Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JDWXnIqL-e8Bci0l3o9lnnqkWQI.roa
File: JDWXnIqL-e8Bci0l3o9lnnqkWQI.roa (raw, json)
Hash identifier: vLp8D4cgoIEX6CT0xcn4tiGXIueUtjJPdobySx2o4wc=
Subject key identifier: 24:35:97:9C:8A:8B:F9:EF:01:72:2D:25:DE:8F:65:9E:7A:A4:59:02
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0192BDAE1B7258FB48802462E9DDB005064F
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JDWXnIqL-e8Bci0l3o9lnnqkWQI.roa
Signing time: Thu 24 Oct 2024 08:39:16 +0000
ROA not before: Thu 24 Oct 2024 08:39:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3220
IP address blocks: 109.203.176.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Oct 2024 05:17:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:ae:1b:72:58:fb:48:80:24:62:e9:dd:b0:05:06:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 24 08:39:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2435979c8a8bf9ef01722d25de8f659e7aa45902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:84:2b:61:a1:ee:88:7b:cd:a8:d2:0c:e8:a7:
a0:89:2c:86:7b:bd:19:9f:34:ef:ff:bd:2e:3d:28:
39:c9:3c:1a:30:f8:3d:e7:6a:5f:1e:69:3e:b8:0f:
03:a9:09:52:db:f1:60:cb:ee:ca:9f:cf:68:96:bc:
f5:fd:e0:ab:5f:84:21:72:c3:2e:12:73:c2:c1:af:
e6:d0:9b:b8:e3:59:5d:a4:8c:d5:0b:4b:c1:fe:0d:
cd:a5:28:e0:67:6a:bc:ab:aa:f5:5e:3c:e7:cc:a7:
73:d7:07:e4:b7:37:d0:65:43:62:ff:01:9c:a5:31:
ae:05:78:35:e3:02:56:e1:d4:bb:4b:6c:50:dc:9f:
62:9b:f3:a1:ef:fc:84:5e:65:39:90:45:18:e0:a4:
dc:c4:9b:06:10:14:40:89:f7:9c:f4:20:9a:07:5b:
f4:c7:00:31:3f:7f:57:93:9f:3d:31:23:55:bc:2f:
a4:ed:03:d1:65:93:43:e0:0f:e6:8c:79:fa:b5:bd:
92:c3:e4:3f:5b:bb:c7:8b:51:6f:17:02:52:19:f4:
b8:a6:bf:a7:02:5b:3c:a8:73:4d:5b:b8:6f:81:5b:
1e:3d:22:71:95:0a:51:1d:34:05:81:1d:f9:8c:17:
18:76:7c:90:38:66:e5:8f:50:09:52:3a:d6:9e:79:
50:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:35:97:9C:8A:8B:F9:EF:01:72:2D:25:DE:8F:65:9E:7A:A4:59:02
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JDWXnIqL-e8Bci0l3o9lnnqkWQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.203.176.0/21
Signature Algorithm: sha256WithRSAEncryption
9f:ff:98:b3:19:60:c9:0d:14:1f:e5:61:1c:e7:a8:eb:5a:e9:
df:e2:e5:b5:b2:f4:ab:89:e0:9d:6b:bb:bd:89:61:48:b7:16:
a0:6d:8d:c5:f4:68:7b:86:41:68:82:16:52:c7:26:ab:6c:4b:
1b:e1:62:64:b7:d1:b6:27:b2:20:76:b2:66:3d:00:a4:f3:ad:
b5:ff:b1:57:96:e0:fd:a6:19:81:60:f2:cd:8b:a7:b3:0c:49:
1f:1f:ee:96:55:d4:12:46:68:d4:09:79:af:f3:18:a6:b6:b3:
41:23:9b:41:ce:0e:95:66:0d:d2:1d:a0:c7:ec:7a:7c:82:8c:
5b:ea:42:a1:b0:5c:67:0c:a3:2c:04:8d:7e:e3:e2:f6:7d:b1:
79:bc:fd:11:07:0c:0a:e1:1e:94:19:b9:e6:de:d4:51:4f:9f:
73:17:82:8c:87:3a:03:09:dc:ee:25:b4:cd:ef:9f:b8:3d:74:
5d:b2:e6:89:41:93:aa:7e:4a:54:31:4d:56:8e:5e:ad:6f:51:
e8:17:19:29:46:3a:8e:59:5a:1a:58:1e:9e:6e:2f:98:d7:61:
cf:aa:b4:32:a1:63:5a:3d:d6:d8:e8:74:4d:9b:37:29:e1:6c:
da:b3:46:e3:da:f8:b1:61:ad:28:c4:bd:76:c6:12:e0:30:61:
1e:dc:3b:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZK9rhtyWPtIgCRi6d2wBQZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQxMDI0MDgzOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDM1OTc5YzhhOGJmOWVmMDE3MjJkMjVkZThmNjU5ZTdhYTQ1OTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9IQrYaHuiHvNqNIM6KegiSyGe70Z
nzTv/70uPSg5yTwaMPg952pfHmk+uA8DqQlS2/Fgy+7Kn89olrz1/eCrX4QhcsMu
EnPCwa/m0Ju441ldpIzVC0vB/g3NpSjgZ2q8q6r1XjznzKdz1wfktzfQZUNi/wGc
pTGuBXg14wJW4dS7S2xQ3J9im/Oh7/yEXmU5kEUY4KTcxJsGEBRAifec9CCaB1v0
xwAxP39Xk589MSNVvC+k7QPRZZND4A/mjHn6tb2Sw+Q/W7vHi1FvFwJSGfS4pr+n
Als8qHNNW7hvgVsePSJxlQpRHTQFgR35jBcYdnyQOGblj1AJUjrWnnlQGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQ1l5yKi/nvAXItJd6PZZ56pFkCMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSkRXWG5JcUwtZThCY2kwbDNvOWxubnFrV1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbcuwMA0G
CSqGSIb3DQEBCwUAA4IBAQCf/5izGWDJDRQf5WEc56jrWunf4uW1svSrieCda7u9
iWFItxagbY3F9Gh7hkFoghZSxyarbEsb4WJkt9G2J7IgdrJmPQCk8621/7FXluD9
phmBYPLNi6ezDEkfH+6WVdQSRmjUCXmv8ximtrNBI5tBzg6VZg3SHaDH7Hp8goxb
6kKhsFxnDKMsBI1+4+L2fbF5vP0RBwwK4R6UGbnm3tRRT59zF4KMhzoDCdzuJbTN
75+4PXRdsuaJQZOqfkpUMU1Wjl6tb1HoFxkpRjqOWVoaWB6ebi+Y12HPqrQyoWNa
PdbY6HRNmzcp4Wzas0bj2vixYa0oxL12xhLgMGEe3DvP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:21 2025 by rpki-client