Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/jTwTte7N4XE5ZIVAc-b0iOpIKNs.roa
File: jTwTte7N4XE5ZIVAc-b0iOpIKNs.roa (raw, json)
Hash identifier: 3eO78fZqlwLEonYZ+lyZ2R0qxdEYpO56nVsVmEr3qzc=
Subject key identifier: 8D:3C:13:B5:EE:CD:E1:71:39:64:85:40:73:E6:F4:88:EA:48:28:DB
Certificate issuer: /CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
Certificate serial: 018CC492FDA21F90FAC6B9EBFD4BC8106B64
Authority key identifier: 61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/jTwTte7N4XE5ZIVAc-b0iOpIKNs.roa
Signing time: Mon 01 Jan 2024 10:30:16 +0000
ROA not before: Mon 01 Jan 2024 10:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 159.60.0.0/20 maxlen: 24
159.60.192.0/18 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:fd:a2:1f:90:fa:c6:b9:eb:fd:4b:c8:10:6b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
Validity
Not Before: Jan 1 10:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d3c13b5eecde1713964854073e6f488ea4828db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f7:44:81:80:43:07:47:ce:45:b3:0e:c4:cc:
94:57:f8:88:4b:65:22:26:c9:9f:37:8f:43:94:e6:
8b:89:d0:f3:32:ee:b8:e5:4a:d7:8c:43:4c:5d:8e:
b3:bb:71:78:02:6f:dd:e0:b4:f4:2b:6d:9e:95:c9:
49:c0:6b:07:93:50:db:37:0f:f1:8f:02:64:90:0b:
86:af:cf:7f:d8:81:29:bd:c3:41:ee:16:85:a9:d3:
ee:e2:78:fd:31:90:75:47:26:fa:16:a9:42:7d:cb:
66:d9:af:91:be:9d:17:8c:3a:34:45:c8:58:82:f8:
26:4a:d7:0c:f3:53:f7:7e:d1:d9:9b:b5:78:82:3e:
6e:a1:48:70:f9:59:10:9f:0d:2b:c8:db:d7:88:8d:
b9:72:7c:9d:0e:f0:f0:80:af:9a:6e:bd:6c:8b:b7:
d9:0d:39:34:c4:ef:1a:ee:ab:7a:81:4b:e1:f2:13:
e7:b4:65:91:0b:a3:35:fa:23:21:3d:11:fd:d3:a1:
fd:9b:a1:0d:2c:c3:4e:54:54:2c:7c:4e:6a:a9:9b:
97:38:99:6d:ce:a2:30:61:5a:1e:f7:65:ff:2d:ad:
96:eb:0f:87:ec:30:b2:92:9a:4c:a9:ff:e3:4c:b9:
67:5f:37:bc:14:00:0f:29:c8:b8:6e:cd:fa:3e:d8:
3c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:3C:13:B5:EE:CD:E1:71:39:64:85:40:73:E6:F4:88:EA:48:28:DB
X509v3 Authority Key Identifier:
keyid:61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/jTwTte7N4XE5ZIVAc-b0iOpIKNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.60.0.0/20
159.60.192.0/18
Signature Algorithm: sha256WithRSAEncryption
5b:13:3d:e0:f5:85:67:ff:60:93:11:17:67:78:07:0c:f2:ca:
b0:ea:01:2e:98:78:98:5f:f0:e1:fc:15:5e:72:a4:2d:b9:64:
2b:2f:b1:76:fb:1e:ee:03:25:90:d2:01:3d:97:4a:f1:d6:00:
6f:66:39:c3:83:9b:fd:5c:11:35:b7:40:5e:ac:ed:d1:08:cf:
b5:ba:03:be:3f:16:d2:35:ef:69:0c:96:da:41:5d:ae:cd:00:
7a:4a:78:6e:26:c6:fb:29:1e:b2:4c:7c:00:74:85:c2:57:be:
bd:35:1b:4c:13:bf:f6:7d:ae:4f:19:02:55:c3:ce:71:7e:c2:
73:16:66:1c:d5:c3:28:eb:a4:7b:23:b0:72:ad:75:35:c6:c5:
15:f1:7a:36:71:2e:60:c4:02:d7:cc:6e:92:24:ba:e2:0a:10:
a1:80:34:c8:32:de:da:e6:13:44:c5:9c:d2:fc:03:2d:73:97:
07:7f:3d:28:14:87:e3:5e:97:ed:31:b7:f0:7c:ac:50:6a:a5:
3c:93:3c:e8:2b:6c:16:43:5e:8a:bd:42:1a:f8:a5:02:c8:96:
25:f1:f1:08:12:8a:05:a5:2f:60:2d:00:1f:36:81:ae:b5:69:
61:38:3b:e6:0a:c4:f2:dc:5e:37:fd:7d:ec:85:5e:25:0c:ad:
16:e3:42:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkv2iH5D6xrnr/UvIEGtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjNlMWNhYjhjYmY1YjNjNmUwZmJiZTE0OTFmNDhkYTYw
Y2FlNmMwHhcNMjQwMTAxMTAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDNjMTNiNWVlY2RlMTcxMzk2NDg1NDA3M2U2ZjQ4OGVhNDgyOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfdEgYBDB0fORbMOxMyUV/iIS2Ui
JsmfN49DlOaLidDzMu645UrXjENMXY6zu3F4Am/d4LT0K22elclJwGsHk1DbNw/x
jwJkkAuGr89/2IEpvcNB7haFqdPu4nj9MZB1Ryb6FqlCfctm2a+Rvp0XjDo0RchY
gvgmStcM81P3ftHZm7V4gj5uoUhw+VkQnw0ryNvXiI25cnydDvDwgK+abr1si7fZ
DTk0xO8a7qt6gUvh8hPntGWRC6M1+iMhPRH906H9m6ENLMNOVFQsfE5qqZuXOJlt
zqIwYVoe92X/La2W6w+H7DCykppMqf/jTLlnXze8FAAPKci4bs36Ptg8TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI08E7XuzeFxOWSFQHPm9IjqSCjbMB8GA1UdIwQY
MBaAFGGz4cq4y/WzxuD7vhSR9I2mDK5sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJQaHlyakw5YlBHNFB1LUZKSDBqYVlNcm13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85ZGVmODYtYjFhYy00MGU2LTgzYmQt
OTQ3Y2M1NGViZTAyLzEvalR3VHRlN040WEU1WklWQWMtYjBpT3BJS05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85ZGVmODYtYjFhYy00MGU2LTgzYmQtOTQ3Y2M1NGViZTAy
LzEvWWJQaHlyakw5YlBHNFB1LUZKSDBqYVlNcm13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEnzwAAwQG
nzzAMA0GCSqGSIb3DQEBCwUAA4IBAQBbEz3g9YVn/2CTERdneAcM8sqw6gEumHiY
X/Dh/BVecqQtuWQrL7F2+x7uAyWQ0gE9l0rx1gBvZjnDg5v9XBE1t0BerO3RCM+1
ugO+PxbSNe9pDJbaQV2uzQB6SnhuJsb7KR6yTHwAdIXCV769NRtME7/2fa5PGQJV
w85xfsJzFmYc1cMo66R7I7ByrXU1xsUV8Xo2cS5gxALXzG6SJLriChChgDTIMt7a
5hNExZzS/AMtc5cHfz0oFIfjXpftMbfwfKxQaqU8kzzoK2wWQ16KvUIa+KUCyJYl
8fEIEooFpS9gLQAfNoGutWlhODvmCsTy3F43/X3shV4lDK0W40I/
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:12 2025 by rpki-client