Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/Jf35u8YCaXaygtsYD8LE_Xm7Qag.roa
File: Jf35u8YCaXaygtsYD8LE_Xm7Qag.roa (raw, json)
Hash identifier: D+1fbkbm27qytye76k5jK0FytsZw7Po7O8Jn1j8BVIk=
Subject key identifier: 25:FD:F9:BB:C6:02:69:76:B2:82:DB:18:0F:C2:C4:FD:79:BB:41:A8
Certificate issuer: /CN=5eba57e1707e43b2fa97fceb078a5d460e56c1bf
Certificate serial: 019294362FBBDAB17066F97F32FC9CDC47F4
Authority key identifier: 5E:BA:57:E1:70:7E:43:B2:FA:97:FC:EB:07:8A:5D:46:0E:56:C1:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/Jf35u8YCaXaygtsYD8LE_Xm7Qag.roa
Signing time: Wed 16 Oct 2024 07:23:51 +0000
ROA not before: Wed 16 Oct 2024 07:23:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16027
IP address blocks: 193.168.160.0/22 maxlen: 22
193.168.161.0/24 maxlen: 24
217.71.64.0/20 maxlen: 20
217.71.67.0/24 maxlen: 24
217.71.68.0/24 maxlen: 24
217.71.69.0/24 maxlen: 24
217.71.70.0/24 maxlen: 24
217.71.73.0/24 maxlen: 24
217.71.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 23:54:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:36:2f:bb:da:b1:70:66:f9:7f:32:fc:9c:dc:47:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eba57e1707e43b2fa97fceb078a5d460e56c1bf
Validity
Not Before: Oct 16 07:23:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25fdf9bbc6026976b282db180fc2c4fd79bb41a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:40:82:0f:9d:4a:34:2c:40:da:10:1e:a5:3c:
ad:d5:d6:ed:d2:8f:83:c1:65:00:69:e1:6a:5c:74:
f0:49:f1:26:0b:d1:70:26:47:11:da:04:1f:05:27:
64:83:f7:d9:d5:9c:95:57:6c:99:1f:d3:72:54:fd:
8b:7b:42:81:e7:9d:06:e3:8a:d1:b1:9d:c7:47:3b:
1f:15:9f:3c:ab:47:79:3d:0c:03:c1:18:25:bb:9b:
d0:04:f9:91:84:67:55:20:a6:27:f9:c3:7b:2a:9e:
a1:e7:bd:86:bc:5a:93:68:71:ae:2a:01:f1:1d:50:
cf:8e:1b:ef:ec:53:ea:70:84:25:dc:a5:d4:33:53:
1b:e8:8b:72:4f:4a:e9:2a:e6:72:e2:71:61:45:56:
e9:9d:8c:f9:cf:4f:3f:eb:20:72:32:5f:70:09:72:
bd:95:df:a8:6e:44:4c:47:5a:9c:c4:c0:1a:c1:ed:
e7:44:05:b5:91:27:3f:96:ee:87:c3:cf:94:26:2c:
86:88:55:6e:ee:93:2b:c7:40:1a:8d:3e:06:4f:8b:
bf:f4:11:bb:26:9f:80:48:9e:76:50:64:a2:9f:0c:
b3:67:cb:a7:ce:a1:06:e8:15:0b:90:21:62:b0:2a:
85:2a:41:c1:cb:40:79:27:a4:f7:43:28:c6:de:7e:
cc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FD:F9:BB:C6:02:69:76:B2:82:DB:18:0F:C2:C4:FD:79:BB:41:A8
X509v3 Authority Key Identifier:
keyid:5E:BA:57:E1:70:7E:43:B2:FA:97:FC:EB:07:8A:5D:46:0E:56:C1:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/Jf35u8YCaXaygtsYD8LE_Xm7Qag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.160.0/22
217.71.64.0/20
