Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/JQdF8MgQA8VlDKB3hT5HjQc530I.roa
File: JQdF8MgQA8VlDKB3hT5HjQc530I.roa (raw, json)
Hash identifier: YSAa3Xf+wyJFX+ptus8yUysmxrwB0xEj4djnVyXfsTU=
Subject key identifier: 25:07:45:F0:C8:10:03:C5:65:0C:A0:77:85:3E:47:8D:07:39:DF:42
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 0192B9A1BB0E4CF8156C748E0182FF0D0180
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/JQdF8MgQA8VlDKB3hT5HjQc530I.roa
Signing time: Wed 23 Oct 2024 13:47:16 +0000
ROA not before: Wed 23 Oct 2024 13:47:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:7f40::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:a1:bb:0e:4c:f8:15:6c:74:8e:01:82:ff:0d:01:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Oct 23 13:47:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=250745f0c81003c5650ca077853e478d0739df42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0d:50:47:a0:b7:69:08:39:cf:12:67:96:f2:
bf:ea:6a:c2:0d:df:1a:d6:9b:6a:df:2a:c8:01:89:
ba:77:3b:6d:b2:b5:4d:11:3e:88:a3:2e:d9:8f:91:
68:5e:38:28:95:95:e0:1c:9a:ce:60:d6:5c:36:8f:
81:79:05:f9:f9:47:e0:6b:9a:01:55:ab:ea:1b:09:
15:26:04:70:e4:a3:cf:39:e4:79:03:7e:0c:34:50:
a4:d4:cc:7e:d3:9b:0a:c2:1f:ac:76:1c:1e:57:5b:
47:a7:e8:22:60:c2:d6:a6:98:59:06:42:a9:cb:64:
a7:bb:71:e1:0f:d1:c8:4e:01:48:e3:60:ab:38:ef:
a5:80:be:df:00:39:48:7b:c1:5c:7d:c1:a9:bf:88:
34:c7:ad:0a:80:0e:5d:db:58:f8:00:90:81:3f:39:
ae:42:14:bf:b2:c0:7a:ec:4c:47:98:f3:c4:ee:6f:
02:66:9e:aa:68:0b:5a:67:d7:25:55:08:f9:25:d3:
a5:eb:83:27:d3:95:8a:57:06:39:c1:25:99:13:60:
a2:29:4c:3a:e5:4c:8d:d4:67:1c:e8:df:b3:b5:a4:
44:7b:f5:3b:b5:18:f1:78:b6:52:ed:03:fc:6d:06:
d7:0b:f4:98:58:22:30:af:05:47:77:a5:76:00:18:
1f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:07:45:F0:C8:10:03:C5:65:0C:A0:77:85:3E:47:8D:07:39:DF:42
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/JQdF8MgQA8VlDKB3hT5HjQc530I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f40::/32
Signature Algorithm: sha256WithRSAEncryption
80:23:12:48:66:9e:3c:08:31:10:78:66:1d:c1:4a:2f:a8:5f:
ed:50:a0:29:59:22:c7:06:22:b1:63:a0:83:bf:b3:ec:91:12:
ae:01:63:0c:ae:10:db:7b:b4:6b:d7:d0:ec:b4:15:d4:8b:7d:
e2:4e:99:83:07:c5:13:52:a8:01:ea:78:70:60:91:06:8c:27:
22:31:0b:84:98:01:b1:fe:ae:1a:cc:7a:90:a2:2e:ba:dc:33:
57:db:6d:35:db:20:e8:ac:94:fc:1a:a3:ef:85:5a:b3:62:1c:
91:a6:43:85:5c:55:60:f8:d9:c8:8e:e0:33:c7:9e:f5:af:49:
1b:a4:9f:d9:0c:48:56:00:62:ea:2b:95:54:3c:ff:dc:b8:8b:
46:3c:40:62:9b:0b:34:c6:44:22:33:84:cb:4d:89:f7:ee:99:
41:db:54:24:1a:05:7c:ed:f9:98:ab:d1:01:d1:65:9d:e0:ac:
cc:8a:29:ba:58:99:7c:76:17:6f:3d:f3:38:19:bc:fe:40:27:
a3:f2:d0:10:a2:51:2f:23:52:f7:9a:61:32:41:1f:a6:fd:c5:
55:67:78:d0:bf:e7:28:5a:ff:97:93:3d:94:30:27:50:4a:1e:
5d:9d:15:09:76:4f:3d:c6:fe:36:c8:6b:b2:e4:98:07:07:ac:
00:3d:57:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZK5obsOTPgVbHSOAYL/DQGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjQxMDIzMTM0NzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTA3NDVmMGM4MTAwM2M1NjUwY2EwNzc4NTNlNDc4ZDA3MzlkZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q1QR6C3aQg5zxJnlvK/6mrCDd8a
1ptq3yrIAYm6dzttsrVNET6Ioy7Zj5FoXjgolZXgHJrOYNZcNo+BeQX5+Ufga5oB
VavqGwkVJgRw5KPPOeR5A34MNFCk1Mx+05sKwh+sdhweV1tHp+giYMLWpphZBkKp
y2Snu3HhD9HITgFI42CrOO+lgL7fADlIe8FcfcGpv4g0x60KgA5d21j4AJCBPzmu
QhS/ssB67ExHmPPE7m8CZp6qaAtaZ9clVQj5JdOl64Mn05WKVwY5wSWZE2CiKUw6
5UyN1Gcc6N+ztaREe/U7tRjxeLZS7QP8bQbXC/SYWCIwrwVHd6V2ABgfIwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCUHRfDIEAPFZQygd4U+R40HOd9CMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvSlFkRjhNZ1FBOFZsREtCM2hUNUhqUWM1MzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5/QDAN
BgkqhkiG9w0BAQsFAAOCAQEAgCMSSGaePAgxEHhmHcFKL6hf7VCgKVkixwYisWOg
g7+z7JESrgFjDK4Q23u0a9fQ7LQV1It94k6ZgwfFE1KoAep4cGCRBownIjELhJgB
sf6uGsx6kKIuutwzV9ttNdsg6KyU/Bqj74Vas2IckaZDhVxVYPjZyI7gM8ee9a9J
G6Sf2QxIVgBi6iuVVDz/3LiLRjxAYpsLNMZEIjOEy02J9+6ZQdtUJBoFfO35mKvR
AdFlneCszIopuliZfHYXbz3zOBm8/kAno/LQEKJRLyNS95phMkEfpv3FVWd40L/n
KFr/l5M9lDAnUEoeXZ0VCXZPPcb+NshrsuSYBwesAD1X3w==
-----END CERTIFICATE-----
Generated at Fri Oct 25 13:41:48 2024 by rpki-client on console-fra.rpki-client.org