Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JkwkrN1HF8wFCO-Cqe8oJJMe9VY.roa
File: JkwkrN1HF8wFCO-Cqe8oJJMe9VY.roa (raw, json)
Hash identifier: hoGE0QLEDMinnYjFeiCyfMRkT/McLmB4GAT1wvZjC7o=
Subject key identifier: 26:4C:24:AC:DD:47:17:CC:05:08:EF:82:A9:EF:28:24:93:1E:F5:56
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01963325D65B531ADCC54626D5D4F86071C7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JkwkrN1HF8wFCO-Cqe8oJJMe9VY.roa
Signing time: Mon 14 Apr 2025 07:13:59 +0000
ROA not before: Mon 14 Apr 2025 07:13:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203758
IP address blocks: 82.153.70.0/24 maxlen: 24
89.213.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Apr 2025 13:59:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:25:d6:5b:53:1a:dc:c5:46:26:d5:d4:f8:60:71:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 14 07:13:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=264c24acdd4717cc0508ef82a9ef2824931ef556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:27:67:8d:02:0f:c9:64:46:76:17:7c:13:ce:
58:ce:96:08:6c:ed:f1:cd:a5:fb:3a:f0:19:58:d2:
4b:28:b4:fe:c4:ff:00:74:02:87:39:2a:2a:3e:0a:
69:c9:9d:52:ef:84:dc:91:ae:ad:a3:c3:44:42:64:
64:7d:62:16:f4:c7:72:e4:93:3c:81:4f:0c:f6:48:
a3:96:84:21:3a:12:ee:c6:c3:3b:33:2b:65:6c:6b:
2a:4c:c6:f3:cc:90:f8:40:1e:0f:2c:d5:72:0b:bb:
82:e7:eb:3b:50:fc:28:0c:a8:b7:5c:e7:b5:2a:5c:
d9:18:f0:b2:57:c4:f4:ae:80:45:36:e0:4b:c9:40:
0d:15:3d:dd:c0:b6:c3:a1:6b:89:bb:c0:22:4f:90:
05:8b:21:e7:ad:65:8c:27:20:1f:d5:7b:a3:f7:96:
71:cc:96:51:cb:04:57:e7:4d:f0:e8:ab:c0:b7:6f:
de:4a:35:ff:d2:f1:54:0e:34:72:05:12:5a:a9:d6:
93:fa:06:72:3d:13:68:95:5f:da:ad:98:03:2b:b0:
78:79:c9:89:1e:3f:4a:eb:11:5f:15:1f:05:77:51:
c3:64:80:60:8b:fe:69:a6:07:93:b0:e4:85:33:57:
ab:44:15:a5:74:a6:3c:dc:07:03:6c:cb:62:3c:00:
5b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:4C:24:AC:DD:47:17:CC:05:08:EF:82:A9:EF:28:24:93:1E:F5:56
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JkwkrN1HF8wFCO-Cqe8oJJMe9VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.70.0/24
89.213.196.0/24
Signature Algorithm: sha256WithRSAEncryption
60:93:f5:49:7e:4f:d1:22:2f:23:29:ec:38:89:fe:67:59:bf:
22:82:18:bd:06:4b:c5:5a:c6:ae:79:5d:df:4c:68:19:64:cc:
60:5b:bc:21:b6:88:0d:3a:62:02:fc:8f:75:3e:2f:a2:21:4b:
8e:16:4d:12:53:d7:ce:67:13:0f:2e:46:1c:49:c9:b2:0e:60:
81:66:30:a8:56:19:30:ac:74:76:d8:1f:f3:07:79:35:51:8a:
c9:4c:93:74:d5:65:bb:f2:cc:0e:9b:91:03:6e:86:8a:7e:e3:
9e:35:fa:0f:f5:14:da:49:2f:c4:f3:3a:0e:f2:66:a0:83:85:
fa:3c:ec:fc:8e:5e:19:bf:07:41:5c:43:2d:3c:2a:41:02:b5:
a7:09:de:b9:66:29:26:cb:d2:9f:73:8d:0e:e6:40:f9:ae:da:
29:3f:30:d2:9b:27:75:6f:9c:de:fa:ee:25:4a:d9:83:5f:c8:
1d:e2:51:e8:50:0e:50:13:d8:fc:d4:01:32:70:16:f7:95:b2:
8b:c2:f4:b9:c0:c8:bc:85:fc:15:49:5a:cd:4b:40:9d:e8:b3:
ba:8d:d9:f9:cc:92:17:e3:73:74:2e:42:0c:b1:77:02:27:2a:
e3:c9:86:b3:8a:a5:1e:3c:3e:9a:7f:55:1f:33:af:dd:f6:b4:
a7:e8:ae:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYzJdZbUxrcxUYm1dT4YHHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDE0MDcxMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjRjMjRhY2RkNDcxN2NjMDUwOGVmODJhOWVmMjgyNDkzMWVmNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCdnjQIPyWRGdhd8E85YzpYIbO3x
zaX7OvAZWNJLKLT+xP8AdAKHOSoqPgppyZ1S74Tcka6to8NEQmRkfWIW9Mdy5JM8
gU8M9kijloQhOhLuxsM7MytlbGsqTMbzzJD4QB4PLNVyC7uC5+s7UPwoDKi3XOe1
KlzZGPCyV8T0roBFNuBLyUANFT3dwLbDoWuJu8AiT5AFiyHnrWWMJyAf1Xuj95Zx
zJZRywRX503w6KvAt2/eSjX/0vFUDjRyBRJaqdaT+gZyPRNolV/arZgDK7B4ecmJ
Hj9K6xFfFR8Fd1HDZIBgi/5ppgeTsOSFM1erRBWldKY83AcDbMtiPABb+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCZMJKzdRxfMBQjvgqnvKCSTHvVWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSmt3a3JOMUhGOHdGQ08tQ3FlOG9KSk1lOVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUplGAwQA
WdXEMA0GCSqGSIb3DQEBCwUAA4IBAQBgk/VJfk/RIi8jKew4if5nWb8ighi9BkvF
WsaueV3fTGgZZMxgW7whtogNOmIC/I91Pi+iIUuOFk0SU9fOZxMPLkYcScmyDmCB
ZjCoVhkwrHR22B/zB3k1UYrJTJN01WW78swOm5EDboaKfuOeNfoP9RTaSS/E8zoO
8magg4X6POz8jl4ZvwdBXEMtPCpBArWnCd65Zikmy9Kfc40O5kD5rtopPzDSmyd1
b5ze+u4lStmDX8gd4lHoUA5QE9j81AEycBb3lbKLwvS5wMi8hfwVSVrNS0Cd6LO6
jdn5zJIX43N0LkIMsXcCJyrjyYaziqUePD6af1UfM6/d9rSn6K5I
-----END CERTIFICATE-----
Generated at Thu May 1 18:48:48 2025 by rpki-client