Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/89ce74-9380-4ccf-a615-4c08b4aa20fe/1/14_hJ2-kA--BjQRUmggJ22M4z8k.roa
File: 14_hJ2-kA--BjQRUmggJ22M4z8k.roa (raw, json)
Hash identifier: twz2ofXJXpNpZcSCNQcgd3/eJi7tcltQZN45R9sYQYg=
Subject key identifier: D7:8F:E1:27:6F:A4:03:EF:81:8D:04:54:9A:08:09:DB:63:38:CF:C9
Certificate issuer: /CN=c874132c12f86995fe2893e4dea72638d2601079
Certificate serial: 0192E34A7914538518C3A8C3DC16D9CD3909
Authority key identifier: C8:74:13:2C:12:F8:69:95:FE:28:93:E4:DE:A7:26:38:D2:60:10:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHQTLBL4aZX-KJPk3qcmONJgEHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/89ce74-9380-4ccf-a615-4c08b4aa20fe/1/14_hJ2-kA--BjQRUmggJ22M4z8k.roa
Signing time: Thu 31 Oct 2024 15:56:01 +0000
ROA not before: Thu 31 Oct 2024 15:56:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198157
IP address blocks: 128.127.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e3:4a:79:14:53:85:18:c3:a8:c3:dc:16:d9:cd:39:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c874132c12f86995fe2893e4dea72638d2601079
Validity
Not Before: Oct 31 15:56:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d78fe1276fa403ef818d04549a0809db6338cfc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:18:77:ea:3d:1d:50:3b:67:f9:ec:38:ed:3b:
ea:0d:77:44:04:25:1c:7d:01:bd:a4:81:61:d3:32:
13:d4:6c:9e:99:19:94:6b:ee:b3:c2:5a:9b:dd:e0:
b5:ff:74:60:7f:60:37:e4:92:2d:6d:df:70:6b:14:
fd:1c:77:20:91:27:fe:a3:09:33:af:98:bf:14:e1:
91:c1:88:89:8d:89:05:be:e6:8f:d0:f0:c0:3a:49:
83:af:d3:d5:8b:b0:c5:84:78:d7:44:15:d0:f0:e0:
b1:67:5f:ad:e9:57:d2:58:12:19:1e:5d:62:b7:17:
2e:e6:04:8c:0b:f4:5c:7a:9a:80:24:91:5a:2c:12:
48:6a:18:72:76:e1:6a:7c:6e:68:b0:bb:b2:59:64:
1e:07:e9:10:22:80:5e:25:58:5c:6d:9d:5c:36:99:
6d:10:96:9a:27:74:eb:77:b9:d3:f4:11:f4:3d:55:
fd:c7:f1:78:dd:e5:da:eb:af:13:2f:bb:18:a8:17:
52:01:02:00:5b:a4:c7:6f:7b:41:e0:d5:3b:fe:86:
76:14:b1:15:4d:4b:f6:ff:7c:c3:a5:06:ac:28:4f:
c5:33:18:29:e1:fe:6c:cd:3b:1c:4e:4c:0c:4b:ac:
a8:d5:7d:4e:4c:12:63:20:e9:2a:7e:c0:48:af:e4:
6f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8F:E1:27:6F:A4:03:EF:81:8D:04:54:9A:08:09:DB:63:38:CF:C9
X509v3 Authority Key Identifier:
keyid:C8:74:13:2C:12:F8:69:95:FE:28:93:E4:DE:A7:26:38:D2:60:10:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHQTLBL4aZX-KJPk3qcmONJgEHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/89ce74-9380-4ccf-a615-4c08b4aa20fe/1/14_hJ2-kA--BjQRUmggJ22M4z8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/89ce74-9380-4ccf-a615-4c08b4aa20fe/1/yHQTLBL4aZX-KJPk3qcmONJgEHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.77.0/24
