Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fc2044-61cf-44ba-abae-c2b0df7f43bd/1/jk_wLR7knhADhLCwa8ljovPzn4w.roa
File: jk_wLR7knhADhLCwa8ljovPzn4w.roa (raw, json)
Hash identifier: a6orZOgiVvn/317JngMPkHQJGM6onBjbJe4Ce4qZW28=
Subject key identifier: 8E:4F:F0:2D:1E:E4:9E:10:03:84:B0:B0:6B:C9:63:A2:F3:F3:9F:8C
Certificate issuer: /CN=c82c8001a17642b69562c63ac58920da360f154f
Certificate serial: 018CCA2AA6E8B9CA15B5B6ABCB15A1FFCB19
Authority key identifier: C8:2C:80:01:A1:76:42:B6:95:62:C6:3A:C5:89:20:DA:36:0F:15:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yCyAAaF2QraVYsY6xYkg2jYPFU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fc2044-61cf-44ba-abae-c2b0df7f43bd/1/jk_wLR7knhADhLCwa8ljovPzn4w.roa
Signing time: Tue 02 Jan 2024 12:34:01 +0000
ROA not before: Tue 02 Jan 2024 12:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49941
IP address blocks: 193.104.52.0/24 maxlen: 24
185.98.249.0/24 maxlen: 24
185.98.248.0/24 maxlen: 24
185.98.251.0/24 maxlen: 24
185.98.250.0/24 maxlen: 24
194.107.127.0/24 maxlen: 24
2a06:cdc0:2006::/48 maxlen: 48
2a06:cdc0:2009::/48 maxlen: 48
2a06:cdc0:2007::/48 maxlen: 48
2a06:cdc0:2008::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a6:e8:b9:ca:15:b5:b6:ab:cb:15:a1:ff:cb:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c82c8001a17642b69562c63ac58920da360f154f
Validity
Not Before: Jan 2 12:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e4ff02d1ee49e100384b0b06bc963a2f3f39f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:64:1d:dc:47:f0:c3:01:4c:91:8c:14:ce:3d:
7e:10:be:ea:6c:7d:fc:a7:3e:97:04:2f:63:4e:41:
a6:90:d1:9d:bf:3a:a6:eb:41:37:c1:8f:b8:69:e6:
e5:d6:91:b3:f0:24:9a:08:75:3d:13:c8:34:20:4f:
b6:22:4d:08:f6:f7:3e:a2:7b:3a:ea:06:47:37:54:
d7:98:19:57:bb:42:5d:0f:02:1c:43:44:35:ec:ec:
3d:52:d2:b7:72:eb:97:f8:63:e6:e3:c5:ca:ea:d1:
b2:57:0a:c2:26:fd:e2:21:aa:e2:1f:df:a2:e6:eb:
65:75:0f:0b:6a:6a:da:d0:30:17:5d:2d:67:77:45:
f5:7d:1e:ac:16:85:ba:91:0f:f8:b2:51:21:1b:3d:
f0:96:c8:a6:c1:d0:c7:f9:4a:a8:ef:d1:f7:b2:43:
c3:9d:7f:ed:b0:15:94:b9:4a:4d:6f:2b:7b:3a:01:
6e:0a:53:a9:7a:e0:c5:d8:dd:fc:d9:63:fa:57:6c:
d5:29:29:7e:6a:bc:0e:4c:4c:f9:e1:f1:79:db:1f:
c1:5e:9b:a3:c2:18:1e:de:94:a8:78:f1:af:8a:05:
2e:c7:9c:d2:59:4f:7a:9f:2b:b4:3d:be:af:fe:33:
96:cd:c6:14:8c:be:b1:1c:54:8e:1d:28:da:0d:65:
60:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4F:F0:2D:1E:E4:9E:10:03:84:B0:B0:6B:C9:63:A2:F3:F3:9F:8C
X509v3 Authority Key Identifier:
keyid:C8:2C:80:01:A1:76:42:B6:95:62:C6:3A:C5:89:20:DA:36:0F:15:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yCyAAaF2QraVYsY6xYkg2jYPFU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fc2044-61cf-44ba-abae-c2b0df7f43bd/1/jk_wLR7knhADhLCwa8ljovPzn4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fc2044-61cf-44ba-abae-c2b0df7f43bd/1/yCyAAaF2QraVYsY6xYkg2jYPFU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.248.0/22
