Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/jLHV1a_tN7Zale1jWNZ9galkcrk.roa
File: jLHV1a_tN7Zale1jWNZ9galkcrk.roa (raw, json)
Hash identifier: EAS7ix8GVCJ7FELb2kjnnakKSLXfsOD/HNk0VUPHjnI=
Subject key identifier: 8C:B1:D5:D5:AF:ED:37:B6:5A:95:ED:63:58:D6:7D:81:A9:64:72:B9
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 018DBE5CFE50D9676C41B2BC78EB8E64E69F
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/jLHV1a_tN7Zale1jWNZ9galkcrk.roa
Signing time: Sun 18 Feb 2024 22:36:21 +0000
ROA not before: Sun 18 Feb 2024 22:36:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215484
IP address blocks: 188.128.128.0/24 maxlen: 24
188.128.129.0/24 maxlen: 24
188.128.130.0/24 maxlen: 24
2a02:25af:dead::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 18 Feb 2024 22:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:be:5c:fe:50:d9:67:6c:41:b2:bc:78:eb:8e:64:e6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Feb 18 22:36:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cb1d5d5afed37b65a95ed6358d67d81a96472b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:e9:72:eb:85:df:14:c4:b6:11:f5:96:63:
f9:45:d8:04:d7:68:c1:55:23:b9:b7:34:9a:9b:d9:
de:19:43:2d:d8:1c:3b:ca:1c:0f:cc:e4:ea:48:2d:
3e:7c:cf:16:ad:08:19:5d:0b:76:5a:78:00:8f:a6:
fc:82:79:45:76:2c:ac:b3:ef:fb:c8:93:7b:b7:d6:
97:83:bc:83:d2:61:08:7b:69:7c:7c:33:b4:8d:c4:
0b:bc:79:7d:c0:98:c0:ea:ba:ec:0e:6a:3d:87:9f:
40:46:a2:9a:29:3e:34:00:cf:84:de:7e:33:79:dd:
c0:b5:41:21:3c:a5:5f:4a:72:c9:42:55:ad:bc:47:
74:45:71:00:61:9c:f1:fb:cb:6b:56:e7:b2:e0:12:
94:63:bf:52:9f:20:be:eb:03:23:1b:bc:3d:57:0e:
97:11:06:6f:5c:ff:b7:fe:f3:42:54:ad:ea:3e:49:
19:7a:b4:55:41:bb:34:1b:17:c7:46:c8:85:07:59:
d5:97:b0:f2:4b:b0:6c:94:ab:aa:fb:19:6e:50:c2:
16:f9:70:37:2a:6a:c9:da:45:be:04:87:0c:33:df:
12:44:30:59:8a:1b:25:47:2a:91:2d:a7:72:bd:76:
82:73:ae:ff:ac:d1:9a:cf:74:63:80:ed:ca:67:0a:
98:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B1:D5:D5:AF:ED:37:B6:5A:95:ED:63:58:D6:7D:81:A9:64:72:B9
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/jLHV1a_tN7Zale1jWNZ9galkcrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.128.128.0-188.128.130.255
IPv6:
2a02:25af:dead::/48
Signature Algorithm: sha256WithRSAEncryption
55:88:82:82:30:30:7b:b0:31:63:0d:de:dd:50:7e:b4:d2:b8:
80:34:8f:d4:6f:0f:d1:15:bf:b3:ec:65:fa:82:7a:78:71:64:
41:f3:fd:0e:20:17:ed:ac:29:19:77:81:02:62:97:c7:f6:53:
77:5c:96:03:fa:4d:89:56:ce:80:e2:1d:4d:a1:32:4c:01:40:
6a:ae:64:98:40:bb:0e:b5:80:b2:7e:4e:22:6d:5c:9b:8b:ea:
98:74:fc:ac:66:a9:b7:b3:2a:6c:c7:70:bd:9b:cc:e8:39:85:
18:58:72:1f:16:9b:d1:a9:54:ee:69:7d:ea:1d:8c:67:b6:f1:
61:5c:17:76:87:8d:b1:cb:4e:fd:7e:4e:74:87:2b:55:4c:c8:
6f:06:e9:7c:e2:1b:46:02:1a:9c:c8:21:27:2d:da:73:16:5c:
f5:ec:6e:47:b0:7a:cb:af:69:c6:ec:1a:13:71:74:2c:d7:47:
f6:28:5b:4a:d9:b2:35:8b:d0:f6:5e:eb:aa:44:73:4e:4b:93:
b7:e6:c4:44:4e:7e:30:f0:3d:80:f8:b0:a7:78:32:b3:a2:25:
ea:70:3c:fd:0f:1d:7a:ad:6e:38:cf:20:d3:ec:be:1f:d7:db:
a9:b4:ba:cd:13:d4:9b:cb:74:16:18:5f:2a:71:71:bd:f8:2c:
3c:42:5e:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY2+XP5Q2WdsQbK8eOuOZOafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4
YjgzNmQwHhcNMjQwMjE4MjIzNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2IxZDVkNWFmZWQzN2I2NWE5NWVkNjM1OGQ2N2Q4MWE5NjQ3MmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp07pcuuF3xTEthH1lmP5RdgE12jB
VSO5tzSam9neGUMt2Bw7yhwPzOTqSC0+fM8WrQgZXQt2WngAj6b8gnlFdiyss+/7
yJN7t9aXg7yD0mEIe2l8fDO0jcQLvHl9wJjA6rrsDmo9h59ARqKaKT40AM+E3n4z
ed3AtUEhPKVfSnLJQlWtvEd0RXEAYZzx+8trVuey4BKUY79SnyC+6wMjG7w9Vw6X
EQZvXP+3/vNCVK3qPkkZerRVQbs0GxfHRsiFB1nVl7DyS7BslKuq+xluUMIW+XA3
KmrJ2kW+BIcMM98SRDBZihslRyqRLadyvXaCc67/rNGaz3RjgO3KZwqY9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIyx1dWv7Te2WpXtY1jWfYGpZHK5MB8GA1UdIwQY
MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt
YzUyMjk4NjNhZWJhLzEvakxIVjFhX3RON1phbGUxaldOWjlnYWxrY3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh
LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAe8gIAD
BAC8gIIwDwQCAAIwCQMHACoCJa/erTANBgkqhkiG9w0BAQsFAAOCAQEAVYiCgjAw
e7AxYw3e3VB+tNK4gDSP1G8P0RW/s+xl+oJ6eHFkQfP9DiAX7awpGXeBAmKXx/ZT
d1yWA/pNiVbOgOIdTaEyTAFAaq5kmEC7DrWAsn5OIm1cm4vqmHT8rGapt7MqbMdw
vZvM6DmFGFhyHxab0alU7ml96h2MZ7bxYVwXdoeNsctO/X5OdIcrVUzIbwbpfOIb
RgIanMghJy3acxZc9exuR7B6y69pxuwaE3F0LNdH9ihbStmyNYvQ9l7rqkRzTkuT
t+bERE5+MPA9gPiwp3gys6Il6nA8/Q8deq1uOM8g0+y+H9fbqbS6zRPUm8t0Fhhf
KnFxvfgsPEJewQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:19:59 2025 by rpki-client