Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/JkDY5EMcY-xZ9Lx5DupWCakT6MA.roa
File: JkDY5EMcY-xZ9Lx5DupWCakT6MA.roa (raw, json)
Hash identifier: 2etfWpDtNcuAWcTgUiEOMZ7PGJt2bX2MZH8aBODfty0=
Subject key identifier: 26:40:D8:E4:43:1C:63:EC:59:F4:BC:79:0E:EA:56:09:A9:13:E8:C0
Certificate issuer: /CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Certificate serial: 018CC26D787F4D5C89AE7D0EF2E11CB58E09
Authority key identifier: A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/JkDY5EMcY-xZ9Lx5DupWCakT6MA.roa
Signing time: Mon 01 Jan 2024 00:30:02 +0000
ROA not before: Mon 01 Jan 2024 00:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198213
IP address blocks: 109.202.124.0/24 maxlen: 24
109.202.121.0/24 maxlen: 24
109.202.123.0/24 maxlen: 24
109.202.120.0/24 maxlen: 24
109.202.125.0/24 maxlen: 24
109.202.122.0/24 maxlen: 24
109.202.127.0/24 maxlen: 24
109.202.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jan 2024 15:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:78:7f:4d:5c:89:ae:7d:0e:f2:e1:1c:b5:8e:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Validity
Not Before: Jan 1 00:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2640d8e4431c63ec59f4bc790eea5609a913e8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:49:4a:2c:fd:77:23:e2:23:51:55:a4:38:87:
66:36:48:1b:bb:52:c3:3d:3e:25:1d:f4:79:d2:04:
34:6c:19:3f:26:e9:fc:2e:02:20:b8:77:91:c2:c3:
1f:7e:4f:c8:4d:6c:8d:ef:6c:3b:95:d6:8d:64:bf:
ce:f0:82:35:59:fd:d7:39:c9:51:d4:2c:57:d4:c5:
01:2a:81:23:62:31:cf:d1:65:35:a5:14:9b:4b:6c:
90:6c:d7:19:0b:d2:d1:3c:24:35:d9:40:05:22:e1:
d7:67:73:15:5f:7e:6c:0c:cb:2b:04:b7:b0:33:ae:
68:24:c4:b0:05:49:b6:c7:62:47:c1:8e:93:59:04:
2c:23:8b:95:bf:9c:d8:24:80:b5:90:06:4e:27:38:
b4:f5:03:11:c3:dc:0b:b7:ec:b6:5c:79:1c:d0:57:
4e:ca:ac:b3:ae:56:c1:24:21:ec:dd:59:2a:af:21:
93:6c:30:79:28:67:0b:2d:60:01:51:d2:47:5c:90:
74:43:28:b6:91:4a:e8:46:2e:58:5b:8e:ab:bd:d0:
67:1f:3b:d0:b9:cb:31:b1:50:31:a3:d6:c5:1a:9e:
37:73:ac:1f:e0:0b:47:a6:3e:41:30:31:8d:f7:48:
a2:a1:4e:1d:ef:68:83:e0:3d:18:13:23:53:95:8a:
f3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:40:D8:E4:43:1C:63:EC:59:F4:BC:79:0E:EA:56:09:A9:13:E8:C0
X509v3 Authority Key Identifier:
keyid:A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/JkDY5EMcY-xZ9Lx5DupWCakT6MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.120.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:b9:30:65:f7:02:78:48:d0:18:14:44:5e:16:65:db:5c:c9:
3a:68:59:83:d4:1f:c8:dd:50:b9:f7:ff:32:44:71:0b:b3:aa:
88:22:a8:f5:24:62:3e:b8:25:1e:25:43:cf:01:62:25:89:eb:
85:0e:11:9c:8a:c1:d2:59:2f:ba:6a:1a:5b:4e:b1:27:55:1e:
13:6a:c8:80:84:62:8c:d5:47:70:91:d8:6a:fc:c3:30:87:cf:
a7:24:4a:f0:01:f8:cc:3b:28:03:a8:f9:83:b1:64:00:c1:57:
51:45:20:dd:af:57:4a:11:89:c9:25:ba:a3:38:0d:95:0c:90:
01:3c:0c:f5:dc:f2:bd:75:d1:96:02:1a:e1:95:7b:85:1f:8a:
ca:c1:13:ba:f7:01:2f:98:dc:04:0f:0c:7f:99:55:a2:3c:0d:
56:06:f5:65:40:9f:ab:64:09:25:07:5b:7b:6f:56:ff:14:6f:
91:80:27:a7:4f:59:6a:14:be:cd:ae:dd:e8:10:fb:c3:f5:7b:
de:62:44:61:ae:2e:bf:a2:81:54:03:3e:a4:a5:29:d0:78:0b:
55:9c:41:91:84:ae:53:70:2b:1c:8d:d1:d6:74:c2:bc:ae:f0:
47:9e:dc:31:d4:e0:f1:e3:20:42:25:79:50:e9:f6:d3:a6:b1:
7a:ca:44:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbXh/TVyJrn0O8uEctY4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2Y3MDhjMzRhNWU3MWRhZjNkMmU1NGI5OWFiNzRmMDY5
ZWY4MGIwHhcNMjQwMTAxMDAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQwZDhlNDQzMWM2M2VjNTlmNGJjNzkwZWVhNTYwOWE5MTNlOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUlKLP13I+IjUVWkOIdmNkgbu1LD
PT4lHfR50gQ0bBk/Jun8LgIguHeRwsMffk/ITWyN72w7ldaNZL/O8II1Wf3XOclR
1CxX1MUBKoEjYjHP0WU1pRSbS2yQbNcZC9LRPCQ12UAFIuHXZ3MVX35sDMsrBLew
M65oJMSwBUm2x2JHwY6TWQQsI4uVv5zYJIC1kAZOJzi09QMRw9wLt+y2XHkc0FdO
yqyzrlbBJCHs3VkqryGTbDB5KGcLLWABUdJHXJB0Qyi2kUroRi5YW46rvdBnHzvQ
ucsxsVAxo9bFGp43c6wf4AtHpj5BMDGN90iioU4d72iD4D0YEyNTlYrznQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCZA2ORDHGPsWfS8eQ7qVgmpE+jAMB8GA1UdIwQY
MBaAFKR/cIw0pecdrz0uVLmat08GnvgLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMt
NmIyN2ZmMjI1N2M2LzEvSmtEWTVFTWNZLXhaOUx4NUR1cFdDYWtUNk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMtNmIyN2ZmMjI1N2M2
LzEvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbcp4MA0G
CSqGSIb3DQEBCwUAA4IBAQCbuTBl9wJ4SNAYFEReFmXbXMk6aFmD1B/I3VC59/8y
RHELs6qIIqj1JGI+uCUeJUPPAWIlieuFDhGcisHSWS+6ahpbTrEnVR4TasiAhGKM
1Udwkdhq/MMwh8+nJErwAfjMOygDqPmDsWQAwVdRRSDdr1dKEYnJJbqjOA2VDJAB
PAz13PK9ddGWAhrhlXuFH4rKwRO69wEvmNwEDwx/mVWiPA1WBvVlQJ+rZAklB1t7
b1b/FG+RgCenT1lqFL7Nrt3oEPvD9XveYkRhri6/ooFUAz6kpSnQeAtVnEGRhK5T
cCscjdHWdMK8rvBHntwx1ODx4yBCJXlQ6fbTprF6ykQv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:03 2024 by rpki-client on console-fra.rpki-client.org