Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JWyb5JZOf3nJd2kOoe6wkJ7W_uo.roa
File: JWyb5JZOf3nJd2kOoe6wkJ7W_uo.roa (raw, json)
Hash identifier: 6U6D9DDD0WMRNmerIDf1tykGhX6ckb+CaHHKjoTnm9M=
Subject key identifier: 25:6C:9B:E4:96:4E:7F:79:C9:77:69:0E:A1:EE:B0:90:9E:D6:FE:EA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D41F5D774A9CB35F4BCCDCA26082D45D3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JWyb5JZOf3nJd2kOoe6wkJ7W_uo.roa
Signing time: Thu 25 Jan 2024 18:50:46 +0000
ROA not before: Thu 25 Jan 2024 18:50:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208885
IP address blocks: 2.59.255.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 15:13:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:f5:d7:74:a9:cb:35:f4:bc:cd:ca:26:08:2d:45:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 25 18:50:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=256c9be4964e7f79c977690ea1eeb0909ed6feea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6b:f2:09:a1:49:f0:64:d9:a1:1e:53:0f:85:
af:2b:8e:34:af:49:d6:9d:ec:d5:12:2f:e1:d5:64:
53:ba:9c:b7:8e:ff:22:3b:bd:1e:e4:d0:e8:9a:86:
e8:54:a1:9b:30:25:8f:de:84:e0:ed:c5:0c:f2:30:
53:f8:be:b3:78:e0:62:10:0e:f3:52:dc:16:0b:cb:
12:48:b7:2c:33:f4:26:b4:ba:04:c3:61:6d:fa:ad:
28:8e:07:80:54:ac:c0:54:40:d5:e9:35:7e:8b:32:
67:1f:b9:51:88:da:58:fd:43:05:2b:cf:fc:99:2c:
80:b4:e3:85:e7:11:24:65:dc:ea:14:6f:07:0b:1b:
14:68:65:57:45:10:c0:00:a1:cc:ce:ba:bc:a1:dd:
23:6e:b9:a1:e8:88:0c:62:c1:65:d9:9b:6c:47:6d:
e5:81:f5:a1:39:59:ed:11:1e:19:1a:1e:b8:c2:4a:
b0:23:03:0f:bf:4c:0d:41:2a:cd:ac:2a:6c:06:55:
76:e2:86:3e:dc:4b:d7:db:89:41:09:44:32:49:e2:
fe:cf:06:a9:66:fe:b3:ce:f6:fc:f0:1c:68:70:9c:
fb:31:9d:75:3b:f5:0d:e4:9d:52:35:0f:7a:cf:17:
59:73:34:67:82:22:ff:0d:83:6d:05:c9:bb:bd:76:
26:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:6C:9B:E4:96:4E:7F:79:C9:77:69:0E:A1:EE:B0:90:9E:D6:FE:EA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JWyb5JZOf3nJd2kOoe6wkJ7W_uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
94.156.10.0/24
Signature Algorithm: sha256WithRSAEncryption
98:fc:73:a7:b9:42:e3:63:bc:25:24:14:fe:ab:28:13:4a:88:
67:db:4a:2f:2b:5f:c0:e6:a4:5b:89:2f:8e:01:29:ac:58:30:
af:0c:47:20:64:20:80:d9:bf:21:a9:74:20:c6:27:61:c6:25:
ea:ce:da:cc:bd:57:ef:09:54:d7:09:7f:2f:cd:03:4c:27:6f:
72:76:95:5d:f1:7b:ee:5b:20:3f:6e:0f:e0:0d:90:ca:47:ee:
6b:29:7d:de:2a:f7:12:79:27:31:05:2d:3d:66:60:93:4a:d8:
f0:73:7a:9f:13:5c:44:7e:1d:38:43:a7:e6:11:f1:88:7d:11:
b8:a4:c2:6d:75:ad:c5:f4:c6:ad:fa:f3:46:22:f6:36:17:fc:
25:8d:c3:ea:b8:c3:99:56:20:8c:1b:bd:1b:0d:55:fa:52:37:
19:af:f7:23:25:0e:93:82:46:24:3f:3d:31:50:8f:eb:8f:94:
2c:74:6a:56:ab:43:88:29:a0:43:7f:c1:fc:85:d1:6c:25:bf:
f1:c1:97:d1:d1:bb:3f:cb:b0:61:aa:fc:6a:fd:90:ed:8d:69:
42:51:ae:36:d8:1b:ef:f2:d2:99:64:b1:21:00:db:e4:1b:0a:
ce:a6:9e:aa:a2:40:6f:bb:12:6d:7c:2d:4b:5a:1d:42:b8:50:
c9:81:d1:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1B9dd0qcs19LzNyiYILUXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTI1MTg1MDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTZjOWJlNDk2NGU3Zjc5Yzk3NzY5MGVhMWVlYjA5MDllZDZmZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWvyCaFJ8GTZoR5TD4WvK440r0nW
nezVEi/h1WRTupy3jv8iO70e5NDomoboVKGbMCWP3oTg7cUM8jBT+L6zeOBiEA7z
UtwWC8sSSLcsM/QmtLoEw2Ft+q0ojgeAVKzAVEDV6TV+izJnH7lRiNpY/UMFK8/8
mSyAtOOF5xEkZdzqFG8HCxsUaGVXRRDAAKHMzrq8od0jbrmh6IgMYsFl2ZtsR23l
gfWhOVntER4ZGh64wkqwIwMPv0wNQSrNrCpsBlV24oY+3EvX24lBCUQySeL+zwap
Zv6zzvb88BxocJz7MZ11O/UN5J1SNQ96zxdZczRngiL/DYNtBcm7vXYm5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCVsm+SWTn95yXdpDqHusJCe1v7qMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSld5YjVKWk9mM25KZDJrT29lNndrSjdXX3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjv/AwQA
XpwKMA0GCSqGSIb3DQEBCwUAA4IBAQCY/HOnuULjY7wlJBT+qygTSohn20ovK1/A
5qRbiS+OASmsWDCvDEcgZCCA2b8hqXQgxidhxiXqztrMvVfvCVTXCX8vzQNMJ29y
dpVd8XvuWyA/bg/gDZDKR+5rKX3eKvcSeScxBS09ZmCTStjwc3qfE1xEfh04Q6fm
EfGIfRG4pMJtda3F9Mat+vNGIvY2F/wljcPquMOZViCMG70bDVX6UjcZr/cjJQ6T
gkYkPz0xUI/rj5QsdGpWq0OIKaBDf8H8hdFsJb/xwZfR0bs/y7Bhqvxq/ZDtjWlC
Ua422Bvv8tKZZLEhANvkGwrOpp6qokBvuxJtfC1LWh1CuFDJgdFu
-----END CERTIFICATE-----
Generated at Wed Mar 6 19:11:46 2024 by rpki-client on console-ams.rpki-client.org