Signature Algorithm: sha256WithRSAEncryption
99:c2:31:88:ec:aa:3d:a3:a9:12:ac:b7:41:19:aa:73:a8:96:
83:2e:26:3f:ed:53:38:ca:b0:f0:08:e9:8d:e2:99:02:a7:d6:
b1:c6:fd:e9:e4:4b:f8:1b:e6:b9:19:36:7c:60:09:d5:20:bc:
fa:e3:9f:e7:a0:e7:1f:a7:2b:9d:38:0e:c6:ec:a0:54:2b:ff:
55:27:76:48:be:25:68:5c:3b:20:1b:fc:90:d8:ce:f6:77:ba:
ed:9b:da:6b:94:45:7b:ae:49:fa:88:85:5a:bd:30:e4:0c:ff:
51:9c:1a:a9:c6:77:d2:f9:37:b4:90:2a:1a:be:27:72:13:50:
99:dc:bb:9d:c2:18:dc:65:ab:47:80:08:aa:a4:92:d2:b5:04:
f2:24:40:07:74:41:5f:2f:97:f9:ff:d0:fa:9d:28:2d:10:72:
3c:e5:1d:ea:7c:ec:6e:d7:76:14:e3:63:ca:e5:62:cb:82:1e:
62:58:5a:76:98:77:15:d9:c3:d1:32:a5:91:09:ee:57:6c:f4:
85:b8:90:f9:bf:a2:50:93:5e:c9:50:0b:fa:11:e6:98:5b:4e:
59:ff:9f:08:0a:62:0d:f4:2f:c5:f8:e2:07:9f:84:6f:90:76:
85:3e:16:df:70:6d:05:cb:4f:c8:34:0b:b0:fa:24:c1:40:0e:
50:f9:8c:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLjSnkUU4UYw6jD3BbZzTkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NzQxMzJjMTJmODY5OTVmZTI4OTNlNGRlYTcyNjM4ZDI2
MDEwNzkwHhcNMjQxMDMxMTU1NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzhmZTEyNzZmYTQwM2VmODE4ZDA0NTQ5YTA4MDlkYjYzMzhjZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxh36j0dUDtn+ew47TvqDXdEBCUc
fQG9pIFh0zIT1GyemRmUa+6zwlqb3eC1/3Rgf2A35JItbd9waxT9HHcgkSf+owkz
r5i/FOGRwYiJjYkFvuaP0PDAOkmDr9PVi7DFhHjXRBXQ8OCxZ1+t6VfSWBIZHl1i
txcu5gSMC/RcepqAJJFaLBJIahhyduFqfG5osLuyWWQeB+kQIoBeJVhcbZ1cNplt
EJaaJ3Trd7nT9BH0PVX9x/F43eXa668TL7sYqBdSAQIAW6THb3tB4NU7/oZ2FLEV
TUv2/3zDpQasKE/FMxgp4f5szTscTkwMS6yo1X1OTBJjIOkqfsBIr+RvDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNeP4SdvpAPvgY0EVJoICdtjOM/JMB8GA1UdIwQY
MBaAFMh0EywS+GmV/iiT5N6nJjjSYBB5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhRVExCTDRhWlgtS0pQazNxY21PTkpnRUhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84OWNlNzQtOTM4MC00Y2NmLWE2MTUt
NGMwOGI0YWEyMGZlLzEvMTRfaEoyLWtBLS1CalFSVW1nZ0oyMk00ejhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84OWNlNzQtOTM4MC00Y2NmLWE2MTUtNGMwOGI0YWEyMGZl
LzEveUhRVExCTDRhWlgtS0pQazNxY21PTkpnRUhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgH9NMA0G
CSqGSIb3DQEBCwUAA4IBAQCZwjGI7Ko9o6kSrLdBGapzqJaDLiY/7VM4yrDwCOmN
4pkCp9axxv3p5Ev4G+a5GTZ8YAnVILz645/noOcfpyudOA7G7KBUK/9VJ3ZIviVo
XDsgG/yQ2M72d7rtm9prlEV7rkn6iIVavTDkDP9RnBqpxnfS+Te0kCoavidyE1CZ
3LudwhjcZatHgAiqpJLStQTyJEAHdEFfL5f5/9D6nSgtEHI85R3qfOxu13YU42PK
5WLLgh5iWFp2mHcV2cPRMqWRCe5XbPSFuJD5v6JQk17JUAv6EeaYW05Z/58ICmIN
9C/F+OIHn4RvkHaFPhbfcG0Fy0/INAuw+iTBQA5Q+Yxl
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:07:19 2025 by rpki-client