Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/JWTBFIMkpmmcJ53sLsV_oS1GVNg.roa
File: JWTBFIMkpmmcJ53sLsV_oS1GVNg.roa (raw, json)
Hash identifier: VLnI3NmxDv+pOvvtKQTUnR/cZt4tMBOHbXdevwQEvkc=
Subject key identifier: 25:64:C1:14:83:24:A6:69:9C:27:9D:EC:2E:C5:7F:A1:2D:46:54:D8
Certificate issuer: /CN=ca3348abf173d2774c8942008cadf6d6012a3d52
Certificate serial: 01913455D0690BE13A7BBBCADB68F2BC0E6E
Authority key identifier: CA:33:48:AB:F1:73:D2:77:4C:89:42:00:8C:AD:F6:D6:01:2A:3D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjNIq_Fz0ndMiUIAjK321gEqPVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/JWTBFIMkpmmcJ53sLsV_oS1GVNg.roa
Signing time: Thu 08 Aug 2024 23:32:04 +0000
ROA not before: Thu 08 Aug 2024 23:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216417
IP address blocks: 2a04:5040::/32 maxlen: 32
2a04:5040:6001::/48 maxlen: 48
2a04:5040:6002::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 11 Aug 2024 11:40:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:34:55:d0:69:0b:e1:3a:7b:bb:ca:db:68:f2:bc:0e:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca3348abf173d2774c8942008cadf6d6012a3d52
Validity
Not Before: Aug 8 23:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2564c1148324a6699c279dec2ec57fa12d4654d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:af:74:6b:74:86:87:ba:4e:8f:a8:b9:ca:db:
78:c8:fb:c8:5f:54:61:99:e3:5a:b2:be:f6:ed:54:
10:b2:1a:08:aa:9d:83:01:35:77:ff:45:b3:2a:b5:
21:72:2a:8d:d4:68:1e:b6:47:5b:3b:da:a1:a0:79:
08:03:e1:51:68:79:ab:3c:d7:26:44:42:08:48:76:
61:30:62:28:20:f1:23:c3:30:b8:5a:c8:3e:76:17:
b5:f7:7e:02:6a:66:70:e5:d4:11:ba:ee:b4:25:60:
32:3b:2a:86:0f:7d:27:f0:46:4b:a1:4a:d2:98:8b:
8f:36:8e:10:3b:4a:ea:42:cd:2b:13:41:7a:5b:5c:
ff:ad:56:d8:7a:5b:5c:e0:0f:14:35:3b:35:ac:86:
ca:ec:65:06:23:a2:ec:ec:12:9f:08:82:1b:68:9f:
de:06:22:a2:83:ca:d6:33:8f:55:38:3e:36:99:68:
eb:6b:0e:cf:2f:c3:7e:1f:c3:f3:d3:b2:0d:3a:e9:
b7:24:9d:81:7b:1d:60:cd:af:d4:df:b9:ed:54:c5:
3a:e0:0a:8f:9b:c7:6e:68:ac:23:7c:89:a0:97:c3:
a5:cf:12:06:ac:67:0a:b7:85:86:e7:42:a8:c4:6a:
a3:89:f2:e6:c1:18:c9:a1:e0:db:22:2c:4e:bd:98:
2c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:64:C1:14:83:24:A6:69:9C:27:9D:EC:2E:C5:7F:A1:2D:46:54:D8
X509v3 Authority Key Identifier:
keyid:CA:33:48:AB:F1:73:D2:77:4C:89:42:00:8C:AD:F6:D6:01:2A:3D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjNIq_Fz0ndMiUIAjK321gEqPVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/JWTBFIMkpmmcJ53sLsV_oS1GVNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/yjNIq_Fz0ndMiUIAjK321gEqPVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5040::/32
