Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/JYNbkfPdkSCwAgRHBzfeNTpx2fo.roa
File: JYNbkfPdkSCwAgRHBzfeNTpx2fo.roa (raw, json)
Hash identifier: SansUsyfY+iWjh/ydwKsvhhUcmkTlbZXlanRzxbv+eI=
Subject key identifier: 25:83:5B:91:F3:DD:91:20:B0:02:04:47:07:37:DE:35:3A:71:D9:FA
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 019116298326DE34DC910D85B1933FB35647
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/JYNbkfPdkSCwAgRHBzfeNTpx2fo.roa
Signing time: Sat 03 Aug 2024 02:55:04 +0000
ROA not before: Sat 03 Aug 2024 02:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 109.111.42.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 02 Sep 2024 15:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:16:29:83:26:de:34:dc:91:0d:85:b1:93:3f:b3:56:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Aug 3 02:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25835b91f3dd9120b00204470737de353a71d9fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:69:02:cc:02:d4:fb:9d:8d:ef:dd:e1:13:22:
0c:a1:29:b0:6c:40:60:14:d2:7a:58:97:5a:41:af:
b3:c6:d7:ce:8e:6d:a2:36:69:91:7a:67:7f:73:dc:
0b:96:a9:28:be:63:18:f5:d1:7b:80:4d:c5:a6:59:
51:d7:41:21:e0:f3:ac:2f:d3:c0:87:52:2a:cf:14:
2e:c4:0e:78:35:81:11:e8:5b:e8:d5:35:28:d4:75:
d3:cc:3e:90:8a:91:a4:27:56:28:dc:95:99:08:9b:
4f:47:bb:6d:94:4c:e0:1a:18:8e:cb:f0:ae:4b:ce:
37:67:d7:03:89:44:a8:bc:20:09:05:22:3e:1e:70:
b9:bc:26:b1:d1:13:d3:4c:b1:5e:ae:8b:7b:00:e2:
14:ed:cb:9e:0d:78:0b:99:cb:92:f3:cb:d7:6b:31:
c9:84:70:30:47:06:f6:c2:5f:67:53:4e:8e:78:fa:
2c:56:f0:30:0c:27:45:b8:9a:05:00:12:06:6b:21:
b5:12:19:f3:a8:6c:45:96:50:80:52:53:e4:ea:3d:
20:b6:6f:27:05:50:22:9e:57:3c:d6:23:1e:6d:f7:
d6:3b:86:d1:59:c5:f9:5a:be:56:9c:55:b3:4a:5d:
65:e0:73:09:51:52:10:dc:48:a7:90:3c:3d:2b:a1:
0f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:83:5B:91:F3:DD:91:20:B0:02:04:47:07:37:DE:35:3A:71:D9:FA
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/JYNbkfPdkSCwAgRHBzfeNTpx2fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.42.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:87:ad:ac:50:d2:0e:9c:b0:79:66:27:b6:05:dd:9b:e0:20:
e7:ae:bd:49:1f:78:5a:74:f5:92:43:bd:33:da:7e:98:b3:19:
9e:17:77:d1:d1:69:ea:a6:87:8e:12:7b:cc:65:15:3c:c2:fe:
b5:ef:b7:29:27:a1:8c:63:4c:85:f9:55:90:2c:10:dc:4b:60:
3c:4d:09:dc:99:fa:b4:77:ed:98:3f:f5:fd:c6:63:fa:af:da:
cf:c8:a5:31:ca:f3:22:2d:ff:8f:3c:fe:ce:1b:e8:5c:d5:38:
af:b5:0b:1f:31:63:02:69:fd:f0:54:52:7f:94:63:72:a2:ba:
c7:eb:38:d3:98:4c:8b:3c:9f:47:72:92:f8:3b:c0:df:73:09:
33:91:00:66:19:02:66:04:0c:49:bc:ef:da:11:fb:c0:20:5b:
af:c1:9d:b5:a4:67:5e:2e:18:f3:46:24:34:13:44:71:1d:ec:
c7:78:45:f4:45:d2:83:82:6f:c2:a9:f0:b3:77:4f:54:b5:a0:
9d:77:8a:0b:49:b3:99:11:a3:bd:0f:0a:07:ff:02:6b:03:88:
80:2e:93:16:ae:5c:1b:f7:5f:03:8e:12:4a:6c:3e:ab:1f:d2:
2f:70:a6:e2:98:e2:69:a3:ff:77:b2:eb:4d:ef:1b:60:21:71:
8d:99:d2:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEWKYMm3jTckQ2FsZM/s1ZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwODAzMDI1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTgzNWI5MWYzZGQ5MTIwYjAwMjA0NDcwNzM3ZGUzNTNhNzFkOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmkCzALU+52N793hEyIMoSmwbEBg
FNJ6WJdaQa+zxtfOjm2iNmmRemd/c9wLlqkovmMY9dF7gE3FpllR10Eh4POsL9PA
h1IqzxQuxA54NYER6Fvo1TUo1HXTzD6QipGkJ1Yo3JWZCJtPR7ttlEzgGhiOy/Cu
S843Z9cDiUSovCAJBSI+HnC5vCax0RPTTLFerot7AOIU7cueDXgLmcuS88vXazHJ
hHAwRwb2wl9nU06OePosVvAwDCdFuJoFABIGayG1EhnzqGxFllCAUlPk6j0gtm8n
BVAinlc81iMebffWO4bRWcX5Wr5WnFWzSl1l4HMJUVIQ3EinkDw9K6EPrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCWDW5Hz3ZEgsAIERwc33jU6cdn6MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvSllOYmtmUGRrU0N3QWdSSEJ6ZmVOVHB4MmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbW8qMA0G
CSqGSIb3DQEBCwUAA4IBAQCMh62sUNIOnLB5Zie2Bd2b4CDnrr1JH3hadPWSQ70z
2n6YsxmeF3fR0WnqpoeOEnvMZRU8wv6177cpJ6GMY0yF+VWQLBDcS2A8TQncmfq0
d+2YP/X9xmP6r9rPyKUxyvMiLf+PPP7OG+hc1TivtQsfMWMCaf3wVFJ/lGNyorrH
6zjTmEyLPJ9HcpL4O8DfcwkzkQBmGQJmBAxJvO/aEfvAIFuvwZ21pGdeLhjzRiQ0
E0RxHezHeEX0RdKDgm/CqfCzd09UtaCdd4oLSbOZEaO9DwoH/wJrA4iALpMWrlwb
918DjhJKbD6rH9IvcKbimOJpo/93sutN7xtgIXGNmdIA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:42 2025 by rpki-client