Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0b4e73-a154-4059-b622-8fd5caba54e9/1/JJlyqM0LBvEGwzugeAmPN3g1RDw.roa
File: JJlyqM0LBvEGwzugeAmPN3g1RDw.roa (raw, json)
Hash identifier: +SZGgDJ4n1CHzzbkR56/gGWQWFPk+hQorGrf6p1w3NA=
Subject key identifier: 24:99:72:A8:CD:0B:06:F1:06:C3:3B:A0:78:09:8F:37:78:35:44:3C
Certificate issuer: /CN=a0e3128fd09dc18e66ee4212a7e64f3e4e74a814
Certificate serial: 0189F32B73BEA86A325203085041C2E7ADE9
Authority key identifier: A0:E3:12:8F:D0:9D:C1:8E:66:EE:42:12:A7:E6:4F:3E:4E:74:A8:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOMSj9CdwY5m7kISp-ZPPk50qBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0b4e73-a154-4059-b622-8fd5caba54e9/1/JJlyqM0LBvEGwzugeAmPN3g1RDw.roa
Signing time: Mon 14 Aug 2023 08:30:58 +0000
ROA not before: Mon 14 Aug 2023 08:30:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 45.14.124.0/22 maxlen: 22
2a0e:e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:2b:73:be:a8:6a:32:52:03:08:50:41:c2:e7:ad:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e3128fd09dc18e66ee4212a7e64f3e4e74a814
Validity
Not Before: Aug 14 08:30:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=249972a8cd0b06f106c33ba078098f377835443c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9d:7b:02:75:95:25:04:48:ec:5a:4f:af:d9:
e9:f3:35:07:af:43:d8:38:76:cd:8f:35:b8:7e:c1:
bb:63:e5:14:b6:9e:34:2c:37:b4:7c:18:8e:8a:80:
5b:31:15:3e:e4:52:36:5d:d1:ea:d6:91:57:07:6b:
5c:b6:1e:22:d1:9d:b2:63:19:81:2b:e9:4d:f8:40:
9c:82:4d:ea:8a:1a:d0:1b:23:7b:1c:90:c6:63:f5:
07:90:13:86:e4:76:88:ba:63:f5:ba:b9:59:0d:cb:
41:69:c3:e0:ae:df:83:fb:3d:8c:3a:02:72:b1:2e:
e6:01:a4:79:db:3a:aa:99:10:90:ef:39:f7:c6:51:
55:55:1e:eb:6c:df:63:06:93:e1:fd:52:62:be:c0:
5b:37:67:70:a4:f0:a2:97:d4:e1:56:76:d8:7b:4b:
47:9f:42:b4:36:b3:99:65:e2:4c:f7:d8:51:43:3c:
ca:11:bb:54:93:1c:50:3d:ac:9e:9f:57:03:fe:43:
93:e6:0f:77:43:cc:cd:0d:4a:b7:2f:d7:3b:28:33:
23:1a:f1:bc:a0:38:6d:ff:a8:29:53:57:5e:e2:0a:
03:c3:d4:dc:e7:44:2b:c0:1a:a4:ad:4c:b6:08:41:
fc:9f:9c:94:f1:fb:9f:c0:0d:fc:71:e4:be:c3:5a:
cf:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:99:72:A8:CD:0B:06:F1:06:C3:3B:A0:78:09:8F:37:78:35:44:3C
X509v3 Authority Key Identifier:
keyid:A0:E3:12:8F:D0:9D:C1:8E:66:EE:42:12:A7:E6:4F:3E:4E:74:A8:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOMSj9CdwY5m7kISp-ZPPk50qBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0b4e73-a154-4059-b622-8fd5caba54e9/1/JJlyqM0LBvEGwzugeAmPN3g1RDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0b4e73-a154-4059-b622-8fd5caba54e9/1/oOMSj9CdwY5m7kISp-ZPPk50qBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.124.0/22
