Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/JXHm3he25xaly11dAL8ESFU-MQ8.roa
File: JXHm3he25xaly11dAL8ESFU-MQ8.roa (raw, json)
Hash identifier: 8o3pBT2JiZU5pWPh9esqNQbp94gPTE4MFQDLLZRnD44=
Subject key identifier: 25:71:E6:DE:17:B6:E7:16:A5:CB:5D:5D:00:BF:04:48:55:3E:31:0F
Certificate issuer: /CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Certificate serial: 01856E6FB7B28558A7E6CC2C18F858919ABA
Authority key identifier: 1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/JXHm3he25xaly11dAL8ESFU-MQ8.roa
Signing time: Sun 01 Jan 2023 17:44:53 +0000
ROA not before: Sun 01 Jan 2023 17:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12684
IP address blocks: 37.19.24.0/21 maxlen: 21
2a04:2880::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 May 2023 10:40:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:b7:b2:85:58:a7:e6:cc:2c:18:f8:58:91:9a:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Validity
Not Before: Jan 1 17:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2571e6de17b6e716a5cb5d5d00bf0448553e310f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2b:c0:53:d5:f9:d1:0a:4c:42:02:50:d8:cb:
79:2d:df:26:ca:09:b0:ec:4f:2c:f6:f1:37:3a:99:
49:c5:8a:da:4b:24:11:db:01:3f:71:b0:44:f6:65:
38:7b:b0:72:75:b4:11:64:aa:1c:a4:f1:fa:b9:b4:
dc:aa:d8:00:3c:3d:db:a6:02:05:ce:81:54:24:2d:
fb:85:ef:31:7a:6d:bc:02:f2:2e:1c:b5:dd:66:d1:
09:cc:54:08:c1:96:31:1b:7d:1b:2e:5f:10:bb:d8:
4a:3e:62:3c:11:eb:bd:db:28:e8:47:24:e1:0c:6c:
91:45:17:9f:a6:a9:5b:91:9a:f6:4c:53:92:65:61:
bf:bb:9a:0a:ed:f0:67:c4:c1:1c:12:bf:63:85:fc:
ce:af:c1:f5:1d:96:2e:8f:f6:8a:8b:65:2d:fe:83:
6d:5f:e0:a0:ee:91:6b:ba:01:d0:b0:78:7d:99:f9:
a0:28:2c:b0:cf:79:b6:7d:75:7b:59:2e:bf:bc:33:
7a:d8:98:81:53:7c:29:f9:ed:34:c0:1c:d2:cc:10:
a1:f7:60:ec:66:3c:a0:9a:62:be:20:df:5f:65:42:
08:b0:e4:50:f4:99:8f:95:0e:57:d5:6e:e0:97:3c:
a8:26:c0:c1:97:b7:68:5f:9d:72:e7:8a:dd:91:4a:
19:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:71:E6:DE:17:B6:E7:16:A5:CB:5D:5D:00:BF:04:48:55:3E:31:0F
X509v3 Authority Key Identifier:
keyid:1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/JXHm3he25xaly11dAL8ESFU-MQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/G9Id-yT32M4jEbpAdndUdL1QvmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.24.0/21
IPv6:
2a04:2880::/48
Signature Algorithm: sha256WithRSAEncryption
49:8b:b2:48:5b:bc:c3:5c:b1:3e:58:ba:2b:06:a6:43:00:a5:
2a:64:af:05:e7:01:62:d0:4a:1e:09:39:44:40:5f:89:98:0a:
69:15:dc:d9:3c:b7:9c:1a:5d:b3:18:0d:69:b3:39:a0:9f:2e:
b5:82:67:8e:a9:b3:bc:dc:51:a0:f1:9a:66:a6:b9:b7:ff:45:
96:7e:3d:ac:af:b2:0b:cd:90:cf:59:69:d8:8f:93:a5:85:29:
11:62:f9:71:03:6a:9b:ad:0f:70:29:6e:33:27:2b:e2:c6:b1:
24:4d:af:a5:ad:ca:78:e5:5b:9c:3a:35:31:d6:91:72:e4:2c:
25:03:0a:83:3c:dd:d0:be:04:2f:2d:9a:82:28:04:f6:2b:36:
97:99:8d:de:25:79:6c:24:26:19:38:bd:4e:55:39:3e:92:d6:
f4:95:d6:c2:94:b1:b7:45:01:80:00:6c:d2:24:a7:0d:7b:87:
d6:33:85:d8:9c:69:a9:0b:92:8d:24:13:bc:ad:d3:0f:b3:9f:
9d:2e:da:75:e9:01:5e:9a:71:76:fb:59:1e:1a:57:3c:d2:52:
95:47:c1:e9:0f:44:33:a7:ee:87:4f:f3:9c:46:e3:ac:4e:8a:
e0:f9:17:84:6f:a0:bc:6d:70:c0:11:c7:23:03:67:a3:8e:f5:
4b:c7:b2:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVub7eyhVin5swsGPhYkZq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZDIxZGZiMjRmN2Q4Y2UyMzExYmE0MDc2Nzc1NDc0YmQ1
MGJlNjQwHhcNMjMwMTAxMTc0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTcxZTZkZTE3YjZlNzE2YTVjYjVkNWQwMGJmMDQ0ODU1M2UzMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkivAU9X50QpMQgJQ2Mt5Ld8mygmw
7E8s9vE3OplJxYraSyQR2wE/cbBE9mU4e7BydbQRZKocpPH6ubTcqtgAPD3bpgIF
zoFUJC37he8xem28AvIuHLXdZtEJzFQIwZYxG30bLl8Qu9hKPmI8Eeu92yjoRyTh
DGyRRRefpqlbkZr2TFOSZWG/u5oK7fBnxMEcEr9jhfzOr8H1HZYuj/aKi2Ut/oNt
X+Cg7pFrugHQsHh9mfmgKCywz3m2fXV7WS6/vDN62JiBU3wp+e00wBzSzBCh92Ds
ZjygmmK+IN9fZUIIsORQ9JmPlQ5X1W7glzyoJsDBl7doX51y54rdkUoZywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCVx5t4XtucWpctdXQC/BEhVPjEPMB8GA1UdIwQY
MBaAFBvSHfsk99jOIxG6QHZ3VHS9UL5kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzlJZC15VDMyTTRqRWJwQWRuZFVkTDFRdm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wOGUxNWItNGEyNC00Y2UwLTk0NTQt
Zjg3YTMyMmE3Nzc2LzEvSlhIbTNoZTI1eGFseTExZEFMOEVTRlUtTVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wOGUxNWItNGEyNC00Y2UwLTk0NTQtZjg3YTMyMmE3Nzc2
LzEvRzlJZC15VDMyTTRqRWJwQWRuZFVkTDFRdm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDJRMYMA8E
AgACMAkDBwAqBCiAAAAwDQYJKoZIhvcNAQELBQADggEBAEmLskhbvMNcsT5YuisG
pkMApSpkrwXnAWLQSh4JOURAX4mYCmkV3Nk8t5waXbMYDWmzOaCfLrWCZ46ps7zc
UaDxmmamubf/RZZ+PayvsgvNkM9ZadiPk6WFKRFi+XEDaputD3ApbjMnK+LGsSRN
r6WtynjlW5w6NTHWkXLkLCUDCoM83dC+BC8tmoIoBPYrNpeZjd4leWwkJhk4vU5V
OT6S1vSV1sKUsbdFAYAAbNIkpw17h9YzhdicaakLko0kE7yt0w+zn50u2nXpAV6a
cXb7WR4aVzzSUpVHwekPRDOn7odP85xG46xOiuD5F4RvoLxtcMARxyMDZ6OO9UvH
ssc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:10 2024 by rpki-client on console-ams.rpki-client.org