Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/21195c-566a-4ff0-9496-508081499be7/1/JbowDeIbwcLqXJgidoLUkVI0nmo.roa
File: JbowDeIbwcLqXJgidoLUkVI0nmo.roa (raw, json)
Hash identifier: uuqXAMuSiXDMlnff+Q3rF6yWoTiad1x5Rkcjs0geNeo=
Subject key identifier: 25:BA:30:0D:E2:1B:C1:C2:EA:5C:98:22:76:82:D4:91:52:34:9E:6A
Certificate issuer: /CN=5ad62d64b020e6c0114842f276265e3c07d3ea5c
Certificate serial: 01945004AE0FB7447EF440C74DD11129AAB3
Authority key identifier: 5A:D6:2D:64:B0:20:E6:C0:11:48:42:F2:76:26:5E:3C:07:D3:EA:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WtYtZLAg5sARSELydiZePAfT6lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/21195c-566a-4ff0-9496-508081499be7/1/JbowDeIbwcLqXJgidoLUkVI0nmo.roa
Signing time: Fri 10 Jan 2025 11:41:11 +0000
ROA not before: Fri 10 Jan 2025 11:41:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62182
IP address blocks: 185.253.188.0/24 maxlen: 24
185.253.189.0/24 maxlen: 24
185.253.190.0/24 maxlen: 24
185.253.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 13:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:50:04:ae:0f:b7:44:7e:f4:40:c7:4d:d1:11:29:aa:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad62d64b020e6c0114842f276265e3c07d3ea5c
Validity
Not Before: Jan 10 11:41:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25ba300de21bc1c2ea5c98227682d49152349e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a6:69:bd:9d:e2:41:ec:89:55:a7:24:48:ed:
df:bf:f2:a2:51:62:0c:af:9b:f1:45:d9:d2:ef:9f:
ec:c9:6d:ae:bb:6b:e3:c7:a6:39:85:15:44:3c:b9:
9d:94:eb:57:01:ff:5e:75:bb:58:0e:91:af:53:89:
4c:0c:52:f8:53:1a:a2:ec:30:41:58:83:05:e7:93:
11:0a:c2:86:d5:20:02:b4:d4:cd:84:6d:d2:f7:92:
f2:22:11:49:21:20:d7:51:68:b7:b8:c7:cd:e5:36:
2f:c6:2e:28:a1:7a:25:cc:25:52:8e:84:9f:2e:c9:
4e:6d:d8:97:19:53:15:9a:13:f0:d6:91:43:e7:5e:
ee:3a:7c:19:37:20:80:9e:48:83:a9:c8:e3:f3:5c:
d0:86:49:f5:d2:0a:dd:2b:e8:4d:12:36:d5:17:36:
24:e3:f2:45:9b:10:b8:2a:aa:59:72:96:ab:4f:86:
5f:e6:5f:8c:80:9e:2a:6d:88:96:6b:79:36:fc:1c:
23:29:78:3b:e2:d4:75:6d:83:2f:01:f6:21:07:c8:
0a:8d:83:75:97:90:fb:07:e2:97:e2:5d:be:79:be:
87:42:dc:e5:a6:07:88:5c:3a:6e:5d:19:de:2f:66:
63:b7:31:67:4f:f0:d6:f5:24:56:e0:17:0e:0f:35:
ce:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BA:30:0D:E2:1B:C1:C2:EA:5C:98:22:76:82:D4:91:52:34:9E:6A
X509v3 Authority Key Identifier:
keyid:5A:D6:2D:64:B0:20:E6:C0:11:48:42:F2:76:26:5E:3C:07:D3:EA:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WtYtZLAg5sARSELydiZePAfT6lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/21195c-566a-4ff0-9496-508081499be7/1/JbowDeIbwcLqXJgidoLUkVI0nmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/21195c-566a-4ff0-9496-508081499be7/1/WtYtZLAg5sARSELydiZePAfT6lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.188.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:34:9e:e1:a0:19:8b:42:5f:e2:ff:9f:71:d8:9b:35:65:dc:
e6:03:c6:c8:c9:07:d8:84:66:3d:e6:d5:f0:39:f9:f0:8c:cc:
a1:76:be:c1:af:03:41:92:03:c4:48:f2:f3:35:b8:cf:d8:96:
fb:8c:ea:a8:db:b5:65:3e:59:13:f0:cb:37:c3:62:60:c7:fb:
fa:f9:ec:77:e1:32:df:4c:10:e6:fc:58:14:51:3f:9e:a4:b4:
55:a9:c6:29:fe:cd:d0:e9:25:d5:7e:86:dc:5d:be:db:ab:36:
d5:da:6a:b2:43:62:9d:64:e4:f0:a7:f2:d7:15:0c:12:2b:26:
35:04:7d:fd:fd:4d:52:75:0c:04:ea:50:27:a5:b5:40:af:73:
16:6e:e7:69:9f:bd:1e:69:1f:2e:23:e5:f3:32:86:fe:ef:e9:
10:c7:51:9d:c8:e6:0a:5f:8c:6d:8c:72:db:03:89:6e:ca:72:
7d:67:a1:a6:09:1a:59:6d:10:23:5c:ed:f5:30:bd:0e:13:5d:
df:bf:76:86:9c:c4:1b:69:f8:fd:46:38:14:61:fc:14:6a:8f:
d0:d2:68:41:30:b6:3b:15:ba:0b:c0:39:fd:7e:9c:a0:2a:3c:
cb:69:66:78:c2:a9:28:c5:3a:8b:25:a4:9e:15:b2:24:c8:8c:
95:f7:57:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRQBK4Pt0R+9EDHTdERKaqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDYyZDY0YjAyMGU2YzAxMTQ4NDJmMjc2MjY1ZTNjMDdk
M2VhNWMwHhcNMjUwMTEwMTE0MTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWJhMzAwZGUyMWJjMWMyZWE1Yzk4MjI3NjgyZDQ5MTUyMzQ5ZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaZpvZ3iQeyJVackSO3fv/KiUWIM
r5vxRdnS75/syW2uu2vjx6Y5hRVEPLmdlOtXAf9edbtYDpGvU4lMDFL4Uxqi7DBB
WIMF55MRCsKG1SACtNTNhG3S95LyIhFJISDXUWi3uMfN5TYvxi4ooXolzCVSjoSf
LslObdiXGVMVmhPw1pFD517uOnwZNyCAnkiDqcjj81zQhkn10grdK+hNEjbVFzYk
4/JFmxC4KqpZcparT4Zf5l+MgJ4qbYiWa3k2/BwjKXg74tR1bYMvAfYhB8gKjYN1
l5D7B+KX4l2+eb6HQtzlpgeIXDpuXRneL2ZjtzFnT/DW9SRW4BcODzXOpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCW6MA3iG8HC6lyYInaC1JFSNJ5qMB8GA1UdIwQY
MBaAFFrWLWSwIObAEUhC8nYmXjwH0+pcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RZdFpMQWc1c0FSU0VMeWRpWmVQQWZUNmx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yMTE5NWMtNTY2YS00ZmYwLTk0OTYt
NTA4MDgxNDk5YmU3LzEvSmJvd0RlSWJ3Y0xxWEpnaWRvTFVrVkkwbm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yMTE5NWMtNTY2YS00ZmYwLTk0OTYtNTA4MDgxNDk5YmU3
LzEvV3RZdFpMQWc1c0FSU0VMeWRpWmVQQWZUNmx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf28MA0G
CSqGSIb3DQEBCwUAA4IBAQCgNJ7hoBmLQl/i/59x2Js1ZdzmA8bIyQfYhGY95tXw
OfnwjMyhdr7BrwNBkgPESPLzNbjP2Jb7jOqo27VlPlkT8Ms3w2Jgx/v6+ex34TLf
TBDm/FgUUT+epLRVqcYp/s3Q6SXVfobcXb7bqzbV2mqyQ2KdZOTwp/LXFQwSKyY1
BH39/U1SdQwE6lAnpbVAr3MWbudpn70eaR8uI+XzMob+7+kQx1GdyOYKX4xtjHLb
A4luynJ9Z6GmCRpZbRAjXO31ML0OE13fv3aGnMQbafj9RjgUYfwUao/Q0mhBMLY7
FboLwDn9fpygKjzLaWZ4wqkoxTqLJaSeFbIkyIyV91c/
-----END CERTIFICATE-----
Generated at Fri May 2 17:52:04 2025 by rpki-client