Signature Algorithm: sha256WithRSAEncryption
88:9b:c7:ad:82:5f:39:d6:52:66:76:62:5f:5d:02:e6:2e:b2:
af:56:1e:af:d1:63:14:f1:bd:39:eb:68:c8:c6:74:ee:62:2a:
e9:61:a6:6c:86:16:77:08:45:15:9a:d8:cf:b7:ee:bb:54:00:
96:83:20:0b:02:f0:4b:b9:a3:6c:5b:45:1d:3e:0f:5b:e9:4f:
59:dd:c5:ba:be:4c:78:ba:02:60:e6:2c:5c:8d:05:2c:22:84:
3f:70:7b:48:d8:13:27:aa:41:4f:11:b1:87:ae:05:e7:20:0d:
2c:b6:a8:3a:e9:45:82:00:62:45:f8:9d:40:73:e7:1a:eb:9f:
38:e5:1a:9e:6d:54:77:0a:80:35:6a:c5:32:eb:73:f3:d1:7c:
c5:c5:39:7d:89:a1:96:1c:b2:4f:b4:bb:bc:af:77:09:bf:32:
74:a4:2c:a9:ae:af:e3:26:61:e3:dc:5e:cc:5d:21:a1:8c:30:
ca:05:b6:8d:13:ab:5c:a5:d4:2b:8e:1e:ef:fc:e2:3e:15:06:
e3:21:dc:7a:c2:62:15:64:50:16:8f:91:7f:40:85:ed:d9:a0:
fb:9d:e7:00:9d:bf:14:90:e2:38:02:fb:ce:6e:45:f6:43:a8:
90:12:dd:dd:3e:fe:71:f7:e6:b0:19:ab:b7:52:eb:06:fe:f2:
ff:19:25:72
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZE0VdBpC+E6e7vK22jyvA5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzM0OGFiZjE3M2QyNzc0Yzg5NDIwMDhjYWRmNmQ2MDEy
YTNkNTIwHhcNMjQwODA4MjMzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTY0YzExNDgzMjRhNjY5OWMyNzlkZWMyZWM1N2ZhMTJkNDY1NGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyq90a3SGh7pOj6i5ytt4yPvIX1Rh
meNasr727VQQshoIqp2DATV3/0WzKrUhciqN1GgetkdbO9qhoHkIA+FRaHmrPNcm
REIISHZhMGIoIPEjwzC4Wsg+dhe1934CamZw5dQRuu60JWAyOyqGD30n8EZLoUrS
mIuPNo4QO0rqQs0rE0F6W1z/rVbYeltc4A8UNTs1rIbK7GUGI6Ls7BKfCIIbaJ/e
BiKig8rWM49VOD42mWjraw7PL8N+H8Pz07INOum3JJ2Bex1gza/U37ntVMU64AqP
m8duaKwjfImgl8OlzxIGrGcKt4WG50KoxGqjifLmwRjJoeDbIixOvZgs7QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCVkwRSDJKZpnCed7C7Ff6EtRlTYMB8GA1UdIwQY
MBaAFMozSKvxc9J3TIlCAIyt9tYBKj1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpOSXFfRnowbmRNaVVJQWpLMzIxZ0VxUFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8wMjY5MTQtMTYxMi00NWY0LWFjZGYt
MmFjYjlkMTdjMTFjLzEvSldUQkZJTWtwbW1jSjUzc0xzVl9vUzFHVk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8wMjY5MTQtMTYxMi00NWY0LWFjZGYtMmFjYjlkMTdjMTFj
LzEveWpOSXFfRnowbmRNaVVJQWpLMzIxZ0VxUFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgRQQDAN
BgkqhkiG9w0BAQsFAAOCAQEAiJvHrYJfOdZSZnZiX10C5i6yr1Yer9FjFPG9Oeto
yMZ07mIq6WGmbIYWdwhFFZrYz7fuu1QAloMgCwLwS7mjbFtFHT4PW+lPWd3Fur5M
eLoCYOYsXI0FLCKEP3B7SNgTJ6pBTxGxh64F5yANLLaoOulFggBiRfidQHPnGuuf
OOUanm1UdwqANWrFMutz89F8xcU5fYmhlhyyT7S7vK93Cb8ydKQsqa6v4yZh49xe
zF0hoYwwygW2jROrXKXUK44e7/ziPhUG4yHcesJiFWRQFo+Rf0CF7dmg+53nAJ2/
FJDiOAL7zm5F9kOokBLd3T7+cffmsBmrt1LrBv7y/xklcg==
-----END CERTIFICATE-----
Generated at Sun Aug 11 13:09:05 2024 by rpki-client on console-fra.rpki-client.org