Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/JNCIzzXOTXgavXQaNoNuV2jMJpk.roa
File: JNCIzzXOTXgavXQaNoNuV2jMJpk.roa (raw, json)
Hash identifier: TxNytpXw4dzAl9FhtLQ7U6H6TrKbDAgC8W64/OVGxaI=
Subject key identifier: 24:D0:88:CF:35:CE:4D:78:1A:BD:74:1A:36:83:6E:57:68:CC:26:99
Certificate issuer: /CN=19610d638e2a2f95a3d90e4cff9959a859fac4f0
Certificate serial: 019427A5690EDC678B084D7A5D3639AC2941
Authority key identifier: 19:61:0D:63:8E:2A:2F:95:A3:D9:0E:4C:FF:99:59:A8:59:FA:C4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/JNCIzzXOTXgavXQaNoNuV2jMJpk.roa
Signing time: Thu 02 Jan 2025 15:32:19 +0000
ROA not before: Thu 02 Jan 2025 15:32:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.144.204.0/24 maxlen: 24
45.144.205.0/24 maxlen: 24
45.144.206.0/24 maxlen: 24
45.144.207.0/24 maxlen: 24
45.152.156.0/24 maxlen: 24
45.152.157.0/24 maxlen: 24
45.152.158.0/24 maxlen: 24
45.152.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:36:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:a5:69:0e:dc:67:8b:08:4d:7a:5d:36:39:ac:29:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19610d638e2a2f95a3d90e4cff9959a859fac4f0
Validity
Not Before: Jan 2 15:32:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24d088cf35ce4d781abd741a36836e5768cc2699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f7:70:04:64:b1:20:23:f9:86:fc:2b:c6:d5:
36:bd:ab:30:3e:17:b5:11:ca:4b:2a:46:33:b0:82:
e1:24:8f:e8:38:55:88:26:8b:3b:d7:8a:60:fa:f9:
32:65:51:a6:a0:47:55:d6:b1:3a:b6:21:37:ef:de:
46:ca:0b:5c:f9:0c:ed:64:bc:8b:05:ee:1d:b3:cd:
19:19:e9:b3:24:ca:9f:a1:52:aa:87:35:94:43:15:
24:9c:7a:31:20:5c:cc:9c:35:3c:fa:26:2d:62:66:
37:c3:b8:86:67:c4:36:01:5d:88:85:42:33:88:82:
97:ff:c6:79:5e:8f:ad:e5:a6:95:25:26:f8:9d:42:
f9:2c:75:e9:b9:cd:a9:af:6c:0a:94:cf:fe:c0:67:
08:e2:43:b4:4c:56:95:2d:17:34:17:18:36:c3:54:
6b:2d:02:ce:66:0d:d1:ee:c5:7d:8c:f5:43:91:ef:
05:e5:51:82:cb:2a:28:05:a1:01:6e:68:f9:b5:08:
e2:8b:27:a1:b3:10:02:5a:0d:16:35:0a:ae:f9:68:
83:46:5a:af:31:80:b7:4b:c4:01:72:ef:ff:75:75:
75:c5:d1:45:8f:d4:4e:e5:9a:58:2d:03:48:3c:d5:
34:43:d7:2d:98:3b:2c:8c:b2:85:3a:3b:05:16:ff:
66:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D0:88:CF:35:CE:4D:78:1A:BD:74:1A:36:83:6E:57:68:CC:26:99
X509v3 Authority Key Identifier:
keyid:19:61:0D:63:8E:2A:2F:95:A3:D9:0E:4C:FF:99:59:A8:59:FA:C4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/JNCIzzXOTXgavXQaNoNuV2jMJpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.204.0/22
45.152.156.0/22
Signature Algorithm: sha256WithRSAEncryption
