Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/f9d152-ca00-46c4-936a-e9093fee3fd3/1/jbSq7ZU0XifwPCMbTR_qkz08NkQ.roa
File: jbSq7ZU0XifwPCMbTR_qkz08NkQ.roa (raw, json)
Hash identifier: 87sf63I4dYNHzLGw/WvHB0JqWaKcxljMDyZmXaR7Pq8=
Subject key identifier: 8D:B4:AA:ED:95:34:5E:27:F0:3C:23:1B:4D:1F:EA:93:3D:3C:36:44
Certificate issuer: /CN=54598408d23cef52560f7eaad4e1db0c862062c3
Certificate serial: 018CCA992A4444C00330FB16C179DD679E35
Authority key identifier: 54:59:84:08:D2:3C:EF:52:56:0F:7E:AA:D4:E1:DB:0C:86:20:62:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VFmECNI871JWD36q1OHbDIYgYsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/f9d152-ca00-46c4-936a-e9093fee3fd3/1/jbSq7ZU0XifwPCMbTR_qkz08NkQ.roa
Signing time: Tue 02 Jan 2024 14:34:44 +0000
ROA not before: Tue 02 Jan 2024 14:34:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203990
IP address blocks: 185.117.124.0/22 maxlen: 24
185.117.124.0/24 maxlen: 24
185.117.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:2a:44:44:c0:03:30:fb:16:c1:79:dd:67:9e:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54598408d23cef52560f7eaad4e1db0c862062c3
Validity
Not Before: Jan 2 14:34:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8db4aaed95345e27f03c231b4d1fea933d3c3644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:63:51:06:13:f5:d7:9c:d3:e0:0d:e7:e2:9b:
d7:42:df:21:00:cd:0c:fd:83:36:b4:40:cf:25:5f:
09:7c:08:60:63:7a:90:0b:0b:f7:52:cf:1c:39:42:
ff:c8:da:0f:e0:e2:1a:05:d3:60:a4:11:1d:b0:bc:
68:30:e8:ca:1b:a0:78:9a:d2:b4:d9:76:a8:a9:0d:
78:3c:66:68:e0:0a:23:26:7c:60:5f:d6:55:67:c8:
e9:25:17:97:41:05:4f:35:fe:24:63:c6:11:dd:00:
75:25:be:93:d7:aa:ba:4d:77:7c:9a:91:26:5c:e1:
87:80:b6:e0:04:c8:88:5c:1f:ac:de:3d:32:f6:0d:
2d:8b:67:10:71:e4:59:a5:58:00:95:92:d4:c1:18:
ed:ae:92:6b:03:39:9f:78:6f:76:5a:c3:f3:87:b4:
c7:52:d9:07:4a:08:91:c0:4b:46:5f:5b:f5:97:d4:
a0:80:3d:f9:54:21:8d:1c:49:75:0d:56:67:cb:5a:
03:ae:12:3a:7e:ea:f5:45:59:5d:85:9d:a6:33:67:
65:a7:3f:65:b0:a5:26:73:12:80:7b:f4:a9:00:0e:
dc:24:ed:f3:5e:9f:20:bd:0d:eb:74:65:0c:3b:11:
c2:8e:76:5b:0e:5c:c7:8a:e0:3b:37:c4:c8:0e:44:
46:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B4:AA:ED:95:34:5E:27:F0:3C:23:1B:4D:1F:EA:93:3D:3C:36:44
X509v3 Authority Key Identifier:
keyid:54:59:84:08:D2:3C:EF:52:56:0F:7E:AA:D4:E1:DB:0C:86:20:62:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VFmECNI871JWD36q1OHbDIYgYsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f9d152-ca00-46c4-936a-e9093fee3fd3/1/jbSq7ZU0XifwPCMbTR_qkz08NkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f9d152-ca00-46c4-936a-e9093fee3fd3/1/VFmECNI871JWD36q1OHbDIYgYsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.124.0/22
