Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/c68d4d-8b64-4e75-9e54-57309df69642/1/dLWjTW5exTwMhQHDOGHFBcF_jis.roa
File: dLWjTW5exTwMhQHDOGHFBcF_jis.roa (raw, json)
Hash identifier: /AJtXugExWrbJCPJlctRIn/SVDJeG3BWzviNX5VpBv0=
Subject key identifier: 74:B5:A3:4D:6E:5E:C5:3C:0C:85:01:C3:38:61:C5:05:C1:7F:8E:2B
Certificate issuer: /CN=8dc91c50bff9ca059e6e38b2e0c7eb852a630bba
Certificate serial: 018CC4246E9C68EF244D92E99A5F022EABAB
Authority key identifier: 8D:C9:1C:50:BF:F9:CA:05:9E:6E:38:B2:E0:C7:EB:85:2A:63:0B:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jckcUL_5ygWebjiy4MfrhSpjC7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/c68d4d-8b64-4e75-9e54-57309df69642/1/dLWjTW5exTwMhQHDOGHFBcF_jis.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61134
IP address blocks: 194.169.126.0/24 maxlen: 24
195.20.212.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 12 Mar 2024 13:35:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:6e:9c:68:ef:24:4d:92:e9:9a:5f:02:2e:ab:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dc91c50bff9ca059e6e38b2e0c7eb852a630bba
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74b5a34d6e5ec53c0c8501c33861c505c17f8e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c5:b7:f8:89:94:60:fa:b7:cf:1c:40:3d:fd:
92:ca:6f:fb:92:60:61:74:96:97:67:12:94:17:d7:
75:e5:0f:51:ea:54:24:51:01:2a:fc:8d:12:19:34:
30:81:d2:2b:2b:0a:73:aa:7a:a6:11:17:f5:c0:c8:
11:a3:ea:62:bb:c9:fa:f0:61:99:5b:15:be:f6:23:
87:66:c2:d5:9a:fd:75:e4:4b:b8:ee:d2:a8:8d:d7:
7b:16:69:db:04:c0:93:ba:3d:c1:f7:7d:ee:fb:a3:
e6:ec:cf:f1:61:e3:40:98:a4:2c:cb:ff:e4:6d:2d:
39:37:e7:59:dd:f3:e0:95:d6:aa:77:64:d7:4d:de:
28:a5:64:6b:b3:e8:ff:4c:e8:a7:84:51:c3:14:38:
30:38:cc:d6:02:e3:58:92:cd:5e:3e:67:30:1d:38:
cc:cf:84:58:28:18:ed:96:a6:b7:18:10:cc:44:d3:
eb:ec:5b:a3:29:d7:20:99:c5:cb:35:fe:ef:a4:24:
e1:f4:e2:ae:14:d6:a2:7c:32:80:d3:ac:06:e3:73:
9e:d4:d7:5f:bc:5e:25:1d:82:cb:cf:88:79:3d:16:
6b:bd:48:d0:87:ec:59:ee:20:aa:44:54:7d:f2:a7:
8b:15:0d:c3:06:08:30:b9:c8:e9:69:ad:7b:6a:a2:
62:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B5:A3:4D:6E:5E:C5:3C:0C:85:01:C3:38:61:C5:05:C1:7F:8E:2B
X509v3 Authority Key Identifier:
keyid:8D:C9:1C:50:BF:F9:CA:05:9E:6E:38:B2:E0:C7:EB:85:2A:63:0B:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jckcUL_5ygWebjiy4MfrhSpjC7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c68d4d-8b64-4e75-9e54-57309df69642/1/dLWjTW5exTwMhQHDOGHFBcF_jis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c68d4d-8b64-4e75-9e54-57309df69642/1/jckcUL_5ygWebjiy4MfrhSpjC7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.126.0/24
