Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/jglnQQs3Qx8LfgVA8Izd7KpwvCA.roa
File: jglnQQs3Qx8LfgVA8Izd7KpwvCA.roa (raw, json)
Hash identifier: MuA8x8NIqGVPjWAgr1oyG1yzmeQNGL33AcYNrUyz19U=
Subject key identifier: 8E:09:67:41:0B:37:43:1F:0B:7E:05:40:F0:8C:DD:EC:AA:70:BC:20
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018FDFE748ED543D64C52040C823831B99D7
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/jglnQQs3Qx8LfgVA8Izd7KpwvCA.roa
Signing time: Mon 03 Jun 2024 21:00:27 +0000
ROA not before: Mon 03 Jun 2024 21:00:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2a06:b440::/29 maxlen: 29
2a0f:e000::/29 maxlen: 29
2a12:6740::/29 maxlen: 30
2a12:8ec0::/29 maxlen: 30
2a12:ccc0::/29 maxlen: 30
2a12:d3c0::/29 maxlen: 30
2a12:e240::/29 maxlen: 30
Validation: Failed, certificate revoked on Sat 08 Jun 2024 21:27:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:df:e7:48:ed:54:3d:64:c5:20:40:c8:23:83:1b:99:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jun 3 21:00:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e0967410b37431f0b7e0540f08cddecaa70bc20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3e:e3:01:2e:9d:1e:dd:94:11:cf:6e:60:40:
59:d8:0d:83:81:f7:0a:b0:7c:7c:1b:22:6f:15:f1:
22:d7:b5:eb:de:e8:0d:33:18:e8:75:71:ee:03:79:
e4:1e:1e:4f:55:a3:04:65:2c:31:2c:85:84:ee:22:
f1:bc:65:3b:df:c7:30:13:aa:56:f0:9b:b3:6c:b2:
3d:62:f4:c3:6d:51:0d:20:cc:b0:5d:85:9d:3b:33:
57:d9:9c:cf:0d:8c:73:bc:90:d1:4c:fb:6b:c8:d2:
46:af:bc:c7:42:11:af:99:19:12:c6:82:d6:e2:c2:
7d:64:ae:77:2c:08:b2:9b:38:b0:78:95:d6:60:d1:
5b:b3:49:c2:1e:77:f4:50:4a:5e:6f:14:91:f3:d2:
42:f9:af:81:c3:3b:f9:a7:2c:8c:48:ec:70:e8:85:
14:ef:90:52:11:d7:6c:3f:47:28:3f:dd:42:ac:c5:
c0:a9:38:41:18:0c:55:dc:41:3e:89:b1:98:b4:73:
29:8f:17:b6:5d:b2:89:3b:c4:4e:f2:c6:c2:85:1d:
f1:39:8d:c3:8f:4b:32:15:20:af:5f:f5:64:96:a4:
bc:7a:71:2d:33:57:55:31:62:6a:30:d2:fb:4a:04:
c1:4e:a2:91:0f:38:a8:f3:9d:ee:9f:d7:11:3b:4d:
12:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:09:67:41:0B:37:43:1F:0B:7E:05:40:F0:8C:DD:EC:AA:70:BC:20
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/jglnQQs3Qx8LfgVA8Izd7KpwvCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b440::/29
2a0f:e000::/29
2a12:6740::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:d3c0::/29
2a12:e240::/29
Signature Algorithm: sha256WithRSAEncryption
44:c9:e3:2d:ae:ee:91:69:0e:85:b6:a3:03:44:b9:aa:73:5c:
c4:4d:ad:03:95:f3:28:2e:b9:70:a1:77:e2:eb:12:ed:fe:a4:
ae:64:e4:b9:68:88:2b:f8:a5:3b:33:3f:d3:e0:4d:25:45:12:
78:2d:4d:9f:71:04:ea:c0:a0:a2:bd:9e:a0:2a:c9:23:f2:6e:
86:d6:e4:f9:e8:7d:b2:09:ec:98:e8:7c:1e:93:57:85:5c:d8:
64:8f:ec:fa:0b:9e:a9:32:bc:03:b4:43:49:24:23:98:bd:fc:
f9:14:69:59:19:54:74:b6:1d:7a:24:2a:b4:65:b4:8c:0b:bc:
9a:e1:1e:c4:70:ce:07:29:2d:a6:1f:be:bf:45:cd:dd:5e:b1:
f3:96:5f:1e:d9:44:1e:ea:08:a6:7b:4a:df:ba:56:ab:aa:00:
69:cc:a5:60:2a:11:d0:bb:a9:c2:57:74:7f:45:e3:08:3b:8d:
b2:71:bc:a3:59:22:bb:ed:d8:b8:7d:99:6c:ab:01:64:f3:bd:
3a:b3:39:f8:94:6c:6e:04:ba:b9:53:e4:3b:d2:1a:e0:97:88:
38:92:89:bc:23:d0:73:dd:95:79:5b:37:43:6f:36:e5:36:a0:
e2:d9:2b:2b:f4:46:e9:91:1b:cb:6a:a9:11:39:89:27:3f:63:
60:4d:2b:f0
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY/f50jtVD1kxSBAyCODG5nXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNjAzMjEwMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTA5Njc0MTBiMzc0MzFmMGI3ZTA1NDBmMDhjZGRlY2FhNzBiYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj7jAS6dHt2UEc9uYEBZ2A2DgfcK
sHx8GyJvFfEi17Xr3ugNMxjodXHuA3nkHh5PVaMEZSwxLIWE7iLxvGU738cwE6pW
8JuzbLI9YvTDbVENIMywXYWdOzNX2ZzPDYxzvJDRTPtryNJGr7zHQhGvmRkSxoLW
4sJ9ZK53LAiymziweJXWYNFbs0nCHnf0UEpebxSR89JC+a+Bwzv5pyyMSOxw6IUU
75BSEddsP0coP91CrMXAqThBGAxV3EE+ibGYtHMpjxe2XbKJO8RO8sbChR3xOY3D
j0syFSCvX/VklqS8enEtM1dVMWJqMNL7SgTBTqKRDzio853un9cRO00SeQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFI4JZ0ELN0MfC34FQPCM3eyqcLwgMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvamdsblFRczNReDhMZmdWQThJemQ3S3B3dkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKga0QAMF
AyoP4AADBQMqEmdAAwUDKhKOwAMFAyoSzMADBQMqEtPAAwUDKhLiQDANBgkqhkiG
9w0BAQsFAAOCAQEARMnjLa7ukWkOhbajA0S5qnNcxE2tA5XzKC65cKF34usS7f6k
rmTkuWiIK/ilOzM/0+BNJUUSeC1Nn3EE6sCgor2eoCrJI/Juhtbk+eh9sgnsmOh8
HpNXhVzYZI/s+gueqTK8A7RDSSQjmL38+RRpWRlUdLYdeiQqtGW0jAu8muEexHDO
Byktph++v0XN3V6x85ZfHtlEHuoIpntK37pWq6oAacylYCoR0Lupwld0f0XjCDuN
snG8o1kiu+3YuH2ZbKsBZPO9OrM5+JRsbgS6uVPkO9Ia4JeIOJKJvCPQc92VeVs3
Q2825Tag4tkrK/RG6ZEby2qpETmJJz9jYE0r8A==
-----END CERTIFICATE-----
Generated at Sat Jun 8 23:05:17 2024 by rpki-client on console-ams.rpki-client.org