Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/jXJasgpCpT59POfyQn9jahmZWi0.roa
File: jXJasgpCpT59POfyQn9jahmZWi0.roa (raw, json)
Hash identifier: 8Re232D6aqqw0jWYujba8OOKY20pT/U+Iap4hbWXwi8=
Subject key identifier: 8D:72:5A:B2:0A:42:A5:3E:7D:3C:E7:F2:42:7F:63:6A:19:99:5A:2D
Certificate issuer: /CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Certificate serial: 01961DF14046B82AEED4A200A37BD48653EF
Authority key identifier: 77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/jXJasgpCpT59POfyQn9jahmZWi0.roa
Signing time: Thu 10 Apr 2025 04:24:31 +0000
ROA not before: Thu 10 Apr 2025 04:24:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208981
IP address blocks: 45.12.124.0/24 maxlen: 24
45.12.125.0/24 maxlen: 24
45.12.126.0/24 maxlen: 24
45.12.127.0/24 maxlen: 24
91.213.144.0/24 maxlen: 24
91.232.93.0/24 maxlen: 24
91.243.190.0/24 maxlen: 24
91.243.191.0/24 maxlen: 24
2a0e:a900::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 11 Apr 2025 11:11:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1d:f1:40:46:b8:2a:ee:d4:a2:00:a3:7b:d4:86:53:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Validity
Not Before: Apr 10 04:24:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d725ab20a42a53e7d3ce7f2427f636a19995a2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:34:aa:2f:38:00:dd:33:87:ce:03:ba:01:57:
2d:35:51:aa:cf:06:82:84:5b:63:dc:9b:cd:a5:ca:
a6:59:6c:f8:c1:de:ee:3e:cc:23:a6:4f:ce:cd:f1:
23:fa:92:e0:99:44:ce:13:fa:cd:85:ec:e1:1c:63:
87:e6:d0:e5:17:fa:34:b4:6f:5d:00:67:5c:5a:54:
6a:1f:5c:30:a5:dc:a2:13:c2:b3:5a:b9:e4:ce:8f:
d5:6a:ea:1e:af:7e:ff:ff:14:b6:ff:b6:37:42:35:
8d:24:d8:ef:e2:9d:b2:1e:8b:f5:0f:6f:44:c4:8e:
97:f9:3b:5e:23:70:3f:aa:ec:f5:f3:2b:9e:08:c6:
51:e3:fc:04:10:70:ab:fe:af:4c:bd:d7:88:8d:34:
bc:a2:fa:ba:36:d5:d3:68:94:0e:35:5c:c8:c8:52:
f4:df:d7:6e:5b:8b:4a:33:07:88:ec:fc:d6:54:7a:
77:b2:06:2f:c3:e0:32:ad:4d:26:ea:5c:a0:99:91:
2d:0f:df:c6:91:42:ef:2c:c3:52:37:b6:f5:fb:3c:
dd:c0:54:a4:9f:d0:64:c5:9c:88:a0:ff:69:58:44:
91:70:dc:2a:0c:f0:6c:7e:91:75:88:a8:13:30:bc:
3d:bc:bc:70:10:9a:95:f1:fb:49:c3:60:94:4b:a6:
58:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:72:5A:B2:0A:42:A5:3E:7D:3C:E7:F2:42:7F:63:6A:19:99:5A:2D
X509v3 Authority Key Identifier:
keyid:77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/jXJasgpCpT59POfyQn9jahmZWi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.124.0/22
91.213.144.0/24
91.232.93.0/24
