Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/jAZBhEUHhV2p8I7oKNBU6k1GvFg.roa
File: jAZBhEUHhV2p8I7oKNBU6k1GvFg.roa (raw, json)
Hash identifier: n3Wn8eTqSjaRwOyKExCv1G/CJL+KcjFpJViq6Rn3rL0=
Subject key identifier: 8C:06:41:84:45:07:85:5D:A9:F0:8E:E8:28:D0:54:EA:4D:46:BC:58
Certificate issuer: /CN=c98b825f36e9cc330315c940de800cbabce3397b
Certificate serial: 0193DF2B1962F2DBC13CEC0CB0D818099F10
Authority key identifier: C9:8B:82:5F:36:E9:CC:33:03:15:C9:40:DE:80:0C:BA:BC:E3:39:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/jAZBhEUHhV2p8I7oKNBU6k1GvFg.roa
Signing time: Thu 19 Dec 2024 13:46:03 +0000
ROA not before: Thu 19 Dec 2024 13:46:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51720
IP address blocks: 31.3.144.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 20 Dec 2024 07:18:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:df:2b:19:62:f2:db:c1:3c:ec:0c:b0:d8:18:09:9f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98b825f36e9cc330315c940de800cbabce3397b
Validity
Not Before: Dec 19 13:46:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c0641844507855da9f08ee828d054ea4d46bc58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:62:08:82:a5:6d:69:74:e2:c7:26:ac:b5:87:
1a:5e:5a:3f:84:47:e8:ab:1c:7f:22:dc:b4:8c:10:
bb:3e:23:7a:31:6c:aa:b2:d2:a1:1e:dc:48:c9:14:
f0:51:60:59:90:6b:8d:99:a6:7e:61:52:c4:30:42:
c3:56:4f:c3:97:5f:e7:f4:47:3b:f0:a6:b9:d6:fc:
77:12:0d:e9:69:d6:9c:3f:ad:3a:3c:1e:97:47:99:
00:b2:b3:2e:0c:75:c2:0b:7f:27:16:85:04:2f:67:
d9:20:a1:7e:cd:58:67:60:0f:74:86:50:cc:55:00:
c8:9a:ec:3d:34:49:28:85:57:7c:58:4f:d5:11:0b:
4f:8e:08:c4:0e:6b:b8:4c:e6:b4:28:b8:c7:ad:15:
1c:6e:03:12:20:d0:d9:0d:5a:a6:cd:ef:12:39:c1:
84:ca:71:a0:15:47:31:f4:b4:54:ca:40:2a:a0:7a:
2b:7e:10:9c:62:f1:e3:7b:7d:83:68:0a:f8:1d:39:
05:92:e8:f0:66:50:8d:b6:c2:6a:98:97:f9:d8:ec:
21:1c:a2:d4:a8:44:45:d7:31:96:c2:1b:fc:17:7c:
26:d0:e5:71:f6:72:a0:ea:a7:68:94:73:0b:da:fb:
81:8a:74:89:f4:e2:26:83:62:f8:04:bf:25:b2:8e:
63:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:06:41:84:45:07:85:5D:A9:F0:8E:E8:28:D0:54:EA:4D:46:BC:58
X509v3 Authority Key Identifier:
keyid:C9:8B:82:5F:36:E9:CC:33:03:15:C9:40:DE:80:0C:BA:BC:E3:39:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/jAZBhEUHhV2p8I7oKNBU6k1GvFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/yYuCXzbpzDMDFclA3oAMurzjOXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.144.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:7f:47:ce:4b:ff:68:9f:7c:a1:0e:22:65:75:5a:fa:16:05:
