Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/jyp4q5tmQQEG2z7_xCf8DufnFNs.roa
File: jyp4q5tmQQEG2z7_xCf8DufnFNs.roa (raw, json)
Hash identifier: JsPY++QkAJe5N5+mUnPzDpODS5P1NwafF67UBOTJx2U=
Subject key identifier: 8F:2A:78:AB:9B:66:41:01:06:DB:3E:FF:C4:27:FC:0E:E7:E7:14:DB
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01918932A2E87D439FB04C1D6801B9B2FC23
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/jyp4q5tmQQEG2z7_xCf8DufnFNs.roa
Signing time: Sun 25 Aug 2024 11:01:22 +0000
ROA not before: Sun 25 Aug 2024 11:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a13:bb40::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a14:1100::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:89:32:a2:e8:7d:43:9f:b0:4c:1d:68:01:b9:b2:fc:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Aug 25 11:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f2a78ab9b66410106db3effc427fc0ee7e714db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2d:12:11:7c:14:d1:c1:25:a5:1a:12:bc:e0:
c0:e8:12:b3:60:d1:18:76:52:27:50:a5:8f:f1:3d:
d9:09:63:ad:65:b9:74:e6:5c:3b:82:4e:96:21:b7:
ea:5c:8b:48:1c:e4:f1:72:4b:5b:75:47:82:bb:70:
84:9b:e4:27:8d:83:f9:34:51:15:84:6f:7e:c4:da:
f0:32:a3:bf:31:a6:eb:18:e6:00:4b:b7:50:c4:42:
ab:3d:30:16:c5:80:53:e0:6e:82:2a:59:b2:06:bb:
f4:a6:df:70:e4:68:a0:a0:b5:a4:83:cf:9d:86:00:
00:9f:74:4b:dc:b8:2d:c1:61:b4:bd:dc:6d:f2:25:
1d:87:41:49:b1:df:18:c8:99:b7:2d:d2:60:25:23:
0c:d5:98:78:6b:03:03:19:c6:fc:53:b7:05:28:b5:
1d:84:f0:56:70:dd:ff:85:ff:54:17:7d:9d:70:11:
7b:3e:43:1e:d8:ac:36:38:11:24:72:7a:0e:a5:b1:
39:75:97:44:33:84:ea:5d:b7:9a:13:0a:c3:07:aa:
38:30:a6:41:96:01:37:e6:be:dc:ab:d5:29:ae:a6:
e3:7a:06:3a:14:ce:10:0b:38:99:9f:ab:7f:20:79:
41:be:c4:c7:48:6d:b5:1d:15:3d:f7:d5:7a:3f:2f:
7a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2A:78:AB:9B:66:41:01:06:DB:3E:FF:C4:27:FC:0E:E7:E7:14:DB
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/jyp4q5tmQQEG2z7_xCf8DufnFNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bb40::/29
2a13:c240::/29
2a14:1100::/29
Signature Algorithm: sha256WithRSAEncryption
94:70:66:03:e5:51:c0:9a:2d:33:1c:c4:53:d0:94:5c:b6:4e:
f7:4f:b7:ba:85:80:53:38:65:8c:ec:b8:f7:11:72:5e:1b:4e:
ac:81:87:c4:7d:00:75:b0:f4:30:09:91:98:c7:08:86:8c:2d:
af:72:44:ad:2e:04:9f:97:bd:fa:84:02:6a:aa:63:dc:1e:75:
72:eb:98:e8:67:40:6c:df:0d:b0:a8:02:84:6b:4c:49:54:62:
c2:58:0d:c0:86:3f:42:df:23:97:f8:7c:41:52:67:c1:e0:db:
af:07:38:32:d8:b5:ab:f0:b1:f1:17:26:6a:3d:b7:1a:2f:74:
8c:49:fc:48:23:39:54:e4:69:0f:26:9c:96:e4:36:e6:50:71:
23:11:fe:e3:e8:ff:ed:72:88:54:1f:a0:3a:d9:bf:de:d8:eb:
45:7d:a6:fe:4f:85:ae:e4:c3:88:53:97:38:80:66:0e:e0:d5:
53:e9:8b:c5:01:43:a8:98:c6:b8:0a:d5:61:ca:da:bb:41:b4:
42:41:d6:49:a1:5d:b3:49:b0:e4:c4:23:65:01:12:54:18:cb:
c7:f6:af:e8:54:fa:a9:98:ab:a6:d2:1e:ae:e3:73:d9:93:60:
50:fb:68:db:5b:2b:b2:d2:62:2a:b6:8a:0a:74:e7:32:4f:d4:
50:37:d8:fb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZGJMqLofUOfsEwdaAG5svwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwODI1MTEwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjJhNzhhYjliNjY0MTAxMDZkYjNlZmZjNDI3ZmMwZWU3ZTcxNGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuC0SEXwU0cElpRoSvODA6BKzYNEY
dlInUKWP8T3ZCWOtZbl05lw7gk6WIbfqXItIHOTxcktbdUeCu3CEm+QnjYP5NFEV
hG9+xNrwMqO/MabrGOYAS7dQxEKrPTAWxYBT4G6CKlmyBrv0pt9w5GigoLWkg8+d
hgAAn3RL3LgtwWG0vdxt8iUdh0FJsd8YyJm3LdJgJSMM1Zh4awMDGcb8U7cFKLUd
hPBWcN3/hf9UF32dcBF7PkMe2Kw2OBEkcnoOpbE5dZdEM4TqXbeaEwrDB6o4MKZB
lgE35r7cq9UprqbjegY6FM4QCziZn6t/IHlBvsTHSG21HRU999V6Py96PQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI8qeKubZkEBBts+/8Qn/A7n5xTbMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvanlwNHE1dG1RUUVHMno3X3hDZjhEdWZuRk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhO7QAMF
AyoTwkADBQMqFBEAMA0GCSqGSIb3DQEBCwUAA4IBAQCUcGYD5VHAmi0zHMRT0JRc
tk73T7e6hYBTOGWM7Lj3EXJeG06sgYfEfQB1sPQwCZGYxwiGjC2vckStLgSfl736
hAJqqmPcHnVy65joZ0Bs3w2wqAKEa0xJVGLCWA3Ahj9C3yOX+HxBUmfB4NuvBzgy
2LWr8LHxFyZqPbcaL3SMSfxIIzlU5GkPJpyW5DbmUHEjEf7j6P/tcohUH6A62b/e
2OtFfab+T4Wu5MOIU5c4gGYO4NVT6YvFAUOomMa4CtVhytq7QbRCQdZJoV2zSbDk
xCNlARJUGMvH9q/oVPqpmKum0h6u43PZk2BQ+2jbWyuy0mIqtooKdOcyT9RQN9j7
-----END CERTIFICATE-----
Generated at Wed Sep 11 18:35:55 2024 by rpki-client on console-ams.rpki-client.org