Signature Algorithm: sha256WithRSAEncryption
38:f9:f7:99:43:82:b2:ee:3d:e1:4a:7e:d5:e2:c2:2c:49:7a:
65:e9:76:9f:81:67:da:82:9e:86:c7:96:25:53:7d:c4:a1:8a:
a6:39:71:9b:3f:34:21:3b:3b:f1:11:db:c4:7b:1a:c1:5c:df:
b5:bc:85:bb:ab:c7:ad:47:1d:49:81:7a:2b:0a:74:60:ff:94:
3f:be:0a:68:9b:43:59:ee:ee:74:fd:35:3d:7f:8f:88:5f:73:
7a:b8:20:08:79:2c:dd:61:88:ce:28:85:96:6a:23:75:6a:4d:
5f:03:8b:06:3b:ca:cc:68:f6:be:1f:ce:1a:82:98:50:7f:39:
09:95:67:63:a6:c1:f9:58:7a:71:5d:70:f4:e2:66:5d:52:00:
57:60:d8:b4:19:03:84:bc:de:cb:38:c8:2c:72:f2:38:31:3d:
6a:25:5d:bd:bc:be:b1:6d:c5:3f:19:2c:83:34:21:2d:9a:71:
e8:c1:69:c7:da:03:30:68:08:d7:b8:90:dc:f9:4a:4c:a0:9c:
07:98:82:f6:97:f6:eb:4f:3b:b6:5d:88:ae:6b:0e:ca:79:ac:
bb:ff:c4:69:96:5d:34:76:4e:2a:b2:f1:4b:42:ec:fb:db:7c:
9f:24:56:f9:91:93:6c:e9:a5:ed:12:d5:2f:80:5c:41:a7:50:
29:fa:fd:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmSpERMADMPsWwXndZ541MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NTk4NDA4ZDIzY2VmNTI1NjBmN2VhYWQ0ZTFkYjBjODYy
MDYyYzMwHhcNMjQwMTAyMTQzNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGI0YWFlZDk1MzQ1ZTI3ZjAzYzIzMWI0ZDFmZWE5MzNkM2MzNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmNRBhP115zT4A3n4pvXQt8hAM0M
/YM2tEDPJV8JfAhgY3qQCwv3Us8cOUL/yNoP4OIaBdNgpBEdsLxoMOjKG6B4mtK0
2XaoqQ14PGZo4AojJnxgX9ZVZ8jpJReXQQVPNf4kY8YR3QB1Jb6T16q6TXd8mpEm
XOGHgLbgBMiIXB+s3j0y9g0ti2cQceRZpVgAlZLUwRjtrpJrAzmfeG92WsPzh7TH
UtkHSgiRwEtGX1v1l9SggD35VCGNHEl1DVZny1oDrhI6fur1RVldhZ2mM2dlpz9l
sKUmcxKAe/SpAA7cJO3zXp8gvQ3rdGUMOxHCjnZbDlzHiuA7N8TIDkRGZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI20qu2VNF4n8DwjG00f6pM9PDZEMB8GA1UdIwQY
MBaAFFRZhAjSPO9SVg9+qtTh2wyGIGLDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkZtRUNOSTg3MUpXRDM2cTFPSGJESVlnWXNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9mOWQxNTItY2EwMC00NmM0LTkzNmEt
ZTkwOTNmZWUzZmQzLzEvamJTcTdaVTBYaWZ3UENNYlRSX3FrejA4TmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9mOWQxNTItY2EwMC00NmM0LTkzNmEtZTkwOTNmZWUzZmQz
LzEvVkZtRUNOSTg3MUpXRDM2cTFPSGJESVlnWXNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXV8MA0G
CSqGSIb3DQEBCwUAA4IBAQA4+feZQ4Ky7j3hSn7V4sIsSXpl6XafgWfagp6Gx5Yl
U33EoYqmOXGbPzQhOzvxEdvEexrBXN+1vIW7q8etRx1JgXorCnRg/5Q/vgpom0NZ
7u50/TU9f4+IX3N6uCAIeSzdYYjOKIWWaiN1ak1fA4sGO8rMaPa+H84agphQfzkJ
lWdjpsH5WHpxXXD04mZdUgBXYNi0GQOEvN7LOMgscvI4MT1qJV29vL6xbcU/GSyD
NCEtmnHowWnH2gMwaAjXuJDc+UpMoJwHmIL2l/brTzu2XYiuaw7Keay7/8Rpll00
dk4qsvFLQuz723yfJFb5kZNs6aXtEtUvgFxBp1Ap+v02
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:55:15 2025 by rpki-client