Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b8b606-c65a-409a-ba8d-cf1a5d8e5f6d/1/jcv3D3fAZlTKpKQlKaM0bvvPUdY.roa
File: jcv3D3fAZlTKpKQlKaM0bvvPUdY.roa (raw, json)
Hash identifier: a5SbIcL+GxwbgSAfCIBZ5nf9a1g0xXEGajmNPw33olk=
Subject key identifier: 8D:CB:F7:0F:77:C0:66:54:CA:A4:A4:25:29:A3:34:6E:FB:CF:51:D6
Certificate issuer: /CN=40cf69cca2c86e194754788edcd88e352ed4e11c
Certificate serial: 018CC9BCB64CFE49B0F457C307C83A758B73
Authority key identifier: 40:CF:69:CC:A2:C8:6E:19:47:54:78:8E:DC:D8:8E:35:2E:D4:E1:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QM9pzKLIbhlHVHiO3NiONS7U4Rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/b8b606-c65a-409a-ba8d-cf1a5d8e5f6d/1/jcv3D3fAZlTKpKQlKaM0bvvPUdY.roa
Signing time: Tue 02 Jan 2024 10:33:57 +0000
ROA not before: Tue 02 Jan 2024 10:33:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 176.119.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:b6:4c:fe:49:b0:f4:57:c3:07:c8:3a:75:8b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40cf69cca2c86e194754788edcd88e352ed4e11c
Validity
Not Before: Jan 2 10:33:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dcbf70f77c06654caa4a42529a3346efbcf51d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:23:45:0e:00:4f:e4:41:bf:ad:6d:99:2e:33:
b5:4f:77:87:d5:68:83:6e:13:6b:56:90:9d:48:c1:
e4:2d:38:d9:15:79:36:27:fb:12:93:53:46:73:b9:
d2:08:d1:55:77:8c:08:89:b9:6d:62:92:01:3a:28:
e0:88:11:91:d6:d3:62:da:16:ca:85:df:b3:50:67:
05:6e:54:01:18:81:73:53:62:29:74:29:d9:17:b0:
42:52:f0:87:27:91:81:92:7c:c2:f2:46:3e:5e:8d:
3a:e9:c6:dd:81:2f:38:d8:e2:1b:a5:95:aa:0d:81:
16:15:31:af:9a:51:c5:ae:9c:49:42:c4:c3:2b:1a:
49:e5:3d:ca:be:bf:90:4b:17:ed:1d:c0:96:52:22:
00:34:2c:1d:7f:c5:a0:78:d6:1a:35:1c:e3:f1:3e:
a9:b7:36:76:c8:7e:2c:27:5d:dd:9a:84:3e:5f:6b:
2d:f3:78:51:28:3b:a9:94:54:74:51:e5:ec:6c:cc:
d3:63:44:6a:ba:35:e2:ef:89:38:9f:b8:4e:7a:2f:
d8:88:59:6e:88:bb:1a:ca:fe:4d:a3:32:22:06:6e:
7d:dd:44:5b:5c:f6:fc:06:5c:fc:bd:18:90:4d:6c:
9d:ec:32:f4:8a:ef:3d:26:a8:f2:f6:fe:f3:3f:d6:
22:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:CB:F7:0F:77:C0:66:54:CA:A4:A4:25:29:A3:34:6E:FB:CF:51:D6
X509v3 Authority Key Identifier:
keyid:40:CF:69:CC:A2:C8:6E:19:47:54:78:8E:DC:D8:8E:35:2E:D4:E1:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QM9pzKLIbhlHVHiO3NiONS7U4Rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b8b606-c65a-409a-ba8d-cf1a5d8e5f6d/1/jcv3D3fAZlTKpKQlKaM0bvvPUdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b8b606-c65a-409a-ba8d-cf1a5d8e5f6d/1/QM9pzKLIbhlHVHiO3NiONS7U4Rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.201.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:a0:fd:ca:7c:5c:fa:92:e9:65:1f:d7:e1:4a:1f:ca:03:40:
