Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/bb0bba-f095-423e-92d2-7995bf60803b/1/Kr0-JXUAGMQxfFWgb94gXdZY1tA.roa
File: Kr0-JXUAGMQxfFWgb94gXdZY1tA.roa (raw, json)
Hash identifier: J4Eh0dNnhBoYgpbql2S10GahSH60C5/1xptgGODucdw=
Subject key identifier: 2A:BD:3E:25:75:00:18:C4:31:7C:55:A0:6F:DE:20:5D:D6:58:D6:D0
Certificate issuer: /CN=8f3f9d85bcb3a4136362c5773e9d14e39e529453
Certificate serial: 018BF7D1B28EA8D66A1B2281ECE6CDDAA243
Authority key identifier: 8F:3F:9D:85:BC:B3:A4:13:63:62:C5:77:3E:9D:14:E3:9E:52:94:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jz-dhbyzpBNjYsV3Pp0U455SlFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/bb0bba-f095-423e-92d2-7995bf60803b/1/Kr0-JXUAGMQxfFWgb94gXdZY1tA.roa
Signing time: Wed 22 Nov 2023 16:16:36 +0000
ROA not before: Wed 22 Nov 2023 16:16:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12337
IP address blocks: 209.16.144.0/24 maxlen: 24
209.16.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:d1:b2:8e:a8:d6:6a:1b:22:81:ec:e6:cd:da:a2:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3f9d85bcb3a4136362c5773e9d14e39e529453
Validity
Not Before: Nov 22 16:16:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2abd3e25750018c4317c55a06fde205dd658d6d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9a:02:13:c2:c8:89:05:01:76:ac:2f:53:19:
c4:64:62:6d:67:5c:f6:b4:3c:99:e9:da:92:89:5b:
a8:00:12:11:2a:29:ce:55:d8:8f:b3:c7:d1:29:54:
2c:d0:79:9e:84:b9:8f:aa:fb:03:6b:5e:2b:8c:46:
69:61:5f:f8:8d:4c:60:27:d5:fd:3d:77:99:df:c8:
88:af:5d:5e:b7:5d:27:82:c4:97:fe:96:e9:4a:45:
65:37:65:cd:23:1a:15:88:7a:cf:e3:1e:21:49:73:
99:62:f2:71:c9:be:63:3c:57:28:dc:3c:47:9e:e6:
c1:59:a5:50:23:c6:00:84:1b:79:60:cb:61:6f:a3:
1b:f6:bb:31:ba:63:1a:b7:6c:85:58:9e:99:c4:fe:
df:ae:c0:97:c6:ce:f4:cc:fa:b0:f7:5b:a0:f4:1b:
0d:17:f1:d1:94:dd:82:d2:62:90:38:55:8f:ea:fd:
ea:21:b8:de:d9:84:99:4e:1b:cb:76:a3:8f:50:71:
8f:94:41:da:08:dd:3e:e3:58:24:2e:47:c2:a5:3d:
73:f5:71:9e:9b:d8:d1:8a:6a:dd:4b:84:42:5a:c6:
74:4f:22:33:e3:fb:6e:15:93:3b:5a:ad:53:19:fc:
10:92:59:11:cf:db:fa:18:02:e6:a3:1a:99:f2:4e:
05:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BD:3E:25:75:00:18:C4:31:7C:55:A0:6F:DE:20:5D:D6:58:D6:D0
X509v3 Authority Key Identifier:
keyid:8F:3F:9D:85:BC:B3:A4:13:63:62:C5:77:3E:9D:14:E3:9E:52:94:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jz-dhbyzpBNjYsV3Pp0U455SlFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/bb0bba-f095-423e-92d2-7995bf60803b/1/Kr0-JXUAGMQxfFWgb94gXdZY1tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/bb0bba-f095-423e-92d2-7995bf60803b/1/jz-dhbyzpBNjYsV3Pp0U455SlFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.16.144.0/23
