Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/JVNIMHq9SYawTupFgszHWJ8mU4c.roa
File: JVNIMHq9SYawTupFgszHWJ8mU4c.roa (raw, json)
Hash identifier: 3SvqkZ6/65xkOlbDmCwHGGCVcNCD5RR7KtkxczMTU8s=
Subject key identifier: 25:53:48:30:7A:BD:49:86:B0:4E:EA:45:82:CC:C7:58:9F:26:53:87
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 018DBE5CFE065D640517A22BEA9A171DC191
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/JVNIMHq9SYawTupFgszHWJ8mU4c.roa
Signing time: Sun 18 Feb 2024 22:36:21 +0000
ROA not before: Sun 18 Feb 2024 22:36:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12824
IP address blocks: 46.41.128.0/18 maxlen: 18
46.41.159.0/24 maxlen: 24
46.242.128.0/17 maxlen: 17
46.242.144.0/24 maxlen: 24
46.242.150.0/24 maxlen: 24
62.129.192.0/18 maxlen: 18
62.129.245.0/24 maxlen: 24
62.129.250.0/24 maxlen: 24
79.96.0.0/16 maxlen: 16
89.161.128.0/17 maxlen: 17
89.161.253.0/24 maxlen: 24
89.161.254.0/24 maxlen: 24
188.128.128.0/17 maxlen: 17
188.128.128.0/24 maxlen: 24
188.128.129.0/24 maxlen: 24
188.128.130.0/24 maxlen: 24
188.128.244.0/24 maxlen: 24
188.128.255.0/24 maxlen: 24
212.85.96.0/19 maxlen: 19
212.85.96.0/24 maxlen: 24
2a02:25a8::/29 maxlen: 29
2a02:25a8::/32 maxlen: 32
2a02:25af:dead::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 18 Feb 2024 23:03:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:be:5c:fe:06:5d:64:05:17:a2:2b:ea:9a:17:1d:c1:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Feb 18 22:36:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=255348307abd4986b04eea4582ccc7589f265387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:19:84:30:ea:1a:2e:8f:30:ed:50:c5:f0:1b:
8e:5a:37:99:da:4d:bb:05:82:3c:9d:11:eb:b3:51:
46:21:ba:9d:b4:c5:e4:71:93:0d:ef:4f:b7:14:94:
f2:56:66:bf:13:d5:4a:b9:63:75:8d:9c:da:c5:d8:
16:ea:70:b2:65:58:b4:20:b0:80:aa:11:1e:df:17:
0e:ef:3b:57:c6:59:40:94:fe:53:9a:8a:bb:5f:1b:
a0:be:4b:2e:a2:9e:be:44:43:bf:2f:b3:e8:99:e9:
c5:53:a6:5e:2c:30:f8:3a:e3:d1:db:f2:aa:eb:11:
dd:5c:3d:12:95:d6:f6:ff:46:dd:fc:34:a6:ac:80:
14:17:0c:6b:bd:28:3e:8e:48:a9:08:28:68:9f:5f:
ff:28:b8:41:8d:ec:12:e5:7b:90:82:cb:eb:4a:c5:
13:b9:18:eb:82:93:a4:ef:70:02:91:8a:ae:00:79:
f7:10:e9:16:dc:65:33:ca:ae:24:74:9d:a2:92:69:
68:eb:ca:38:fa:da:cc:ab:68:9b:33:92:9a:ce:96:
f8:24:28:93:75:9e:c9:68:bd:f8:a9:a5:46:80:66:
4a:b3:94:e2:a5:d7:f9:53:0c:ae:b3:56:8d:61:59:
4f:7d:1b:e1:33:e4:39:70:32:81:82:23:2e:e7:c4:
90:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:53:48:30:7A:BD:49:86:B0:4E:EA:45:82:CC:C7:58:9F:26:53:87
