Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/JMxOp8NP6zD--tpQVQ8NR9js7JE.roa
File: JMxOp8NP6zD--tpQVQ8NR9js7JE.roa (raw, json)
Hash identifier: 90Dz+6w/jKQQ4CI/X0nwKo5UVz4ZnY6VHDOHtWegEAc=
Subject key identifier: 24:CC:4E:A7:C3:4F:EB:30:FE:FA:DA:50:55:0F:0D:47:D8:EC:EC:91
Certificate issuer: /CN=4e3fe90f0fad6a25d46bd7c335b922da031b2c78
Certificate serial: 018CC5004A2ADB59BFA09EC1CF68382AC77F
Authority key identifier: 4E:3F:E9:0F:0F:AD:6A:25:D4:6B:D7:C3:35:B9:22:DA:03:1B:2C:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tj_pDw-taiXUa9fDNbki2gMbLHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/JMxOp8NP6zD--tpQVQ8NR9js7JE.roa
Signing time: Mon 01 Jan 2024 12:29:39 +0000
ROA not before: Mon 01 Jan 2024 12:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60774
IP address blocks: 194.15.88.0/21 maxlen: 24
2a09:2800::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:4a:2a:db:59:bf:a0:9e:c1:cf:68:38:2a:c7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e3fe90f0fad6a25d46bd7c335b922da031b2c78
Validity
Not Before: Jan 1 12:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24cc4ea7c34feb30fefada50550f0d47d8ecec91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:54:e6:a2:0e:91:a1:6d:84:74:45:a6:11:49:
2c:28:14:33:d3:5a:57:4c:93:af:f4:d1:bb:f4:5e:
06:f6:1d:6a:47:d0:b1:d5:6b:0d:52:6d:ba:81:77:
e0:de:07:72:00:02:88:db:0f:47:5a:a5:ed:5d:68:
bc:e0:e5:b0:68:19:de:af:6c:b9:b8:12:f6:8d:ed:
28:83:28:5c:ea:ef:f8:69:6d:84:26:b2:ea:12:1a:
9a:23:94:a5:5d:a6:d9:2d:01:b6:cb:bc:e4:a5:a8:
10:2a:14:bf:0b:f5:e4:93:ab:4b:fa:b3:20:67:a8:
2e:d6:bc:45:f5:06:06:41:3f:c8:5e:7c:32:a9:13:
44:c3:f5:0a:fa:d9:2d:6f:f6:1f:fc:3b:c4:98:8c:
c8:71:35:ab:0b:6f:a6:d4:a6:d3:1c:02:43:47:5a:
8d:f7:65:cc:36:de:5d:d2:0e:99:d7:8a:da:dd:97:
c1:a3:5c:d6:d8:22:dd:67:fb:bd:17:d8:9e:02:3d:
db:d6:3f:6c:ea:d9:fd:4c:b3:e1:4c:78:d5:62:e8:
67:dc:25:a6:2b:11:7f:12:43:d4:df:57:31:46:49:
50:94:c3:5c:08:14:73:5f:bc:de:65:7c:4c:a3:98:
11:3e:f1:da:bd:cc:a9:ef:2d:8c:3d:c3:6d:40:a8:
30:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:CC:4E:A7:C3:4F:EB:30:FE:FA:DA:50:55:0F:0D:47:D8:EC:EC:91
X509v3 Authority Key Identifier:
keyid:4E:3F:E9:0F:0F:AD:6A:25:D4:6B:D7:C3:35:B9:22:DA:03:1B:2C:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tj_pDw-taiXUa9fDNbki2gMbLHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/JMxOp8NP6zD--tpQVQ8NR9js7JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/Tj_pDw-taiXUa9fDNbki2gMbLHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.88.0/21
IPv6:
2a09:2800::/29
