Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/jrPgha11cFjgUuRZJ1uC571F4Bk.roa
File: jrPgha11cFjgUuRZJ1uC571F4Bk.roa (raw, json)
Hash identifier: n5bZJ7pk7XL7iC1gxnWFE3KgECN8ZFkQJOUBHz8xEqM=
Subject key identifier: 8E:B3:E0:85:AD:75:70:58:E0:52:E4:59:27:5B:82:E7:BD:45:E0:19
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 01939304DDD710B5B331FD4E3592709A47ED
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/jrPgha11cFjgUuRZJ1uC571F4Bk.roa
Signing time: Wed 04 Dec 2024 18:53:09 +0000
ROA not before: Wed 04 Dec 2024 18:53:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204490
IP address blocks: 2a09:3903::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:93:04:dd:d7:10:b5:b3:31:fd:4e:35:92:70:9a:47:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Dec 4 18:53:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8eb3e085ad757058e052e459275b82e7bd45e019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:df:0f:f8:71:29:19:bb:59:d9:27:67:89:4d:
a3:7d:e8:07:2c:78:8f:70:09:68:ae:a4:bc:3e:6d:
11:94:43:0a:87:59:64:d9:85:f6:12:b2:a2:06:45:
1d:ee:94:c7:69:fc:23:fe:a5:1f:85:96:12:54:da:
83:bb:b3:2f:a8:33:de:64:b0:a2:37:ba:d4:40:e6:
60:5e:8f:f6:53:6f:3e:9b:ea:f1:65:c5:12:0f:7b:
64:d0:9f:d5:bb:78:99:9d:f4:f3:5e:f0:8b:46:d4:
9b:6d:c6:0b:f8:4e:a5:85:c3:7b:83:ba:b2:92:33:
1f:7f:d9:d6:57:2d:91:aa:52:cc:24:b2:90:79:c3:
50:e4:a8:88:dd:a4:3e:d9:d6:ff:cd:bf:66:cf:8f:
aa:f2:46:a0:7b:06:07:74:ce:c8:09:4b:7f:49:5e:
6b:69:31:ef:a8:21:9d:b1:a9:0f:4a:b3:84:01:89:
21:e6:ff:5c:44:ec:82:79:08:07:ae:f7:2d:af:6c:
bd:49:00:22:f7:54:34:c8:33:24:21:4b:20:74:87:
15:ef:22:84:3a:63:42:f4:e9:3a:62:ae:55:17:76:
f6:6b:f8:e1:39:db:c9:6e:70:ee:cf:ea:86:db:f4:
64:bc:78:de:f7:6d:63:fc:77:dc:c8:0f:b8:0f:18:
0c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B3:E0:85:AD:75:70:58:E0:52:E4:59:27:5B:82:E7:BD:45:E0:19
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/jrPgha11cFjgUuRZJ1uC571F4Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3903::/32
Signature Algorithm: sha256WithRSAEncryption
27:03:53:0d:47:93:a5:f3:2e:f6:54:83:ac:ac:6a:77:86:0a:
06:79:05:41:4f:93:4c:8b:28:ea:e4:87:0e:43:fd:d2:a4:0a:
d6:37:34:34:ab:a7:da:56:31:da:7e:fa:c7:46:ae:a0:f6:e5:
26:cd:82:45:61:e9:16:67:9e:9c:c9:70:a0:8f:1e:58:a1:e9:
f9:da:8f:5a:cb:9c:d4:d6:93:69:cd:21:63:7a:dc:ba:31:38:
d2:6a:30:fa:ab:31:4e:fe:fc:7a:66:f2:82:a4:cb:fa:0b:90:
50:11:09:81:01:a7:49:9b:77:8e:2f:30:68:d3:ac:c2:6c:97:
08:c7:a7:87:c9:17:87:6c:05:a5:32:32:03:a6:15:52:2d:7e:
b4:b8:6c:cb:4b:8f:d9:69:d7:c0:2c:6b:55:22:49:92:2a:35:
15:31:11:18:e6:7d:6c:6b:5a:eb:65:fb:1e:db:9d:7b:c9:57:
ad:e7:a8:0e:5e:57:01:4c:32:3e:e1:f1:4b:ec:47:68:7c:36:
1f:dd:e4:5d:c7:f2:a2:df:94:a2:73:9e:2a:d6:54:8e:4b:19:
75:01:7d:42:d8:58:41:d3:b7:a7:7e:de:5c:01:e3:93:f7:99:
8d:39:f5:95:70:46:19:33:37:41:5b:c4:c5:c9:69:2e:4b:a1:
43:a5:c5:86
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOTBN3XELWzMf1ONZJwmkftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQxMjA0MTg1MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWIzZTA4NWFkNzU3MDU4ZTA1MmU0NTkyNzViODJlN2JkNDVlMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs98P+HEpGbtZ2SdniU2jfegHLHiP
cAlorqS8Pm0RlEMKh1lk2YX2ErKiBkUd7pTHafwj/qUfhZYSVNqDu7MvqDPeZLCi
N7rUQOZgXo/2U28+m+rxZcUSD3tk0J/Vu3iZnfTzXvCLRtSbbcYL+E6lhcN7g7qy
kjMff9nWVy2RqlLMJLKQecNQ5KiI3aQ+2db/zb9mz4+q8kagewYHdM7ICUt/SV5r
aTHvqCGdsakPSrOEAYkh5v9cROyCeQgHrvctr2y9SQAi91Q0yDMkIUsgdIcV7yKE
OmNC9Ok6Yq5VF3b2a/jhOdvJbnDuz+qG2/RkvHje921j/HfcyA+4DxgMkQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFI6z4IWtdXBY4FLkWSdbgue9ReAZMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvanJQZ2hhMTFjRmpnVXVSWkoxdUM1NzFGNEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgk5AzAN
BgkqhkiG9w0BAQsFAAOCAQEAJwNTDUeTpfMu9lSDrKxqd4YKBnkFQU+TTIso6uSH
DkP90qQK1jc0NKun2lYx2n76x0auoPblJs2CRWHpFmeenMlwoI8eWKHp+dqPWsuc
1NaTac0hY3rcujE40mow+qsxTv78embygqTL+guQUBEJgQGnSZt3ji8waNOswmyX
CMenh8kXh2wFpTIyA6YVUi1+tLhsy0uP2WnXwCxrVSJJkio1FTERGOZ9bGta62X7
Htude8lXreeoDl5XAUwyPuHxS+xHaHw2H93kXcfyot+UonOeKtZUjksZdQF9QthY
QdO3p37eXAHjk/eZjTn1lXBGGTM3QVvExclpLkuhQ6XFhg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:31:30 2025 by rpki-client