Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/JrwlI3s3WPfI9QHON_lzn72poRc.roa
File: JrwlI3s3WPfI9QHON_lzn72poRc.roa (raw, json)
Hash identifier: bLbjIPTkBlOQbg0lNf4LiNVkkmriyBhVV6JqpMjUKUM=
Subject key identifier: 26:BC:25:23:7B:37:58:F7:C8:F5:01:CE:37:F9:73:9F:BD:A9:A1:17
Certificate issuer: /CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Certificate serial: 018CC8DCD91598C52B659256D60E05CE1DCA
Authority key identifier: AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/JrwlI3s3WPfI9QHON_lzn72poRc.roa
Signing time: Tue 02 Jan 2024 06:29:25 +0000
ROA not before: Tue 02 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60993
IP address blocks: 128.0.57.0/24 maxlen: 24
128.0.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:d9:15:98:c5:2b:65:92:56:d6:0e:05:ce:1d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Validity
Not Before: Jan 2 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26bc25237b3758f7c8f501ce37f9739fbda9a117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:04:2e:2b:58:26:78:2c:de:d8:c5:52:39:1e:
f0:41:c3:68:0c:26:35:e6:3a:c3:69:ca:05:b8:9d:
cb:75:39:68:f3:75:93:f6:89:b8:37:68:3e:ae:d5:
41:cf:db:58:78:3f:94:f9:fb:1a:8f:e6:4f:03:f5:
aa:66:57:0c:ad:38:a0:77:c1:ab:74:b9:95:32:f9:
28:78:33:46:31:f8:f3:bb:e9:82:77:d3:ed:02:e1:
b7:20:9f:63:98:87:0c:25:ec:f9:ed:85:4c:99:c4:
b5:36:78:da:b8:a8:51:d3:62:fc:71:a6:48:7e:1c:
02:7b:2f:5a:56:9d:2e:2d:43:74:3b:cb:1a:20:5c:
e0:1c:fe:6b:a3:25:1e:68:d5:e5:a8:3e:71:b8:fb:
3c:28:e0:3c:bb:37:44:62:fb:34:70:27:ad:c4:2c:
1a:52:4d:fc:0b:2e:64:65:80:0e:be:0b:ee:13:45:
ce:56:6a:60:4e:d9:8a:41:dd:b0:db:20:c7:e2:00:
50:40:4b:d3:62:4a:96:b8:2a:43:d9:7b:d4:db:d9:
a8:ff:9b:a5:96:34:bd:f0:06:c1:3f:ff:9f:df:09:
ca:7c:b2:25:5b:c1:b7:14:3d:b4:45:b6:6c:73:54:
21:77:57:f4:e9:e7:6f:97:cc:fb:ea:a5:dc:ad:fd:
51:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:BC:25:23:7B:37:58:F7:C8:F5:01:CE:37:F9:73:9F:BD:A9:A1:17
X509v3 Authority Key Identifier:
keyid:AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/JrwlI3s3WPfI9QHON_lzn72poRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/q4xsWLYH_yOucXWmFoLHVIDx4hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.53.0/24
128.0.57.0/24
Signature Algorithm: sha256WithRSAEncryption
02:e5:94:fc:a1:9c:93:39:88:af:ff:2f:70:2b:57:57:07:02:
c6:6e:87:9a:59:48:5e:2b:16:55:3f:c5:b2:5e:a4:fe:07:d6:
28:c9:93:25:b1:a2:06:cb:79:90:f5:b5:d8:35:8b:eb:68:da:
f5:e2:6c:a8:f0:f3:4f:5c:5f:b5:ac:94:b2:e9:e1:f6:c4:b7:
35:1b:43:42:50:c9:e9:97:58:9d:ec:db:cb:35:b7:9f:2e:ff:
43:90:c5:56:18:92:1e:af:8c:57:b7:b8:74:56:75:f6:1e:86:
e2:4e:ad:19:f1:3b:ef:e3:ce:3d:be:e6:c0:e9:30:69:82:26:
8d:59:5b:6c:b2:1c:27:c6:fe:62:70:fd:ab:c4:32:2b:50:06:
f4:2b:31:17:2f:61:53:3a:6f:0a:4b:b3:69:d9:15:2b:22:b6:
a5:dc:b5:1d:43:2b:56:f7:45:8c:38:ec:a3:7f:95:78:88:09:
f9:6d:c9:76:6a:eb:9b:83:81:89:9c:05:7c:0b:ae:e5:d4:aa:
e8:94:78:ea:6b:a9:1f:9d:72:83:2d:c9:f6:57:4b:34:e9:9e:
3f:ac:29:f0:5f:65:80:8c:55:42:2e:39:8c:69:ad:37:45:6a:
2c:c5:9a:95:2b:3c:a0:96:23:0b:eb:d0:9f:4e:4c:1e:09:83:
b5:88:39:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3NkVmMUrZZJW1g4Fzh3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOGM2YzU4YjYwN2ZmMjNhZTcxNzVhNjE2ODJjNzU0ODBm
MWUyMTQwHhcNMjQwMTAyMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmJjMjUyMzdiMzc1OGY3YzhmNTAxY2UzN2Y5NzM5ZmJkYTlhMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwQuK1gmeCze2MVSOR7wQcNoDCY1
5jrDacoFuJ3LdTlo83WT9om4N2g+rtVBz9tYeD+U+fsaj+ZPA/WqZlcMrTigd8Gr
dLmVMvkoeDNGMfjzu+mCd9PtAuG3IJ9jmIcMJez57YVMmcS1NnjauKhR02L8caZI
fhwCey9aVp0uLUN0O8saIFzgHP5royUeaNXlqD5xuPs8KOA8uzdEYvs0cCetxCwa
Uk38Cy5kZYAOvgvuE0XOVmpgTtmKQd2w2yDH4gBQQEvTYkqWuCpD2XvU29mo/5ul
ljS98AbBP/+f3wnKfLIlW8G3FD20RbZsc1Qhd1f06edvl8z76qXcrf1R2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCa8JSN7N1j3yPUBzjf5c5+9qaEXMB8GA1UdIwQY
MBaAFKuMbFi2B/8jrnF1phaCx1SA8eIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTR4c1dMWUhfeU91Y1hXbUZvTEhWSUR4NGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZmI4ZWUtYzVjNC00NDY3LWEwY2Mt
ODhhM2M0MWZhZWUyLzEvSnJ3bEkzczNXUGZJOVFIT05fbHpuNzJwb1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZmI4ZWUtYzVjNC00NDY3LWEwY2MtODhhM2M0MWZhZWUy
LzEvcTR4c1dMWUhfeU91Y1hXbUZvTEhWSUR4NGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAgAA1AwQA
gAA5MA0GCSqGSIb3DQEBCwUAA4IBAQAC5ZT8oZyTOYiv/y9wK1dXBwLGboeaWUhe
KxZVP8WyXqT+B9YoyZMlsaIGy3mQ9bXYNYvraNr14myo8PNPXF+1rJSy6eH2xLc1
G0NCUMnpl1id7NvLNbefLv9DkMVWGJIer4xXt7h0VnX2HobiTq0Z8Tvv4849vubA
6TBpgiaNWVtsshwnxv5icP2rxDIrUAb0KzEXL2FTOm8KS7Np2RUrIral3LUdQytW
90WMOOyjf5V4iAn5bcl2auubg4GJnAV8C67l1KrolHjqa6kfnXKDLcn2V0s06Z4/
rCnwX2WAjFVCLjmMaa03RWosxZqVKzygliML69CfTkweCYO1iDkJ
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:06:03 2025 by rpki-client