w81BdCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzdkZmY0MTRmNTFkOWIxODdjNWYyNTFkYTI3MGIwNTFjZDk2NWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRe7MF20WRffF+iVsMEydrTdhMjc
DmkhRge/tbbVbZ+p8fp/PNblDXBFBFSXbl8YaAGYMtGks6QLKT9BeR0JFGJDP5re
MvzpS1eerCjl/+9syfPR1NrpPL3aNKJ8UJfeMH+QGzuyREiEHEbV9wZRKN2WjGey
gtnMRzX24xWdiB89mYbiXBmUV6hy1ltTgRtVZWg/B7Hylkv0GEZwa3MUbGDzF7ae
1KZdqzCXTNZmRWxb+qAolxloZPOtMVPnsr4tkw8JRJK/qBAg5EyZBgMKncC8zsBy
gQ7dVZRDO908nFmgSawbOYCVbv3aJgtM6INn+DzNqVm1AqAaWBdP9fjmCwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIx9/0FPUdmxh8XyUdonCwUc2WW6MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvakgzX1FVOVIyYkdIeGZKUjJpY0xCUnpaWmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAHvPuTTXC/fajP6l8OfJcvzyQdX2p3jW
ghn4Elzo/rzdWduXUqsEkJIBrTMqVvTpDm1b6DlqZmLOWR0kUegmFxq0YzmTAXqS
+LtLj+PDOV4ZwWcN26VU7yHSm4Eftf/lF9lPD3YqEq6VRhRDFghglPaXwPXrKixx
WCQ6GhCOhGhQSUodIJ8yVKQIuJSceyMR/VR3mr/N3l5AgCheqdgl4z/5HEz/7ZBO
jn35/zw82sW1VhMinLggFPurWfQ04s0peEn8cRMKwdY5MOPeTRwmEylJdM9G8WKu
Z6PMcLDrq0JVJCRuUaN19HiuGC8HW4a8mmgBBPwjvlR6igUBXRvjEQc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:12 2025 by rpki-client