Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/JhJp8-gn41YrAm5me-prVVzVxb8.roa
File: JhJp8-gn41YrAm5me-prVVzVxb8.roa (raw, json)
Hash identifier: kvzQrldyXuSZh895Rs9kq2yUoJnZMJI4XdA19dY49WE=
Subject key identifier: 26:12:69:F3:E8:27:E3:56:2B:02:6E:66:7B:EA:6B:55:5C:D5:C5:BF
Certificate issuer: /CN=8d1bef730527aae1ecf8fb3085659d6fdfeed797
Certificate serial: 0191A5A2E88DA608D474F3D2588DFA6DE0C9
Authority key identifier: 8D:1B:EF:73:05:27:AA:E1:EC:F8:FB:30:85:65:9D:6F:DF:EE:D7:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/JhJp8-gn41YrAm5me-prVVzVxb8.roa
Signing time: Fri 30 Aug 2024 23:33:22 +0000
ROA not before: Fri 30 Aug 2024 23:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216285
IP address blocks: 2a14:4280::/29 maxlen: 29
2a14:4280::/32 maxlen: 32
2a14:4280:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 19 Sep 2024 04:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a5:a2:e8:8d:a6:08:d4:74:f3:d2:58:8d:fa:6d:e0:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1bef730527aae1ecf8fb3085659d6fdfeed797
Validity
Not Before: Aug 30 23:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=261269f3e827e3562b026e667bea6b555cd5c5bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:27:e3:cc:34:da:7b:4f:b9:d9:b2:0a:fb:48:
42:34:b7:c9:93:8d:e1:b6:ee:d3:55:c0:e1:cf:ab:
da:b6:59:fd:27:4b:c7:84:64:75:6e:ed:c5:5b:29:
3c:c8:dc:d9:15:86:ff:06:8c:f4:c3:1d:f1:e2:84:
f4:3c:60:02:b0:9d:e8:b7:47:45:b1:ef:2b:7a:46:
ef:b9:e4:23:e9:f6:ea:f5:3d:0f:77:25:74:80:dd:
1f:76:4d:be:60:78:78:82:71:6b:63:2b:35:da:00:
e1:ab:06:15:47:22:06:40:b9:46:c6:0d:83:17:4e:
08:83:90:92:8a:8e:f7:1f:27:75:1e:72:1b:ff:79:
78:0b:90:5d:85:10:07:e6:b7:16:a1:43:8b:22:83:
03:7a:81:53:4b:4c:85:7d:35:14:09:65:b5:3c:2f:
d6:ce:10:4c:b7:5e:30:16:53:39:d6:6a:ba:b1:c8:
38:de:34:a3:45:56:ad:7b:09:66:8b:84:05:9c:47:
49:69:63:a9:a6:c1:34:29:91:de:b4:13:42:e2:a0:
0a:03:0d:b2:84:b9:7a:fd:65:1f:8d:ad:bd:3a:37:
3c:e2:44:58:a7:15:9c:0a:e7:a8:0e:20:c1:b8:0b:
00:66:e3:44:ea:18:03:7f:6b:69:75:a3:a5:c1:80:
d0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:12:69:F3:E8:27:E3:56:2B:02:6E:66:7B:EA:6B:55:5C:D5:C5:BF
X509v3 Authority Key Identifier:
keyid:8D:1B:EF:73:05:27:AA:E1:EC:F8:FB:30:85:65:9D:6F:DF:EE:D7:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/JhJp8-gn41YrAm5me-prVVzVxb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/jRvvcwUnquHs-PswhWWdb9_u15c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4280::/29
Signature Algorithm: sha256WithRSAEncryption