4a:b6:69:cc:67:ad:ac:b9:5c:3f:3a:a8:5d:52:d1:b3:ab:6d:
38:e0:5e:52:77:11:75:ea:45:aa:79:f0:b9:5c:17:8b:43:46:
02:a7:9a:13:6b:b4:a3:7b:4f:6e:cc:a8:63:74:87:4f:78:38:
80:e9:69:97:74:71:67:d1:09:d2:42:d2:14:11:13:ba:34:10:
0f:0f:cd:e2:77:94:cb:c4:29:77:c7:c5:49:63:3f:78:b6:96:
13:ad:83:96:94:10:e4:79:59:e5:91:67:90:18:49:f1:a2:03:
2f:01:41:35:05:ee:b1:fc:90:59:f2:b7:ac:70:80:c1:ec:da:
a3:43:8f:b0:f3:2b:23:77:e5:bf:5d:15:b1:71:d3:e5:b2:60:
bc:28:5b:75:35:4e:10:9c:93:67:9a:bf:36:68:16:75:b1:78:
1e:b8:d6:89:7e:59:50:7d:66:d1:07:c6:f0:2f:20:e5:da:6d:
5a:7a:55:b5:f6:09:a9:18:78:bf:ba:9c:a6:d2:13:ab:bb:43:
d4:68:d4:76:a5:ef:44:48:92:81:c9:b3:98:96:b8:10:b9:f5:
ee:4c:d9:04:f9:c3:a0:0a:f3:85:6e:ff:c2:63:ae:2b:83:6a:
8c:8a:e5:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPfKxli8tvBPOwMsNgYCZ8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGI4MjVmMzZlOWNjMzMwMzE1Yzk0MGRlODAwY2JhYmNl
MzM5N2IwHhcNMjQxMjE5MTM0NjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzA2NDE4NDQ1MDc4NTVkYTlmMDhlZTgyOGQwNTRlYTRkNDZiYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWIIgqVtaXTixyastYcaXlo/hEfo
qxx/Ity0jBC7PiN6MWyqstKhHtxIyRTwUWBZkGuNmaZ+YVLEMELDVk/Dl1/n9Ec7
8Ka51vx3Eg3padacP606PB6XR5kAsrMuDHXCC38nFoUEL2fZIKF+zVhnYA90hlDM
VQDImuw9NEkohVd8WE/VEQtPjgjEDmu4TOa0KLjHrRUcbgMSINDZDVqmze8SOcGE
ynGgFUcx9LRUykAqoHorfhCcYvHje32DaAr4HTkFkujwZlCNtsJqmJf52OwhHKLU
qERF1zGWwhv8F3wm0OVx9nKg6qdolHML2vuBinSJ9OImg2L4BL8lso5jGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwGQYRFB4VdqfCO6CjQVOpNRrxYMB8GA1UdIwQY
MBaAFMmLgl826cwzAxXJQN6ADLq84zl7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVl1Q1h6YnB6RE1ERmNsQTNvQU11cnpqT1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lYTM2MTQtZjA5MC00YTJiLTkzNTUt
Yjg5YTUxMWMzYmJkLzEvakFaQmhFVUhoVjJwOEk3b0tOQlU2azFHdkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lYTM2MTQtZjA5MC00YTJiLTkzNTUtYjg5YTUxMWMzYmJk
LzEveVl1Q1h6YnB6RE1ERmNsQTNvQU11cnpqT1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCHwOQMA0G
CSqGSIb3DQEBCwUAA4IBAQAKf0fOS/9on3yhDiJldVr6FgVKtmnMZ62suVw/Oqhd
UtGzq2044F5SdxF16kWqefC5XBeLQ0YCp5oTa7Sje09uzKhjdIdPeDiA6WmXdHFn
0QnSQtIUERO6NBAPD83id5TLxCl3x8VJYz94tpYTrYOWlBDkeVnlkWeQGEnxogMv
AUE1Be6x/JBZ8rescIDB7NqjQ4+w8ysjd+W/XRWxcdPlsmC8KFt1NU4QnJNnmr82
aBZ1sXgeuNaJfllQfWbRB8bwLyDl2m1aelW19gmpGHi/upym0hOru0PUaNR2pe9E
SJKBybOYlrgQufXuTNkE+cOgCvOFbv/CY64rg2qMiuUF
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:17:09 2025 by rpki-client