Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/jS4BYnfktZqASShLH1ukq2UIYsY.roa
File: jS4BYnfktZqASShLH1ukq2UIYsY.roa (raw, json)
Hash identifier: 0/iEg7J9wOx5B8QkMMcQ97Ld8gwS0cG2rD1JwPS3jD8=
Subject key identifier: 8D:2E:01:62:77:E4:B5:9A:80:49:28:4B:1F:5B:A4:AB:65:08:62:C6
Certificate issuer: /CN=c09fc8a067fa6d2476bdce24afffad17131d9e86
Certificate serial: 0192D3F22EE9B4F9E0B040D211C7F4B305C5
Authority key identifier: C0:9F:C8:A0:67:FA:6D:24:76:BD:CE:24:AF:FF:AD:17:13:1D:9E:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/jS4BYnfktZqASShLH1ukq2UIYsY.roa
Signing time: Mon 28 Oct 2024 16:25:17 +0000
ROA not before: Mon 28 Oct 2024 16:25:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 216.25.124.0/24 maxlen: 24
216.25.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d3:f2:2e:e9:b4:f9:e0:b0:40:d2:11:c7:f4:b3:05:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c09fc8a067fa6d2476bdce24afffad17131d9e86
Validity
Not Before: Oct 28 16:25:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d2e016277e4b59a8049284b1f5ba4ab650862c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:55:bc:cb:83:44:11:5d:54:10:6d:fc:c7:0f:
a3:a3:7b:05:1c:c8:01:91:df:39:d7:b1:70:54:db:
c6:1a:ba:8c:54:9d:67:df:ea:97:4a:7d:30:a2:b0:
d7:1c:35:04:28:3d:cd:db:51:75:bb:0e:46:ba:bd:
99:d5:06:c4:72:f0:98:02:1b:b9:8a:07:74:b7:db:
4f:14:5a:dd:aa:77:2f:ec:ec:dd:68:c0:8d:6c:6c:
1c:f1:d1:d0:05:e0:e2:ac:0a:80:de:8a:cf:1c:b1:
d0:39:e1:ac:bb:35:77:a0:44:f8:43:33:b5:4e:2b:
fc:bb:e0:59:65:98:59:61:1b:9f:2f:bd:92:49:4b:
00:31:4e:44:f1:94:6e:be:7b:60:d5:4c:7e:5e:45:
dd:61:c8:19:a1:8f:c7:c2:b1:84:96:f5:b3:f4:6d:
5a:6a:64:1d:e7:d2:3b:9d:06:0c:34:3a:67:1f:3a:
51:99:5e:a6:ff:fe:cf:e9:51:8a:e7:7d:7b:ef:5d:
09:d7:ae:11:f8:23:19:51:8d:1b:c4:86:e0:a3:6a:
43:85:7e:4e:ce:4d:e5:ce:db:86:de:ba:a2:31:8f:
0c:4d:d4:27:3e:85:4d:7f:d4:3a:92:11:be:54:72:
10:d9:1e:59:8f:85:a0:46:06:9e:85:fd:4b:6c:d0:
c3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2E:01:62:77:E4:B5:9A:80:49:28:4B:1F:5B:A4:AB:65:08:62:C6
X509v3 Authority Key Identifier:
keyid:C0:9F:C8:A0:67:FA:6D:24:76:BD:CE:24:AF:FF:AD:17:13:1D:9E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/jS4BYnfktZqASShLH1ukq2UIYsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.25.124.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:a5:2a:c3:39:c9:9f:42:63:20:a5:1c:39:22:ee:ac:44:c3:
25:5d:14:12:07:34:fb:a4:f0:91:89:e8:aa:86:ea:34:f4:a6:
42:28:1e:ec:3b:2b:58:2b:34:f7:d2:cd:48:4d:02:c5:12:eb:
5c:e3:ac:47:7a:3d:ad:f7:08:d6:2f:64:ef:0e:24:92:18:09:
63:b0:47:06:1a:ae:bf:d4:b6:53:a4:8c:d1:4d:af:76:ab:f5:
45:3a:b3:fc:89:7b:bc:86:3b:f0:85:bc:e8:e1:13:ad:37:e8:
41:21:87:e7:f1:aa:e9:83:af:09:23:ea:f1:e5:81:63:2f:3d:
11:85:3f:06:04:57:26:c8:2d:a3:ef:6e:28:cd:85:c0:7c:13:
14:26:74:85:c2:01:9b:a5:d1:b8:60:8c:43:e8:69:07:40:a8:
6c:c6:02:bb:15:27:4b:48:c8:4e:7e:41:bd:79:53:b2:66:67:
40:9d:bb:e3:39:86:eb:17:c2:40:9d:d1:e8:c7:e8:36:a3:b5:
07:18:18:63:fa:8d:83:a0:5f:24:4b:87:af:37:0c:12:c2:9a:
3c:e3:8f:fa:79:5c:52:6b:7f:35:96:9d:81:0d:e4:1a:db:f1:
dd:b7:91:70:65:e4:84:9a:ed:8b:ff:c8:43:be:f2:5a:80:11:
81:06:4c:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLT8i7ptPngsEDSEcf0swXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOWZjOGEwNjdmYTZkMjQ3NmJkY2UyNGFmZmZhZDE3MTMx
ZDllODYwHhcNMjQxMDI4MTYyNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDJlMDE2Mjc3ZTRiNTlhODA0OTI4NGIxZjViYTRhYjY1MDg2MmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlW8y4NEEV1UEG38xw+jo3sFHMgB
kd8517FwVNvGGrqMVJ1n3+qXSn0worDXHDUEKD3N21F1uw5Gur2Z1QbEcvCYAhu5
igd0t9tPFFrdqncv7OzdaMCNbGwc8dHQBeDirAqA3orPHLHQOeGsuzV3oET4QzO1
Tiv8u+BZZZhZYRufL72SSUsAMU5E8ZRuvntg1Ux+XkXdYcgZoY/HwrGElvWz9G1a
amQd59I7nQYMNDpnHzpRmV6m//7P6VGK5317710J164R+CMZUY0bxIbgo2pDhX5O
zk3lztuG3rqiMY8MTdQnPoVNf9Q6khG+VHIQ2R5Zj4WgRgaehf1LbNDDKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0uAWJ35LWagEkoSx9bpKtlCGLGMB8GA1UdIwQY
MBaAFMCfyKBn+m0kdr3OJK//rRcTHZ6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pfSW9HZjZiU1IydmM0a3JfLXRGeE1kbm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9hNzMzYmMtNjhmOC00OTlmLTg1MGYt
OGU5MjRmZmJlNTg0LzEvalM0QlluZmt0WnFBU1NoTEgxdWtxMlVJWXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9hNzMzYmMtNjhmOC00OTlmLTg1MGYtOGU5MjRmZmJlNTg0
LzEvd0pfSW9HZjZiU1IydmM0a3JfLXRGeE1kbm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2Bl8MA0G
CSqGSIb3DQEBCwUAA4IBAQAupSrDOcmfQmMgpRw5Iu6sRMMlXRQSBzT7pPCRieiq
huo09KZCKB7sOytYKzT30s1ITQLFEutc46xHej2t9wjWL2TvDiSSGAljsEcGGq6/
1LZTpIzRTa92q/VFOrP8iXu8hjvwhbzo4ROtN+hBIYfn8arpg68JI+rx5YFjLz0R
hT8GBFcmyC2j724ozYXAfBMUJnSFwgGbpdG4YIxD6GkHQKhsxgK7FSdLSMhOfkG9
eVOyZmdAnbvjOYbrF8JAndHox+g2o7UHGBhj+o2DoF8kS4evNwwSwpo844/6eVxS
a381lp2BDeQa2/Hdt5FwZeSEmu2L/8hDvvJagBGBBkyC
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:24:20 2025 by rpki-client