12:4e:4c:26:86:05:3a:23:66:22:ad:6a:d2:14:8d:71:ee:a3:
d8:68:30:6d:47:8b:1e:bb:ac:43:8c:96:73:d2:21:6e:06:3b:
ea:be:5e:97:a5:92:7a:45:83:95:fe:56:44:c1:82:ce:40:e6:
58:18:19:2e:78:36:66:3e:74:70:78:b4:a6:28:c2:82:87:69:
02:82:7b:4c:86:21:3c:4a:00:d8:9f:fc:59:05:c2:e7:2f:fc:
22:b7:81:e8:fd:5b:fc:74:28:bb:d3:ff:b6:bb:3f:1d:30:a9:
bd:f7:0d:4e:c5:e2:41:e4:23:9a:98:40:05:5d:10:22:fd:f2:
51:28:c3:30:e5:0e:ef:51:1a:7f:24:4a:d6:00:92:ac:21:f2:
48:09:38:bf:97:64:c9:18:23:8a:85:cf:12:ba:17:22:9b:b7:
d0:d4:5e:9e:1b:09:80:b2:8d:63:7b:a4:62:e3:1b:c9:89:f1:
6b:d9:64:06:35:15:ef:74:34:fe:56:4e:ab:2f:03:3d:ed:d6:
4d:a7:39:a9:90:c6:78:39:73:73:fb:29:67:71:b5:64:93:d9:
75:fd:33:c3:f4:a5:b8:bf:57:fe:f2:ea:ed:12:f7:40:b7:d4:
b3:95:48:28:80:36:8e:8d:df:25:bd:b7:cd:52:c0:b5:cb:b2:
af:81:48:85
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZGlouiNpgjUdPPSWI36beDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWJlZjczMDUyN2FhZTFlY2Y4ZmIzMDg1NjU5ZDZmZGZl
ZWQ3OTcwHhcNMjQwODMwMjMzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjEyNjlmM2U4MjdlMzU2MmIwMjZlNjY3YmVhNmI1NTVjZDVjNWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCfjzDTae0+52bIK+0hCNLfJk43h
tu7TVcDhz6vatln9J0vHhGR1bu3FWyk8yNzZFYb/Boz0wx3x4oT0PGACsJ3ot0dF
se8rekbvueQj6fbq9T0PdyV0gN0fdk2+YHh4gnFrYys12gDhqwYVRyIGQLlGxg2D
F04Ig5CSio73Hyd1HnIb/3l4C5BdhRAH5rcWoUOLIoMDeoFTS0yFfTUUCWW1PC/W
zhBMt14wFlM51mq6scg43jSjRVatewlmi4QFnEdJaWOppsE0KZHetBNC4qAKAw2y
hLl6/WUfja29Ojc84kRYpxWcCueoDiDBuAsAZuNE6hgDf2tpdaOlwYDQMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCYSafPoJ+NWKwJuZnvqa1Vc1cW/MB8GA1UdIwQY
MBaAFI0b73MFJ6rh7Pj7MIVlnW/f7teXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJ2dmN3VW5xdUhzLVBzd2hXV2RiOV91MTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNzE2YWQtZWQwNC00ZGU0LWI5OTQt
NGFhYjJkNjhmYTVhLzEvSmhKcDgtZ240MVlyQW01bWUtcHJWVnpWeGI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNzE2YWQtZWQwNC00ZGU0LWI5OTQtNGFhYjJkNjhmYTVh
LzEvalJ2dmN3VW5xdUhzLVBzd2hXV2RiOV91MTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRCgDAN
BgkqhkiG9w0BAQsFAAOCAQEAEk5MJoYFOiNmIq1q0hSNce6j2GgwbUeLHrusQ4yW
c9IhbgY76r5el6WSekWDlf5WRMGCzkDmWBgZLng2Zj50cHi0pijCgodpAoJ7TIYh
PEoA2J/8WQXC5y/8IreB6P1b/HQou9P/trs/HTCpvfcNTsXiQeQjmphABV0QIv3y
USjDMOUO71EafyRK1gCSrCHySAk4v5dkyRgjioXPEroXIpu30NRenhsJgLKNY3uk
YuMbyYnxa9lkBjUV73Q0/lZOqy8DPe3WTac5qZDGeDlzc/spZ3G1ZJPZdf0zw/Sl
uL9X/vLq7RL3QLfUs5VIKIA2jo3fJb23zVLAtcuyr4FIhQ==
-----END CERTIFICATE-----
Generated at Thu Sep 19 07:47:40 2024 by rpki-client on console-fra.rpki-client.org