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/JVNIMHq9SYawTupFgszHWJ8mU4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.128.0/18
46.242.128.0/17
62.129.192.0/18
79.96.0.0/16
89.161.128.0/17
188.128.128.0/17
212.85.96.0/19
IPv6:
2a02:25a8::/29
Signature Algorithm: sha256WithRSAEncryption
00:66:05:e6:88:11:97:a4:58:75:9a:94:20:d9:e5:8f:60:6d:
de:1a:eb:16:67:e8:4c:af:87:8c:a8:1a:59:45:19:c2:11:d8:
a6:3c:b4:e2:64:56:0f:6e:08:3c:2e:fe:fd:56:53:5b:2e:1d:
81:e2:ce:9f:b4:51:58:c8:02:40:2e:b5:6e:9a:99:7e:50:7d:
6f:1b:58:39:7c:50:cd:04:fe:3b:b5:d9:a0:b4:04:6f:b5:59:
6e:66:0d:c8:27:d8:13:c8:af:fe:1f:0a:65:02:a2:df:70:e1:
3b:d5:d2:92:f8:2d:7c:c6:aa:1a:9d:73:b4:ef:5d:8d:70:89:
e3:82:6e:d8:c3:fe:08:94:1e:8f:6e:ae:12:ee:18:c9:aa:e9:
13:f5:ea:b5:3e:24:f8:65:05:df:bb:62:95:29:b1:f2:a9:e3:
ce:ba:20:01:68:cb:91:c9:28:af:8d:bd:9a:bc:ed:02:4c:d2:
7e:5d:54:66:36:95:b3:73:8e:18:87:19:55:9f:82:27:ac:64:
bb:9e:17:ff:2b:3c:3a:d9:e2:51:82:cf:fe:49:d2:d6:f5:83:
a1:1a:92:6c:67:e0:3b:a5:24:ec:ae:2e:28:6b:0f:4a:f2:f4:
2a:10:8f:fc:36:58:35:e5:13:71:5c:1b:7c:b4:df:46:8e:62:
99:33:16:cf
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY2+XP4GXWQFF6Ir6poXHcGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4
YjgzNmQwHhcNMjQwMjE4MjIzNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTUzNDgzMDdhYmQ0OTg2YjA0ZWVhNDU4MmNjYzc1ODlmMjY1Mzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhmEMOoaLo8w7VDF8BuOWjeZ2k27
BYI8nRHrs1FGIbqdtMXkcZMN70+3FJTyVma/E9VKuWN1jZzaxdgW6nCyZVi0ILCA
qhEe3xcO7ztXxllAlP5Tmoq7Xxugvksuop6+REO/L7PomenFU6ZeLDD4OuPR2/Kq
6xHdXD0Sldb2/0bd/DSmrIAUFwxrvSg+jkipCChon1//KLhBjewS5XuQgsvrSsUT
uRjrgpOk73ACkYquAHn3EOkW3GUzyq4kdJ2ikmlo68o4+trMq2ibM5Kazpb4JCiT
dZ7JaL34qaVGgGZKs5Tipdf5Uwyus1aNYVlPfRvhM+Q5cDKBgiMu58SQUwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCVTSDB6vUmGsE7qRYLMx1ifJlOHMB8GA1UdIwQY
MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt
YzUyMjk4NjNhZWJhLzEvSlZOSU1IcTlTWWF3VHVwRmdzekhXSjhtVTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh
LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGLimAAwQH
LvKAAwQGPoHAAwMAT2ADBAdZoYADBAe8gIADBAXUVWAwDQQCAAIwBwMFAyoCJagw
DQYJKoZIhvcNAQELBQADggEBAABmBeaIEZekWHWalCDZ5Y9gbd4a6xZn6Eyvh4yo
GllFGcIR2KY8tOJkVg9uCDwu/v1WU1suHYHizp+0UVjIAkAutW6amX5QfW8bWDl8
UM0E/ju12aC0BG+1WW5mDcgn2BPIr/4fCmUCot9w4TvV0pL4LXzGqhqdc7TvXY1w
ieOCbtjD/giUHo9urhLuGMmq6RP16rU+JPhlBd+7YpUpsfKp4866IAFoy5HJKK+N
vZq87QJM0n5dVGY2lbNzjhiHGVWfgiesZLueF/8rPDrZ4lGCz/5J0tb1g6Eakmxn
4DulJOyuLihrD0ry9CoQj/w2WDXlE3FcG3y030aOYpkzFs8=
-----END CERTIFICATE-----
Generated at Tue Apr 29 02:29:36 2025 by rpki-client