Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/JnTx8FOaNlst1Nz1VQy7YX54SR8.roa
File: JnTx8FOaNlst1Nz1VQy7YX54SR8.roa (raw, json)
Hash identifier: l4qafvzEIYuETLwf3KI5jrplomtlHGxPdHHuFSZ/vdU=
Subject key identifier: 26:74:F1:F0:53:9A:36:5B:2D:D4:DC:F5:55:0C:BB:61:7E:78:49:1F
Certificate issuer: /CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Certificate serial: 018CC26CF7285A9C2F34D8512A2A11A1B517
Authority key identifier: 68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/JnTx8FOaNlst1Nz1VQy7YX54SR8.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209553
IP address blocks: 147.78.32.0/23 maxlen: 24
2a09:1c40::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Apr 2024 14:37:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f7:28:5a:9c:2f:34:d8:51:2a:2a:11:a1:b5:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2674f1f0539a365b2dd4dcf5550cbb617e78491f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:da:a1:4d:8a:f4:e1:83:22:87:f9:7d:b3:12:
ed:0c:3d:b3:1e:05:69:7c:70:95:3e:a8:ca:8f:75:
4d:fc:3f:be:35:7a:ad:c3:0e:15:cc:9a:f5:fe:47:
41:22:31:2e:5b:87:fd:48:4b:e0:1c:cf:0b:4a:3e:
2d:69:18:ac:51:58:c7:cd:6f:e2:e3:ae:21:b3:bf:
46:b4:01:f4:ef:24:c2:78:d0:bb:e7:f8:3e:77:22:
0e:41:9f:02:6b:99:bc:f1:8b:64:9a:54:3e:9c:4b:
21:2a:7b:56:ab:49:3a:d7:68:7e:58:cf:c6:ba:fd:
a2:82:e6:cb:68:08:1a:f2:af:37:21:e4:63:9f:1e:
29:29:45:27:e3:e9:79:9a:c1:97:9a:6c:b1:cf:e2:
89:88:0f:d3:c5:fb:e9:0f:f6:7f:0d:58:6e:d1:0d:
91:c9:eb:b1:af:c9:2d:2f:37:73:81:27:39:52:b0:
f0:f7:0c:ae:bf:da:fa:9b:e6:2b:b6:71:68:3a:a1:
96:ac:6b:00:56:89:2e:55:9c:2a:a9:31:0f:88:5e:
fa:01:0e:00:09:20:af:6a:45:4e:47:66:2a:76:a1:
f9:0a:c2:d5:a5:8d:34:1f:c2:c7:24:6d:39:b0:10:
dc:be:19:ab:15:23:67:be:c4:14:59:0e:c3:98:62:
5e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:74:F1:F0:53:9A:36:5B:2D:D4:DC:F5:55:0C:BB:61:7E:78:49:1F
X509v3 Authority Key Identifier:
keyid:68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/JnTx8FOaNlst1Nz1VQy7YX54SR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.32.0/23
IPv6:
2a09:1c40::/32
Signature Algorithm: sha256WithRSAEncryption
9f:b9:ef:ef:86:df:dd:ab:53:5c:47:97:25:cc:b4:37:5d:3f:
be:e5:56:33:55:ac:97:19:fc:bf:a0:43:45:6d:d7:e9:46:c0:
2a:56:77:e5:16:4d:8c:79:45:90:d9:30:04:8d:f3:5c:1e:a4:
52:ac:87:52:85:16:d1:4e:86:fb:70:9f:1a:a9:72:12:61:68:
ec:03:5b:95:31:29:8b:38:55:4f:d0:d9:54:0a:65:3e:8a:70:
9f:17:6f:89:f8:ad:bb:f3:82:e9:d6:5a:0d:ca:62:4b:3a:bb:
e4:dc:78:5d:9c:e9:61:d1:67:78:34:f3:40:3b:d6:25:be:de:
b2:ac:2e:64:be:75:0a:7d:d3:78:b1:86:35:ef:ba:d1:21:d3:
9d:6d:fb:5a:1f:76:ce:4d:10:1d:7a:6f:39:fc:65:ba:38:11:
ba:7d:95:7e:48:d9:e2:46:57:cb:bf:9c:55:ea:24:45:72:be:
2b:22:6b:05:9b:cc:2f:ec:90:d3:f8:83:3e:31:bc:c7:54:4b:
61:ce:46:96:c1:21:0b:11:22:6c:23:08:d8:77:5e:73:e2:87:
ea:3b:13:97:ae:03:ef:f7:9b:97:29:33:41:69:c3:b7:19:51:
b3:2e:ae:af:32:17:25:16:a9:c4:08:93:83:7c:52:dc:50:83:
23:eb:6d:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbPcoWpwvNNhRKioRobUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZThiYWVhOTVkNDA0MDM0OGYwYTg5ZWM0ZTRiZDE1Mjc1
ZjZjMzkwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjc0ZjFmMDUzOWEzNjViMmRkNGRjZjU1NTBjYmI2MTdlNzg0OTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+9qhTYr04YMih/l9sxLtDD2zHgVp
fHCVPqjKj3VN/D++NXqtww4VzJr1/kdBIjEuW4f9SEvgHM8LSj4taRisUVjHzW/i
464hs79GtAH07yTCeNC75/g+dyIOQZ8Ca5m88YtkmlQ+nEshKntWq0k612h+WM/G
uv2igubLaAga8q83IeRjnx4pKUUn4+l5msGXmmyxz+KJiA/TxfvpD/Z/DVhu0Q2R
yeuxr8ktLzdzgSc5UrDw9wyuv9r6m+YrtnFoOqGWrGsAVokuVZwqqTEPiF76AQ4A
CSCvakVOR2YqdqH5CsLVpY00H8LHJG05sBDcvhmrFSNnvsQUWQ7DmGJelQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCZ08fBTmjZbLdTc9VUMu2F+eEkfMB8GA1UdIwQY
MBaAFGjouuqV1AQDSPConsTkvRUnX2w5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2Ut
MzcxMWZhZThjYTc3LzEvSm5UeDhGT2FObHN0MU56MVZReTdZWDU0U1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2UtMzcxMWZhZThjYTc3
LzEvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBk04gMA0E
AgACMAcDBQAqCRxAMA0GCSqGSIb3DQEBCwUAA4IBAQCfue/vht/dq1NcR5clzLQ3
XT++5VYzVayXGfy/oENFbdfpRsAqVnflFk2MeUWQ2TAEjfNcHqRSrIdShRbRTob7
cJ8aqXISYWjsA1uVMSmLOFVP0NlUCmU+inCfF2+J+K2784Lp1loNymJLOrvk3Hhd
nOlh0Wd4NPNAO9Ylvt6yrC5kvnUKfdN4sYY177rRIdOdbftaH3bOTRAdem85/GW6
OBG6fZV+SNniRlfLv5xV6iRFcr4rImsFm8wv7JDT+IM+MbzHVEthzkaWwSELESJs
IwjYd15z4ofqOxOXrgPv95uXKTNBacO3GVGzLq6vMhclFqnECJODfFLcUIMj623J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:20 2024 by rpki-client on console-fra.rpki-client.org