Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/8fcb12-ae4e-4353-a3b9-f0ad375a8086/1/jcP_jRDjBRRmVBLlkmPAppxm7Jg.roa
File: jcP_jRDjBRRmVBLlkmPAppxm7Jg.roa (raw, json)
Hash identifier: 7Mfa/1BYw7F8iMlpIpCypcm+CTGwJzqXOYNy066avs8=
Subject key identifier: 8D:C3:FF:8D:10:E3:05:14:66:54:12:E5:92:63:C0:A6:9C:66:EC:98
Certificate issuer: /CN=a7fc5c65c93a7404086b17a54e7e0da960a9b293
Certificate serial: 018CC86F16C67717DEB605E4BF3631032691
Authority key identifier: A7:FC:5C:65:C9:3A:74:04:08:6B:17:A5:4E:7E:0D:A9:60:A9:B2:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_xcZck6dAQIaxelTn4NqWCpspM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/8fcb12-ae4e-4353-a3b9-f0ad375a8086/1/jcP_jRDjBRRmVBLlkmPAppxm7Jg.roa
Signing time: Tue 02 Jan 2024 04:29:32 +0000
ROA not before: Tue 02 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49554
IP address blocks: 91.225.112.0/22 maxlen: 22
91.225.113.0/24 maxlen: 24
2001:678:c00::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:16:c6:77:17:de:b6:05:e4:bf:36:31:03:26:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fc5c65c93a7404086b17a54e7e0da960a9b293
Validity
Not Before: Jan 2 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dc3ff8d10e30514665412e59263c0a69c66ec98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ec:bd:5a:09:97:52:76:2a:60:f1:fb:96:1d:
44:7b:04:93:85:9c:42:5d:57:ec:fc:3f:bf:94:c5:
de:b5:c0:a0:3d:18:1d:d6:f6:34:0a:88:31:c4:34:
c1:60:50:4c:91:03:4e:fe:5d:57:39:c7:34:e6:6b:
5d:68:f7:05:ba:e8:64:d5:8b:6d:8a:49:1c:bc:fb:
43:9d:94:b6:88:c1:74:5f:7b:92:b8:8d:41:49:28:
ea:02:dd:5a:17:12:4d:23:a0:d7:10:83:1e:3c:34:
9d:a3:c6:d7:b8:b7:aa:82:64:13:89:db:73:84:f5:
40:c1:eb:d8:21:c9:35:33:f8:e7:43:ed:df:a0:ec:
99:16:14:25:53:3b:4c:09:62:d6:14:e1:fd:3f:e6:
c1:2d:6c:11:47:ea:f6:d3:bc:9e:1c:a5:b1:42:5b:
fe:65:58:87:39:b2:54:f3:ad:20:ac:7f:eb:ec:8b:
55:d7:61:c5:36:a4:76:30:37:c2:d3:51:c2:5e:45:
03:10:33:2e:f8:8f:61:93:04:0e:fb:43:d4:9d:47:
9f:64:65:86:9f:09:a9:ca:3f:e9:e0:98:bd:70:52:
b9:fa:81:8c:a2:03:bb:92:3f:56:33:dd:4a:17:85:
75:9b:82:86:e6:56:4b:c5:91:4c:54:d0:bc:ab:09:
f2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C3:FF:8D:10:E3:05:14:66:54:12:E5:92:63:C0:A6:9C:66:EC:98
X509v3 Authority Key Identifier:
keyid:A7:FC:5C:65:C9:3A:74:04:08:6B:17:A5:4E:7E:0D:A9:60:A9:B2:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_xcZck6dAQIaxelTn4NqWCpspM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/8fcb12-ae4e-4353-a3b9-f0ad375a8086/1/jcP_jRDjBRRmVBLlkmPAppxm7Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/8fcb12-ae4e-4353-a3b9-f0ad375a8086/1/p_xcZck6dAQIaxelTn4NqWCpspM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.112.0/22