61:71:01:c4:91:18:04:a6:66:72:39:ec:1e:d7:92:c0:ae:0f:
c0:ed:44:d7:2c:d8:97:89:5c:d5:9c:72:12:ef:7c:a2:57:2e:
86:5d:96:55:8e:88:21:fc:38:39:8d:b9:de:df:36:67:5d:c7:
21:60:51:7b:62:14:7e:0c:3e:79:ab:2f:bc:6c:0a:e8:00:e2:
30:d6:0c:bb:c6:1c:6b:cb:2f:55:b8:fd:1f:6a:12:42:00:71:
94:06:48:f1:83:a9:b4:0d:5c:d7:dc:7d:9c:00:d3:70:10:16:
b5:b1:2b:ff:3f:d6:97:76:f3:e7:f3:c3:66:ac:ec:5e:4f:c1:
f3:cc:58:fc:fd:d3:db:9b:11:c0:93:37:5f:0b:21:94:70:89:
96:2a:9a:5e:fc:77:77:fe:51:b9:6e:d8:32:05:9e:3f:eb:66:
58:b3:01:45:97:53:53:54:4f:31:46:a8:62:d9:18:98:a7:ef:
59:aa:a4:04:e4:9f:30:d1:97:e9:90:39:d9:bb:e3:02:29:db:
b5:5c:07:13:f2:12:8f:7e:44:c0:ae:85:89:e5:12:cf:d8:ee:
8c:b4:37:93:58:c7:ab:72:63:b1:29:52:58:21:70:4b:83:f1:
9e:50:5b:97:eb:02:a0:3a:12:b4:69:d3:6a:f5:d9:f4:eb:27:
b4:3e:0c:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnpWkO3GeLCE16XTY5rClBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjEwZDYzOGUyYTJmOTVhM2Q5MGU0Y2ZmOTk1OWE4NTlm
YWM0ZjAwHhcNMjUwMTAyMTUzMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGQwODhjZjM1Y2U0ZDc4MWFiZDc0MWEzNjgzNmU1NzY4Y2MyNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfdwBGSxICP5hvwrxtU2vaswPhe1
EcpLKkYzsILhJI/oOFWIJos714pg+vkyZVGmoEdV1rE6tiE3795Gygtc+QztZLyL
Be4ds80ZGemzJMqfoVKqhzWUQxUknHoxIFzMnDU8+iYtYmY3w7iGZ8Q2AV2IhUIz
iIKX/8Z5Xo+t5aaVJSb4nUL5LHXpuc2pr2wKlM/+wGcI4kO0TFaVLRc0Fxg2w1Rr
LQLOZg3R7sV9jPVDke8F5VGCyyooBaEBbmj5tQjiiyehsxACWg0WNQqu+WiDRlqv
MYC3S8QBcu//dXV1xdFFj9RO5ZpYLQNIPNU0Q9ctmDssjLKFOjsFFv9mJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCTQiM81zk14Gr10GjaDbldozCaZMB8GA1UdIwQY
MBaAFBlhDWOOKi+Vo9kOTP+ZWahZ+sTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dFTlk0NHFMNVdqMlE1TV81bFpxRm42eFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hZTE4YWEtN2MxNS00Nzc1LThmYzUt
NzcyZGNkM2FmNWY2LzEvSk5DSXp6WE9UWGdhdlhRYU5vTnVWMmpNSnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hZTE4YWEtN2MxNS00Nzc1LThmYzUtNzcyZGNkM2FmNWY2
LzEvR1dFTlk0NHFMNVdqMlE1TV81bFpxRm42eFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZDMAwQC
LZicMA0GCSqGSIb3DQEBCwUAA4IBAQBhcQHEkRgEpmZyOewe15LArg/A7UTXLNiX
iVzVnHIS73yiVy6GXZZVjogh/Dg5jbne3zZnXcchYFF7YhR+DD55qy+8bAroAOIw
1gy7xhxryy9VuP0fahJCAHGUBkjxg6m0DVzX3H2cANNwEBa1sSv/P9aXdvPn88Nm
rOxeT8HzzFj8/dPbmxHAkzdfCyGUcImWKppe/Hd3/lG5btgyBZ4/62ZYswFFl1NT
VE8xRqhi2RiYp+9ZqqQE5J8w0ZfpkDnZu+MCKdu1XAcT8hKPfkTAroWJ5RLP2O6M
tDeTWMercmOxKVJYIXBLg/GeUFuX6wKgOhK0adNq9dn06ye0Pgzx
-----END CERTIFICATE-----
Generated at Wed Apr 30 16:41:38 2025 by rpki-client