Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/JfCP2oroVX-x9Zai9FhkAEAfwYU.roa
File: JfCP2oroVX-x9Zai9FhkAEAfwYU.roa (raw, json)
Hash identifier: r3/rUfSwnofDRDbvhjKUovMFQuHkOKgKw3nq7aBPBNI=
Subject key identifier: 25:F0:8F:DA:8A:E8:55:7F:B1:F5:96:A2:F4:58:64:00:40:1F:C1:85
Certificate issuer: /CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Certificate serial: 018CF1ADFC90297BEEB4360871059214E5F1
Authority key identifier: 5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/JfCP2oroVX-x9Zai9FhkAEAfwYU.roa
Signing time: Wed 10 Jan 2024 04:42:40 +0000
ROA not before: Wed 10 Jan 2024 04:42:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29298
IP address blocks: 195.135.237.0/24 maxlen: 24
195.135.238.0/24 maxlen: 24
195.135.239.0/24 maxlen: 24
195.135.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 04:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f1:ad:fc:90:29:7b:ee:b4:36:08:71:05:92:14:e5:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Validity
Not Before: Jan 10 04:42:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25f08fda8ae8557fb1f596a2f4586400401fc185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:42:85:2f:78:b1:42:31:44:78:30:04:87:68:
bd:f3:02:25:0a:95:f3:21:b5:69:af:61:5c:42:e5:
85:c1:b8:51:5c:cd:8d:91:21:a9:75:2e:a8:cc:d1:
81:65:76:2c:4d:da:b1:01:42:1e:d7:54:9d:6f:0e:
5c:c9:17:2b:bc:32:09:11:4c:e1:72:5e:0b:eb:cf:
da:ab:60:4b:a6:06:d5:d2:38:c7:d4:5f:87:e6:bb:
99:87:0b:7e:ed:bc:30:08:74:d4:50:4f:9c:43:da:
5c:30:4f:16:21:a2:c7:da:96:87:56:9d:26:bd:28:
5b:d7:47:cc:40:d9:52:bf:11:be:90:91:e6:cf:4f:
9b:64:c6:40:ee:e1:03:a6:df:1f:a2:30:e1:06:f1:
3c:0b:8e:18:c9:c2:01:e2:72:ce:46:ed:59:31:fc:
11:7f:5c:93:4b:be:fd:44:a3:23:7c:d8:f7:e8:c3:
da:c7:fa:51:ae:ea:9c:a9:26:39:51:27:33:b8:8b:
d2:40:a9:e7:d1:26:7d:b3:95:63:c5:bb:aa:67:71:
52:82:90:9e:e9:dd:58:33:e6:14:44:4f:9c:53:99:
5b:4b:ed:6e:a3:f5:0b:00:7d:c1:24:44:34:6c:f0:
9b:63:19:d2:ad:ba:f5:bb:0f:54:9a:3f:2e:47:92:
62:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F0:8F:DA:8A:E8:55:7F:B1:F5:96:A2:F4:58:64:00:40:1F:C1:85
X509v3 Authority Key Identifier:
keyid:5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/JfCP2oroVX-x9Zai9FhkAEAfwYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.135.236.0/22
Signature Algorithm: sha256WithRSAEncryption
36:34:85:7a:b1:26:91:8e:da:1a:df:e4:4b:5e:52:02:18:f2:
12:b6:95:c9:9c:f7:ae:ef:3c:a3:7e:ad:0e:27:a2:57:d2:ce:
d9:63:22:48:0d:28:c5:82:94:e1:4b:60:03:3c:86:a2:44:27:
05:76:e1:1a:94:f7:4b:09:01:97:83:9b:8a:69:d1:50:02:52:
ab:64:a2:f8:ae:34:5d:95:57:08:30:90:4a:4c:70:94:27:76:
84:31:00:71:52:cc:f5:6a:58:1c:7d:6e:d6:12:1e:f1:b5:88:
c6:bd:29:ef:ab:61:24:8b:d2:e6:6f:83:52:be:c6:72:c1:22:
8c:29:d8:d6:05:13:65:9e:f9:62:6b:95:37:17:59:9e:06:8b:
29:fd:67:72:6f:b2:af:53:a7:5a:0e:ac:e8:d6:e6:be:b5:8c:
f7:19:ea:ee:a5:f1:1b:11:39:fb:82:4e:2c:16:2c:90:91:62:
4a:2d:90:c4:99:d8:a2:d6:56:21:7e:25:c7:2f:08:47:b1:62:
2c:de:c0:a1:da:3b:39:99:43:31:ea:8e:97:4a:ba:08:bc:e5:
d0:20:15:7e:a7:75:18:07:f5:d1:73:49:04:5e:19:8c:ee:54:
a1:75:35:06:5d:45:68:79:d7:61:f8:64:01:af:41:f1:a3:6e:
50:ba:cc:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzxrfyQKXvutDYIcQWSFOXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzYyNDVjYTgyMDg5OWQ3ZWI0MTQwMzAyYzIxMDQxYjVk
YmNhMDYwHhcNMjQwMTEwMDQ0MjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWYwOGZkYThhZTg1NTdmYjFmNTk2YTJmNDU4NjQwMDQwMWZjMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkKFL3ixQjFEeDAEh2i98wIlCpXz
IbVpr2FcQuWFwbhRXM2NkSGpdS6ozNGBZXYsTdqxAUIe11Sdbw5cyRcrvDIJEUzh
cl4L68/aq2BLpgbV0jjH1F+H5ruZhwt+7bwwCHTUUE+cQ9pcME8WIaLH2paHVp0m
vShb10fMQNlSvxG+kJHmz0+bZMZA7uEDpt8fojDhBvE8C44YycIB4nLORu1ZMfwR
f1yTS779RKMjfNj36MPax/pRruqcqSY5USczuIvSQKnn0SZ9s5VjxbuqZ3FSgpCe
6d1YM+YURE+cU5lbS+1uo/ULAH3BJEQ0bPCbYxnSrbr1uw9Umj8uR5JiZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXwj9qK6FV/sfWWovRYZABAH8GFMB8GA1UdIwQY
MBaAFF3GJFyoIImdfrQUAwLCEEG128oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDkt
MDc0ZWQ3MGI0NjczLzEvSmZDUDJvcm9WWC14OVphaTlGaGtBRUFmd1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDktMDc0ZWQ3MGI0Njcz
LzEvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw4fsMA0G
CSqGSIb3DQEBCwUAA4IBAQA2NIV6sSaRjtoa3+RLXlICGPIStpXJnPeu7zyjfq0O
J6JX0s7ZYyJIDSjFgpThS2ADPIaiRCcFduEalPdLCQGXg5uKadFQAlKrZKL4rjRd
lVcIMJBKTHCUJ3aEMQBxUsz1algcfW7WEh7xtYjGvSnvq2Eki9Lmb4NSvsZywSKM
KdjWBRNlnvlia5U3F1meBosp/Wdyb7KvU6daDqzo1ua+tYz3GerupfEbETn7gk4s
FiyQkWJKLZDEmdii1lYhfiXHLwhHsWIs3sCh2js5mUMx6o6XSroIvOXQIBV+p3UY
B/XRc0kEXhmM7lShdTUGXUVoeddh+GQBr0Hxo25Qusz2
-----END CERTIFICATE-----
Generated at Sun Jun 15 02:00:37 2025 by rpki-client