91.243.190.0/23
IPv6:
2a0e:a900::/29
Signature Algorithm: sha256WithRSAEncryption
96:0f:33:9b:8e:c2:e6:a3:a4:51:50:79:54:71:d1:a2:79:4a:
66:39:63:0a:b7:a2:94:f2:32:37:49:03:9a:4b:72:d1:63:6c:
33:9b:cf:04:ee:54:75:6a:50:28:c9:c6:03:1f:be:be:ed:81:
7b:f9:7c:23:76:6a:23:7f:81:6e:c8:63:c8:65:b8:49:52:07:
10:d0:fb:3c:e0:fd:9d:80:af:70:a7:00:76:ee:63:ee:42:70:
f4:0d:c5:67:c0:c8:85:b6:53:91:8f:48:2e:e1:68:ae:52:d7:
54:05:82:34:91:ac:43:1c:f9:7a:b2:5d:d3:9a:41:3e:fe:09:
31:61:92:6e:60:2f:c3:52:e2:ef:52:a1:e7:16:8d:34:d7:77:
36:bc:f8:56:63:e8:60:a5:ba:81:1c:96:62:eb:47:5e:11:8b:
89:41:e5:17:c4:bc:72:10:8c:82:97:2f:30:52:17:f9:15:96:
94:c9:fb:89:fd:5c:f9:ea:32:3a:95:d6:00:d9:94:ae:69:b1:
05:18:97:0b:91:cc:7d:a8:97:5a:20:0a:b1:86:f2:36:6d:24:
4a:b6:31:2c:9c:27:fb:fd:a1:0d:de:05:68:ce:3a:9e:3e:5f:
7a:94:ec:98:c5:96:f7:11:04:c5:ff:a4:e8:cc:96:1f:5c:f0:
a3:7c:95:83
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZYd8UBGuCru1KIAo3vUhlPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjgwNTJhZTdkMTBmZDIyNjFhMjI0OGZjMDBkMjAyYjBm
MjU1NzQwHhcNMjUwNDEwMDQyNDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDcyNWFiMjBhNDJhNTNlN2QzY2U3ZjI0MjdmNjM2YTE5OTk1YTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTSqLzgA3TOHzgO6AVctNVGqzwaC
hFtj3JvNpcqmWWz4wd7uPswjpk/OzfEj+pLgmUTOE/rNhezhHGOH5tDlF/o0tG9d
AGdcWlRqH1wwpdyiE8KzWrnkzo/Vauoer37//xS2/7Y3QjWNJNjv4p2yHov1D29E
xI6X+TteI3A/quz18yueCMZR4/wEEHCr/q9MvdeIjTS8ovq6NtXTaJQONVzIyFL0
39duW4tKMweI7PzWVHp3sgYvw+AyrU0m6lygmZEtD9/GkULvLMNSN7b1+zzdwFSk
n9BkxZyIoP9pWESRcNwqDPBsfpF1iKgTMLw9vLxwEJqV8ftJw2CUS6ZYeQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFI1yWrIKQqU+fTzn8kJ/Y2oZmVotMB8GA1UdIwQY
MBaAFHcoBSrn0Q/SJhoiSPwA0gKw8lV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUt
MmNiYzQwZTVmZTYyLzEvalhKYXNncENwVDU5UE9meVFuOWphaG1aV2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUtMmNiYzQwZTVmZTYy
LzEvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLQx8AwQA
W9WQAwQAW+hdAwQBW/O+MA0EAgACMAcDBQMqDqkAMA0GCSqGSIb3DQEBCwUAA4IB
AQCWDzObjsLmo6RRUHlUcdGieUpmOWMKt6KU8jI3SQOaS3LRY2wzm88E7lR1alAo
ycYDH76+7YF7+Xwjdmojf4FuyGPIZbhJUgcQ0Ps84P2dgK9wpwB27mPuQnD0DcVn
wMiFtlORj0gu4WiuUtdUBYI0kaxDHPl6sl3TmkE+/gkxYZJuYC/DUuLvUqHnFo00
13c2vPhWY+hgpbqBHJZi60deEYuJQeUXxLxyEIyCly8wUhf5FZaUyfuJ/Vz56jI6
ldYA2ZSuabEFGJcLkcx9qJdaIAqxhvI2bSRKtjEsnCf7/aEN3gVozjqePl96lOyY
xZb3EQTF/6TozJYfXPCjfJWD
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:21:27 2025 by rpki-client