IPv6:
2a0e:e80::/29
Signature Algorithm: sha256WithRSAEncryption
48:94:d5:16:f2:a9:f2:38:24:ae:cf:5a:e9:f8:64:9e:5a:7d:
a0:6f:2b:c9:94:ac:7a:01:98:e6:63:79:96:2d:4f:5b:85:e7:
f6:c1:b9:fb:a8:86:05:8a:73:ac:e2:bf:e0:a9:73:e7:f6:98:
e9:64:52:84:7c:49:e1:46:2e:86:10:ea:8b:58:6e:57:7e:e2:
f3:c5:66:4b:a6:27:0a:69:60:d7:19:a8:10:dc:fb:4b:0e:5e:
47:9a:eb:0c:e5:6a:a2:22:9a:b9:66:d9:68:bb:cf:a3:ac:46:
43:7a:c8:e0:76:03:f0:81:5c:cc:f3:ca:94:c3:6b:60:0a:ec:
af:6e:96:ad:5b:8c:e6:b8:6e:5f:8b:38:2b:f5:e2:df:06:b0:
00:c1:16:67:15:d7:8d:64:47:42:35:3a:55:65:6c:6d:28:4e:
5b:cb:93:4d:f3:fa:aa:47:48:20:e6:99:ed:95:a7:56:44:4c:
40:ae:40:f3:01:d2:aa:aa:51:d3:19:22:5f:08:96:db:05:58:
6b:c7:78:d2:a0:ec:30:e6:81:3e:63:4f:fa:59:f8:76:69:91:
03:6c:46:12:46:a2:81:44:7c:75:82:a5:4f:14:8f:12:c4:03:
1c:9c:7d:1b:a9:46:11:17:c5:5b:a5:35:da:93:84:5e:56:d1:
0e:79:98:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYnzK3O+qGoyUgMIUEHC563pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTMxMjhmZDA5ZGMxOGU2NmVlNDIxMmE3ZTY0ZjNlNGU3
NGE4MTQwHhcNMjMwODE0MDgzMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDk5NzJhOGNkMGIwNmYxMDZjMzNiYTA3ODA5OGYzNzc4MzU0NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp17AnWVJQRI7FpPr9np8zUHr0PY
OHbNjzW4fsG7Y+UUtp40LDe0fBiOioBbMRU+5FI2XdHq1pFXB2tcth4i0Z2yYxmB
K+lN+ECcgk3qihrQGyN7HJDGY/UHkBOG5HaIumP1urlZDctBacPgrt+D+z2MOgJy
sS7mAaR52zqqmRCQ7zn3xlFVVR7rbN9jBpPh/VJivsBbN2dwpPCil9ThVnbYe0tH
n0K0NrOZZeJM99hRQzzKEbtUkxxQPayen1cD/kOT5g93Q8zNDUq3L9c7KDMjGvG8
oDht/6gpU1de4goDw9Tc50QrwBqkrUy2CEH8n5yU8fufwA38ceS+w1rPsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCSZcqjNCwbxBsM7oHgJjzd4NUQ8MB8GA1UdIwQY
MBaAFKDjEo/QncGOZu5CEqfmTz5OdKgUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09NU2o5Q2R3WTVtN2tJU3AtWlBQazUwcUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wYjRlNzMtYTE1NC00MDU5LWI2MjIt
OGZkNWNhYmE1NGU5LzEvSkpseXFNMExCdkVHd3p1Z2VBbVBOM2cxUkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wYjRlNzMtYTE1NC00MDU5LWI2MjItOGZkNWNhYmE1NGU5
LzEvb09NU2o5Q2R3WTVtN2tJU3AtWlBQazUwcUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ58MA0E
AgACMAcDBQMqDg6AMA0GCSqGSIb3DQEBCwUAA4IBAQBIlNUW8qnyOCSuz1rp+GSe
Wn2gbyvJlKx6AZjmY3mWLU9bhef2wbn7qIYFinOs4r/gqXPn9pjpZFKEfEnhRi6G
EOqLWG5XfuLzxWZLpicKaWDXGagQ3PtLDl5HmusM5WqiIpq5Ztlou8+jrEZDesjg
dgPwgVzM88qUw2tgCuyvbpatW4zmuG5fizgr9eLfBrAAwRZnFdeNZEdCNTpVZWxt
KE5by5NN8/qqR0gg5pntladWRExArkDzAdKqqlHTGSJfCJbbBVhrx3jSoOww5oE+
Y0/6Wfh2aZEDbEYSRqKBRHx1gqVPFI8SxAMcnH0bqUYRF8VbpTXak4ReVtEOeZhP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:46 2024 by rpki-client on console-fra.rpki-client.org