IPv6:
2001:678:c00::/48
Signature Algorithm: sha256WithRSAEncryption
51:0f:cd:67:1b:3c:36:c2:8e:52:a5:8c:ef:1c:7a:02:17:e3:
58:f2:4f:71:84:fc:85:86:ba:60:d0:3a:13:40:bc:32:b5:d1:
c7:ec:71:a5:f0:3d:7c:61:34:85:c2:41:84:f2:42:d3:55:63:
c8:c9:67:35:11:94:26:d0:ab:37:17:73:9c:ec:62:56:cc:37:
45:c9:1d:6b:24:f3:01:32:ed:62:20:80:1d:d0:51:b3:8e:03:
2c:f3:f9:a1:d8:cb:b8:1d:e5:dd:7a:a4:15:33:48:12:a6:32:
cd:4d:90:98:c7:35:d7:58:5d:e8:59:bb:c5:a4:42:e6:6f:27:
3f:55:0b:27:68:9e:e5:68:42:43:16:46:dd:a9:36:15:67:db:
80:be:82:48:01:d8:f9:f7:20:a0:e7:5b:ad:0b:48:a8:77:96:
52:40:8d:13:30:27:61:22:5d:e3:5a:5d:e2:bc:4a:16:c0:b5:
52:47:63:33:fd:2f:9c:89:2d:9e:51:f6:bf:7c:c0:fb:9f:eb:
b0:70:fb:22:c6:a5:55:13:38:ff:42:fa:aa:9d:a3:66:72:29:
3a:fe:2b:97:3f:03:f7:73:56:03:51:1d:93:eb:23:46:b5:91:
28:9b:a4:99:d0:97:30:ad:3a:21:f9:1d:3c:d8:90:26:3e:7a:
c3:d4:06:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIbxbGdxfetgXkvzYxAyaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmM1YzY1YzkzYTc0MDQwODZiMTdhNTRlN2UwZGE5NjBh
OWIyOTMwHhcNMjQwMTAyMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGMzZmY4ZDEwZTMwNTE0NjY1NDEyZTU5MjYzYzBhNjljNjZlYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOy9WgmXUnYqYPH7lh1EewSThZxC
XVfs/D+/lMXetcCgPRgd1vY0CogxxDTBYFBMkQNO/l1XOcc05mtdaPcFuuhk1Ytt
ikkcvPtDnZS2iMF0X3uSuI1BSSjqAt1aFxJNI6DXEIMePDSdo8bXuLeqgmQTidtz
hPVAwevYIck1M/jnQ+3foOyZFhQlUztMCWLWFOH9P+bBLWwRR+r207yeHKWxQlv+
ZViHObJU860grH/r7ItV12HFNqR2MDfC01HCXkUDEDMu+I9hkwQO+0PUnUefZGWG
nwmpyj/p4Ji9cFK5+oGMogO7kj9WM91KF4V1m4KG5lZLxZFMVNC8qwnyxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI3D/40Q4wUUZlQS5ZJjwKacZuyYMB8GA1UdIwQY
MBaAFKf8XGXJOnQECGsXpU5+DalgqbKTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF94Y1pjazZkQVFJYXhlbFRuNE5xV0Nwc3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84ZmNiMTItYWU0ZS00MzUzLWEzYjkt
ZjBhZDM3NWE4MDg2LzEvamNQX2pSRGpCUlJtVkJMbGttUEFwcHhtN0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84ZmNiMTItYWU0ZS00MzUzLWEzYjktZjBhZDM3NWE4MDg2
LzEvcF94Y1pjazZkQVFJYXhlbFRuNE5xV0Nwc3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW+FwMA8E
AgACMAkDBwAgAQZ4DAAwDQYJKoZIhvcNAQELBQADggEBAFEPzWcbPDbCjlKljO8c
egIX41jyT3GE/IWGumDQOhNAvDK10cfscaXwPXxhNIXCQYTyQtNVY8jJZzURlCbQ
qzcXc5zsYlbMN0XJHWsk8wEy7WIggB3QUbOOAyzz+aHYy7gd5d16pBUzSBKmMs1N
kJjHNddYXehZu8WkQuZvJz9VCydonuVoQkMWRt2pNhVn24C+gkgB2Pn3IKDnW60L
SKh3llJAjRMwJ2EiXeNaXeK8ShbAtVJHYzP9L5yJLZ5R9r98wPuf67Bw+yLGpVUT
OP9C+qqdo2ZyKTr+K5c/A/dzVgNRHZPrI0a1kSibpJnQlzCtOiH5HTzYkCY+esPU
Bnw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:19 2025 by rpki-client