Signature Algorithm: sha256WithRSAEncryption
08:a5:49:15:73:40:c2:21:c8:39:5d:d8:cc:20:c9:bc:d3:ef:
a7:3a:72:f5:7a:f6:2a:9e:67:ed:8f:27:c9:50:59:ee:d8:fe:
d9:5f:df:fb:db:81:12:ad:14:59:cb:5d:92:05:e3:94:ce:e8:
a8:51:e6:66:82:26:32:20:dd:42:ae:cb:94:16:00:c2:8d:50:
76:bc:61:75:74:64:4b:2c:9f:71:e9:21:c9:86:6c:aa:3a:dd:
47:fe:da:29:ee:cd:e1:4c:5b:f5:f6:3a:33:b8:0f:8e:e6:67:
a9:ab:5b:63:74:27:06:8a:e1:e2:be:16:94:dc:ac:1c:80:58:
ba:9f:c1:6c:e6:12:42:a1:eb:35:f1:d4:f5:bf:50:6c:aa:9d:
73:ca:dc:be:d6:4c:7b:b9:d0:54:b7:af:31:04:2c:9e:49:3b:
63:6a:01:55:01:53:f7:5c:64:47:06:bc:d4:a7:b8:0f:fa:23:
db:3c:28:a4:b1:5a:9b:a3:20:a9:0d:56:0e:53:b3:dc:19:bc:
30:32:e9:aa:4c:b8:b3:2e:94:bc:81:5e:b1:92:14:af:0f:17:
1c:67:3e:b5:f8:58:ca:6b:9f:a3:1f:18:1e:54:cc:eb:aa:84:
5c:ad:3c:4b:67:5d:d1:3f:41:59:b6:b7:51:62:be:6e:b2:b2:
32:41:ef:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv30bKOqNZqGyKB7ObN2qJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmM2Y5ZDg1YmNiM2E0MTM2MzYyYzU3NzNlOWQxNGUzOWU1
Mjk0NTMwHhcNMjMxMTIyMTYxNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJkM2UyNTc1MDAxOGM0MzE3YzU1YTA2ZmRlMjA1ZGQ2NThkNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15oCE8LIiQUBdqwvUxnEZGJtZ1z2
tDyZ6dqSiVuoABIRKinOVdiPs8fRKVQs0HmehLmPqvsDa14rjEZpYV/4jUxgJ9X9
PXeZ38iIr11et10ngsSX/pbpSkVlN2XNIxoViHrP4x4hSXOZYvJxyb5jPFco3DxH
nubBWaVQI8YAhBt5YMthb6Mb9rsxumMat2yFWJ6ZxP7frsCXxs70zPqw91ug9BsN
F/HRlN2C0mKQOFWP6v3qIbje2YSZThvLdqOPUHGPlEHaCN0+41gkLkfCpT1z9XGe
m9jRimrdS4RCWsZ0TyIz4/tuFZM7Wq1TGfwQklkRz9v6GALmoxqZ8k4FGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCq9PiV1ABjEMXxVoG/eIF3WWNbQMB8GA1UdIwQY
MBaAFI8/nYW8s6QTY2LFdz6dFOOeUpRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanotZGhieXpwQk5qWXNWM1BwMFU0NTVTbEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYjBiYmEtZjA5NS00MjNlLTkyZDIt
Nzk5NWJmNjA4MDNiLzEvS3IwLUpYVUFHTVF4ZkZXZ2I5NGdYZFpZMXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYjBiYmEtZjA5NS00MjNlLTkyZDItNzk5NWJmNjA4MDNi
LzEvanotZGhieXpwQk5qWXNWM1BwMFU0NTVTbEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB0RCQMA0G
CSqGSIb3DQEBCwUAA4IBAQAIpUkVc0DCIcg5XdjMIMm80++nOnL1evYqnmftjyfJ
UFnu2P7ZX9/724ESrRRZy12SBeOUzuioUeZmgiYyIN1CrsuUFgDCjVB2vGF1dGRL
LJ9x6SHJhmyqOt1H/top7s3hTFv19jozuA+O5mepq1tjdCcGiuHivhaU3KwcgFi6
n8Fs5hJCoes18dT1v1Bsqp1zyty+1kx7udBUt68xBCyeSTtjagFVAVP3XGRHBrzU
p7gP+iPbPCiksVqboyCpDVYOU7PcGbwwMumqTLizLpS8gV6xkhSvDxccZz61+FjK
a5+jHxgeVMzrqoRcrTxLZ13RP0FZtrdRYr5usrIyQe8B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:47 2024 by rpki-client on console-fra.rpki-client.org