Signature Algorithm: sha256WithRSAEncryption
ae:c3:e1:d9:24:5d:ce:c9:25:67:07:bb:d7:3d:f3:62:56:51:
24:af:10:ab:69:37:28:5a:42:15:d2:b5:c6:d1:8f:15:02:3c:
59:ac:4e:b6:4a:12:57:9e:22:f3:94:a7:78:ac:10:c4:81:62:
7c:df:07:55:3b:65:29:ea:df:01:e2:21:af:bc:c3:07:62:fb:
cf:e1:fa:75:dd:3e:1c:39:4a:bc:15:4d:62:78:d4:ab:fa:fb:
71:c0:7a:46:3e:50:fa:cf:65:b1:00:55:75:cc:47:bd:6d:eb:
75:73:a0:74:ed:4d:07:55:e9:a3:45:5e:50:19:2f:b6:b4:57:
d8:8b:82:f7:72:67:02:e8:73:e1:20:76:cf:7a:16:c1:7f:13:
cb:5c:c3:68:4c:ca:fe:14:30:00:0f:7f:32:8a:ef:9a:91:88:
99:3a:79:9e:86:18:52:c3:57:7c:6d:14:fc:a2:b4:6f:cc:bd:
98:c7:ae:b1:e0:7e:a1:46:d9:fe:b4:65:d3:31:c0:eb:08:25:
c9:f3:e7:be:89:66:12:52:74:e7:65:ee:9f:80:42:b1:7b:b6:
de:fa:58:77:45:74:9c:27:d6:37:86:80:15:83:c7:f5:a5:ea:
9a:9f:e2:4e:77:fb:b8:a1:e7:1a:d3:93:9c:60:ba:f8:16:95:
3e:41:ae:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKUNi+72rFwZvl/Mvyc3Ef0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmE1N2UxNzA3ZTQzYjJmYTk3ZmNlYjA3OGE1ZDQ2MGU1
NmMxYmYwHhcNMjQxMDE2MDcyMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWZkZjliYmM2MDI2OTc2YjI4MmRiMTgwZmMyYzRmZDc5YmI0MWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0CCD51KNCxA2hAepTyt1dbt0o+D
wWUAaeFqXHTwSfEmC9FwJkcR2gQfBSdkg/fZ1ZyVV2yZH9NyVP2Le0KB550G44rR
sZ3HRzsfFZ88q0d5PQwDwRglu5vQBPmRhGdVIKYn+cN7Kp6h572GvFqTaHGuKgHx
HVDPjhvv7FPqcIQl3KXUM1Mb6ItyT0rpKuZy4nFhRVbpnYz5z08/6yByMl9wCXK9
ld+obkRMR1qcxMAawe3nRAW1kSc/lu6Hw8+UJiyGiFVu7pMrx0AajT4GT4u/9BG7
Jp+ASJ52UGSinwyzZ8unzqEG6BULkCFisCqFKkHBy0B5J6T3QyjG3n7MFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCX9+bvGAml2soLbGA/CxP15u0GoMB8GA1UdIwQY
MBaAFF66V+FwfkOy+pf86weKXUYOVsG/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJwWDRYQi1RN0w2bF96ckI0cGRSZzVXd2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jYmNhYzYtYWJlYi00YTM4LThjY2Mt
YjU5NzI3MDliYjAyLzEvSmYzNXU4WUNhWGF5Z3RzWUQ4TEVfWG03UWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jYmNhYzYtYWJlYi00YTM4LThjY2MtYjU5NzI3MDliYjAy
LzEvWHJwWDRYQi1RN0w2bF96ckI0cGRSZzVXd2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwaigAwQE
2UdAMA0GCSqGSIb3DQEBCwUAA4IBAQCuw+HZJF3OySVnB7vXPfNiVlEkrxCraTco
WkIV0rXG0Y8VAjxZrE62ShJXniLzlKd4rBDEgWJ83wdVO2Up6t8B4iGvvMMHYvvP
4fp13T4cOUq8FU1ieNSr+vtxwHpGPlD6z2WxAFV1zEe9bet1c6B07U0HVemjRV5Q
GS+2tFfYi4L3cmcC6HPhIHbPehbBfxPLXMNoTMr+FDAAD38yiu+akYiZOnmehhhS
w1d8bRT8orRvzL2Yx66x4H6hRtn+tGXTMcDrCCXJ8+e+iWYSUnTnZe6fgEKxe7be
+lh3RXScJ9Y3hoAVg8f1peqan+JOd/u4oeca05OcYLr4FpU+Qa5Y
-----END CERTIFICATE-----
Generated at Thu Oct 17 02:51:58 2024 by rpki-client on console-ams.rpki-client.org