99:ae:d5:c2:6a:9e:1a:d8:2c:61:08:cf:90:42:8b:1c:d0:e4:
2f:bd:2f:62:b9:83:61:98:e1:08:08:e7:a0:60:b0:e4:5d:c1:
9a:8e:ff:cf:95:0c:b7:b8:00:01:2b:57:23:f9:d2:74:b4:a7:
2c:ce:0a:99:e3:fd:9a:48:e3:ca:4b:23:26:b9:8b:57:da:00:
1e:86:1d:40:b8:9d:4e:99:62:e7:42:45:5f:c7:54:8a:a8:ff:
65:93:88:d8:62:46:6d:dc:e0:66:85:b5:be:cc:fb:ba:fe:15:
a7:3f:c7:01:fa:40:17:08:5a:26:42:d8:96:ef:a4:88:e8:c2:
46:70:66:f2:35:b9:6e:6b:f8:4e:3d:3d:7c:4a:7c:c7:47:c0:
9b:aa:5b:e8:62:11:82:b5:a5:04:47:2a:45:dc:ef:ff:5e:65:
28:67:94:06:2e:b4:a7:c8:14:d8:64:ed:f4:05:49:d2:92:98:
56:3c:f8:93:14:ef:84:16:93:a5:fc:a7:55:41:47:fb:3f:87:
46:1d:bf:ad:77:e4:4b:b6:19:f3:d6:3f:74:11:f1:2d:bd:f9:
a1:2c:81:de:77:80:6a:39:2f:b0:56:3b:c2:d0:d5:be:27:1d:
28:7c:8c:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvLZM/kmw9FfDB8g6dYtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwY2Y2OWNjYTJjODZlMTk0NzU0Nzg4ZWRjZDg4ZTM1MmVk
NGUxMWMwHhcNMjQwMTAyMTAzMzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGNiZjcwZjc3YzA2NjU0Y2FhNGE0MjUyOWEzMzQ2ZWZiY2Y1MWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiNFDgBP5EG/rW2ZLjO1T3eH1WiD
bhNrVpCdSMHkLTjZFXk2J/sSk1NGc7nSCNFVd4wIibltYpIBOijgiBGR1tNi2hbK
hd+zUGcFblQBGIFzU2IpdCnZF7BCUvCHJ5GBknzC8kY+Xo066cbdgS842OIbpZWq
DYEWFTGvmlHFrpxJQsTDKxpJ5T3Kvr+QSxftHcCWUiIANCwdf8WgeNYaNRzj8T6p
tzZ2yH4sJ13dmoQ+X2st83hRKDuplFR0UeXsbMzTY0RqujXi74k4n7hOei/YiFlu
iLsayv5NozIiBm593URbXPb8Blz8vRiQTWyd7DL0iu89Jqjy9v7zP9YiKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI3L9w93wGZUyqSkJSmjNG77z1HWMB8GA1UdIwQY
MBaAFEDPacyiyG4ZR1R4jtzYjjUu1OEcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU05cHpLTEliaGxIVkhpTzNOaU9OUzdVNFJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iOGI2MDYtYzY1YS00MDlhLWJhOGQt
Y2YxYTVkOGU1ZjZkLzEvamN2M0QzZkFabFRLcEtRbEthTTBidnZQVWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iOGI2MDYtYzY1YS00MDlhLWJhOGQtY2YxYTVkOGU1ZjZk
LzEvUU05cHpLTEliaGxIVkhpTzNOaU9OUzdVNFJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHfJMA0G
CSqGSIb3DQEBCwUAA4IBAQAcoP3KfFz6kullH9fhSh/KA0CZrtXCap4a2CxhCM+Q
Qosc0OQvvS9iuYNhmOEICOegYLDkXcGajv/PlQy3uAABK1cj+dJ0tKcszgqZ4/2a
SOPKSyMmuYtX2gAehh1AuJ1OmWLnQkVfx1SKqP9lk4jYYkZt3OBmhbW+zPu6/hWn
P8cB+kAXCFomQtiW76SI6MJGcGbyNblua/hOPT18SnzHR8CbqlvoYhGCtaUERypF
3O//XmUoZ5QGLrSnyBTYZO30BUnSkphWPPiTFO+EFpOl/KdVQUf7P4dGHb+td+RL
thnz1j90EfEtvfmhLIHed4BqOS+wVjvC0NW+Jx0ofIxq
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:33 2025 by rpki-client