195.20.212.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:85:04:dc:89:c9:ab:3e:ac:09:09:86:33:76:cd:e7:28:3f:
9e:09:11:ca:77:92:5e:4c:aa:fb:d5:c8:94:dd:d6:f8:f7:75:
c3:8d:e2:1d:e1:6b:a2:75:b5:85:e7:aa:92:73:3a:8a:fb:3e:
b2:7c:eb:4d:ce:21:81:ef:53:7f:28:90:57:dd:85:99:2e:21:
39:31:ae:04:84:f7:4b:37:94:fe:de:d5:5f:33:5b:64:35:67:
e6:5c:0c:28:20:25:27:e5:22:33:bc:1f:78:85:6e:9b:2b:97:
07:34:e9:80:59:b2:92:a7:ad:97:f2:56:21:33:0a:78:e9:6c:
0c:f8:51:56:70:eb:7a:23:50:e6:25:62:fd:32:8f:7c:3a:28:
ad:92:54:18:31:86:c2:18:ea:1a:ef:2c:10:8f:a4:dd:dd:88:
c8:a7:e2:46:71:64:6e:3d:eb:f2:a3:d2:cf:17:05:0a:f3:75:
3b:5f:98:e4:31:f0:67:cc:13:68:23:b0:3f:08:d5:76:1d:b8:
69:e5:a9:54:d3:b4:94:1e:c4:f5:4b:ae:84:39:8c:af:ea:8a:
0e:f6:04:ca:bd:78:63:a1:42:c0:31:ad:16:16:7e:20:4f:0e:
ba:50:e8:13:73:54:73:f3:5f:db:c8:20:9e:c3:2f:8e:8b:31:
45:3b:6d:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJG6caO8kTZLpml8CLqurMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzkxYzUwYmZmOWNhMDU5ZTZlMzhiMmUwYzdlYjg1MmE2
MzBiYmEwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGI1YTM0ZDZlNWVjNTNjMGM4NTAxYzMzODYxYzUwNWMxN2Y4ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosW3+ImUYPq3zxxAPf2Sym/7kmBh
dJaXZxKUF9d15Q9R6lQkUQEq/I0SGTQwgdIrKwpzqnqmERf1wMgRo+piu8n68GGZ
WxW+9iOHZsLVmv115Eu47tKojdd7FmnbBMCTuj3B933u+6Pm7M/xYeNAmKQsy//k
bS05N+dZ3fPgldaqd2TXTd4opWRrs+j/TOinhFHDFDgwOMzWAuNYks1ePmcwHTjM
z4RYKBjtlqa3GBDMRNPr7FujKdcgmcXLNf7vpCTh9OKuFNaifDKA06wG43Oe1Ndf
vF4lHYLLz4h5PRZrvUjQh+xZ7iCqRFR98qeLFQ3DBggwucjpaa17aqJi5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHS1o01uXsU8DIUBwzhhxQXBf44rMB8GA1UdIwQY
MBaAFI3JHFC/+coFnm44suDH64UqYwu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNrY1VMXzV5Z1dlYmppeTRNZnJoU3BqQzdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9jNjhkNGQtOGI2NC00ZTc1LTllNTQt
NTczMDlkZjY5NjQyLzEvZExXalRXNWV4VHdNaFFIRE9HSEZCY0ZfamlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9jNjhkNGQtOGI2NC00ZTc1LTllNTQtNTczMDlkZjY5NjQy
LzEvamNrY1VMXzV5Z1dlYmppeTRNZnJoU3BqQzdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwql+AwQB
wxTUMA0GCSqGSIb3DQEBCwUAA4IBAQBahQTcicmrPqwJCYYzds3nKD+eCRHKd5Je
TKr71ciU3db493XDjeId4WuidbWF56qSczqK+z6yfOtNziGB71N/KJBX3YWZLiE5
Ma4EhPdLN5T+3tVfM1tkNWfmXAwoICUn5SIzvB94hW6bK5cHNOmAWbKSp62X8lYh
Mwp46WwM+FFWcOt6I1DmJWL9Mo98OiitklQYMYbCGOoa7ywQj6Td3YjIp+JGcWRu
Pevyo9LPFwUK83U7X5jkMfBnzBNoI7A/CNV2Hbhp5alU07SUHsT1S66EOYyv6ooO
9gTKvXhjoULAMa0WFn4gTw66UOgTc1Rz81/byCCewy+OizFFO20H
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:19:13 2025 by rpki-client