193.104.52.0/24
194.107.127.0/24
IPv6:
2a06:cdc0:2006::-2a06:cdc0:2009:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6a:4f:dc:ad:a3:e7:99:4b:11:71:79:5f:96:29:7e:70:cc:8d:
20:d8:da:a7:09:2a:5b:3b:65:27:33:42:8b:61:58:db:05:fd:
0d:95:cc:cc:36:f4:5a:30:22:29:75:ee:33:53:a6:79:dd:0b:
74:b7:bb:58:26:8f:93:e1:4e:4b:d8:06:05:09:87:8e:42:11:
ea:10:eb:07:14:b6:84:fe:3f:ff:d9:4c:74:03:f8:a5:a1:c5:
64:a2:d9:8e:04:92:c0:01:11:dd:2a:19:dd:10:fd:20:45:7d:
c3:74:33:dd:a1:0b:c4:6b:18:b7:97:04:e7:f2:da:da:e2:ac:
ac:ae:1b:3c:93:4a:e6:07:e6:e7:a3:0d:29:0f:27:d6:35:16:
f9:ec:7e:82:bc:33:46:06:67:13:96:2c:32:70:ad:11:74:58:
8f:45:0b:da:67:cd:f9:5f:14:55:a7:b5:3e:17:17:7c:51:ed:
01:82:30:39:55:83:06:27:b9:62:1a:04:e5:e3:88:21:b6:8e:
f5:d0:e0:4a:84:52:00:b4:48:df:e5:71:11:13:7e:7e:0b:fa:
ad:78:7a:46:03:53:ee:be:47:92:f4:1a:29:be:23:9c:a5:eb:
8b:6a:68:d7:a5:a4:fa:b6:9b:6e:d3:1f:ac:6e:5d:54:49:5b:
9a:e2:e2:4d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzKKqboucoVtbaryxWh/8sZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MmM4MDAxYTE3NjQyYjY5NTYyYzYzYWM1ODkyMGRhMzYw
ZjE1NGYwHhcNMjQwMTAyMTIzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTRmZjAyZDFlZTQ5ZTEwMDM4NGIwYjA2YmM5NjNhMmYzZjM5ZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWQd3EfwwwFMkYwUzj1+EL7qbH38
pz6XBC9jTkGmkNGdvzqm60E3wY+4aebl1pGz8CSaCHU9E8g0IE+2Ik0I9vc+ons6
6gZHN1TXmBlXu0JdDwIcQ0Q17Ow9UtK3cuuX+GPm48XK6tGyVwrCJv3iIariH9+i
5utldQ8Lamra0DAXXS1nd0X1fR6sFoW6kQ/4slEhGz3wlsimwdDH+Uqo79H3skPD
nX/tsBWUuUpNbyt7OgFuClOpeuDF2N382WP6V2zVKSl+arwOTEz54fF52x/BXpuj
whge3pSoePGvigUux5zSWU96nyu0Pb6v/jOWzcYUjL6xHFSOHSjaDWVg/wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFI5P8C0e5J4QA4SwsGvJY6Lz85+MMB8GA1UdIwQY
MBaAFMgsgAGhdkK2lWLGOsWJINo2DxVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUN5QUFhRjJRcmFWWXNZNnhZa2cyallQRlU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mYzIwNDQtNjFjZi00NGJhLWFiYWUt
YzJiMGRmN2Y0M2JkLzEvamtfd0xSN2tuaEFEaExDd2E4bGpvdlB6bjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mYzIwNDQtNjFjZi00NGJhLWFiYWUtYzJiMGRmN2Y0M2Jk
LzEveUN5QUFhRjJRcmFWWXNZNnhZa2cyallQRlU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAYBAIAATASAwQCuWL4AwQA
wWg0AwQAwmt/MBoEAgACMBQwEgMHASoGzcAgBgMHASoGzcAgCDANBgkqhkiG9w0B
AQsFAAOCAQEAak/craPnmUsRcXlflil+cMyNINjapwkqWztlJzNCi2FY2wX9DZXM
zDb0WjAiKXXuM1Omed0LdLe7WCaPk+FOS9gGBQmHjkIR6hDrBxS2hP4//9lMdAP4
paHFZKLZjgSSwAER3SoZ3RD9IEV9w3Qz3aELxGsYt5cE5/La2uKsrK4bPJNK5gfm
56MNKQ8n1jUW+ex+grwzRgZnE5YsMnCtEXRYj0UL2mfN+V8UVae1PhcXfFHtAYIw
OVWDBie5YhoE5eOIIbaO9dDgSoRSALRI3+VxERN+fgv6rXh6RgNT7r5HkvQaKb4j
nKXri2po16Wk+rabbtMfrG5dVElbmuLiTQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:05:13 2025 by rpki-client