Signature Algorithm: sha256WithRSAEncryption
93:e4:ef:47:29:50:d8:2d:04:b9:5f:eb:64:50:62:ac:dc:f8:
3c:26:1e:bf:de:6b:6f:12:eb:38:0d:d2:95:cf:37:f2:7f:78:
9e:66:ff:22:fa:cf:f2:10:05:7d:0a:ab:f9:22:64:eb:72:df:
d4:25:16:43:5b:d1:b1:6f:87:9f:f5:3f:1c:c4:b1:a6:d0:a0:
cb:5e:34:8e:47:62:ed:73:6e:0b:a3:8a:1e:ac:2e:1d:5b:33:
74:73:69:51:f1:df:e7:91:51:18:ba:4d:a5:54:cc:c1:6c:63:
dd:e2:86:bd:3a:59:39:a9:56:d5:e9:af:e0:4e:d1:0d:4a:8b:
6a:f4:d0:d0:45:87:25:14:6a:4c:c1:82:34:93:ad:1b:b1:63:
2f:d9:11:ba:d6:8d:c0:af:db:7b:17:3a:e0:e8:fd:15:b0:f0:
8c:5b:55:e1:3e:d9:79:d5:08:41:b9:67:63:0d:82:66:e9:7b:
11:65:b0:a3:78:02:30:e9:59:74:4d:2e:15:f3:bd:41:d3:a6:
84:69:2c:86:67:0d:62:05:ea:c3:05:55:c9:51:76:c8:99:f4:
3c:f5:8f:53:05:c8:ba:ea:20:5e:32:be:92:83:1a:76:dd:1d:
9f:35:fa:e8:6b:db:f8:90:e4:6a:ef:aa:72:4d:15:a3:39:85:
7c:52:18:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAEoq21m/oJ7Bz2g4Ksd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlM2ZlOTBmMGZhZDZhMjVkNDZiZDdjMzM1YjkyMmRhMDMx
YjJjNzgwHhcNMjQwMTAxMTIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGNjNGVhN2MzNGZlYjMwZmVmYWRhNTA1NTBmMGQ0N2Q4ZWNlYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFTmog6RoW2EdEWmEUksKBQz01pX
TJOv9NG79F4G9h1qR9Cx1WsNUm26gXfg3gdyAAKI2w9HWqXtXWi84OWwaBner2y5
uBL2je0ogyhc6u/4aW2EJrLqEhqaI5SlXabZLQG2y7zkpagQKhS/C/Xkk6tL+rMg
Z6gu1rxF9QYGQT/IXnwyqRNEw/UK+tktb/Yf/DvEmIzIcTWrC2+m1KbTHAJDR1qN
92XMNt5d0g6Z14ra3ZfBo1zW2CLdZ/u9F9ieAj3b1j9s6tn9TLPhTHjVYuhn3CWm
KxF/EkPU31cxRklQlMNcCBRzX7zeZXxMo5gRPvHavcyp7y2MPcNtQKgwWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCTMTqfDT+sw/vraUFUPDUfY7OyRMB8GA1UdIwQY
MBaAFE4/6Q8PrWol1GvXwzW5ItoDGyx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGpfcER3LXRhaVhVYTlmRE5ia2kyZ01iTEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80Zjk0M2YtZDE2YS00OGRhLWI5M2Et
MTQ4N2M2MDIwYzQ2LzEvSk14T3A4TlA2ekQtLXRwUVZROE5SOWpzN0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80Zjk0M2YtZDE2YS00OGRhLWI5M2EtMTQ4N2M2MDIwYzQ2
LzEvVGpfcER3LXRhaVhVYTlmRE5ia2kyZ01iTEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDwg9YMA0E
AgACMAcDBQMqCSgAMA0GCSqGSIb3DQEBCwUAA4IBAQCT5O9HKVDYLQS5X+tkUGKs
3Pg8Jh6/3mtvEus4DdKVzzfyf3ieZv8i+s/yEAV9Cqv5ImTrct/UJRZDW9Gxb4ef
9T8cxLGm0KDLXjSOR2Ltc24Lo4oerC4dWzN0c2lR8d/nkVEYuk2lVMzBbGPd4oa9
Olk5qVbV6a/gTtENSotq9NDQRYclFGpMwYI0k60bsWMv2RG61o3Ar9t7Fzrg6P0V
sPCMW1XhPtl51QhBuWdjDYJm6XsRZbCjeAIw6Vl0TS4V871B06aEaSyGZw1iBerD
BVXJUXbImfQ89Y9TBci66iBeMr6Sgxp23R2fNfroa9v4kORq76pyTRWjOYV8Uhja
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:08 2025 by rpki-client