Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/jDy8F_T2iqZ6cC7h7Zw2E6_JQ08.roa
File: jDy8F_T2iqZ6cC7h7Zw2E6_JQ08.roa (raw, json)
Hash identifier: 9KJdaQTpA16k+bcJ2gWLqbzFk34DfvGEDMkdZzfj+ZM=
Subject key identifier: 8C:3C:BC:17:F4:F6:8A:A6:7A:70:2E:E1:ED:9C:36:13:AF:C9:43:4F
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 01856F42AB270B9ADA7B5520C8583C1CC75F
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/jDy8F_T2iqZ6cC7h7Zw2E6_JQ08.roa
Signing time: Sun 01 Jan 2023 21:35:18 +0000
ROA not before: Sun 01 Jan 2023 21:35:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209185
IP address blocks: 2.58.112.0/24 maxlen: 24
2a09:e440::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Oct 2023 15:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ab:27:0b:9a:da:7b:55:20:c8:58:3c:1c:c7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Jan 1 21:35:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c3cbc17f4f68aa67a702ee1ed9c3613afc9434f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4f:c3:ee:5c:31:78:71:00:86:fd:6d:75:a7:
ba:30:cd:57:e0:e8:49:ae:ca:a2:61:73:98:67:f0:
c5:5c:20:75:b9:64:0d:95:80:f2:2f:45:52:fb:38:
97:bb:34:62:69:74:ba:22:cb:28:96:f4:a1:20:d5:
f9:01:14:e1:8c:03:c4:cc:39:13:1d:cb:5f:b6:62:
11:46:36:1f:d7:f5:6c:4d:6f:ca:3c:8d:17:88:62:
9b:03:22:81:a3:b3:60:9d:11:f1:3d:f4:98:46:2a:
a1:20:37:67:0c:52:e9:40:23:1f:01:94:7e:0c:f0:
28:c2:c4:aa:4d:6c:ba:76:50:99:21:bf:02:07:00:
e1:5a:ae:6a:74:85:33:b6:bf:4e:5c:0a:f2:e4:25:
0c:56:5c:7e:58:c6:a7:0d:7b:b2:f5:41:4b:29:c3:
ef:bd:9a:51:ff:e0:77:b0:e6:99:f9:3a:6d:e2:6c:
ea:7c:5d:56:8a:f3:bd:da:cd:c8:c1:bb:fc:9e:03:
e0:62:81:82:74:3e:57:9e:22:e7:0d:55:28:20:99:
99:60:dd:7a:01:24:c1:85:bd:55:07:09:7b:04:f4:
29:d2:2a:aa:69:22:83:b7:e6:65:22:76:52:4a:1a:
40:1c:46:3d:c3:74:bb:b7:6c:8f:af:6c:3d:9c:9a:
9a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:3C:BC:17:F4:F6:8A:A6:7A:70:2E:E1:ED:9C:36:13:AF:C9:43:4F
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/jDy8F_T2iqZ6cC7h7Zw2E6_JQ08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.112.0/24
IPv6:
2a09:e440::/40
Signature Algorithm: sha256WithRSAEncryption
34:33:96:14:a1:37:8e:d3:a2:ea:ec:4f:c2:f8:04:76:9c:69:
40:90:a2:00:c6:02:01:9d:74:bb:68:76:59:be:1c:8c:ad:fa:
22:08:a9:d6:ae:1b:65:26:c0:0e:1c:90:e8:c8:8a:21:b8:1b:
a2:cb:f6:f1:3c:f6:a9:b4:3b:76:5f:b0:06:03:85:8d:a6:ec:
c8:0d:50:ba:74:37:e4:1a:f8:54:86:31:9f:06:9d:96:d7:57:
fb:5d:53:fc:62:1c:39:10:3d:1c:6e:d4:df:bf:c0:b2:f0:77:
66:56:7e:04:61:a7:88:ea:95:04:2e:9b:c2:a8:e6:17:a0:de:
8f:f9:2b:40:20:27:66:90:4f:b0:86:2e:5c:73:17:fd:4e:1f:
45:44:34:e1:e9:e7:1d:65:75:9b:1d:82:7c:2d:77:0b:45:3d:
ce:6e:f4:f6:e3:f8:2e:80:be:47:56:2b:a9:a6:4e:48:b7:1d:
58:32:3e:8d:c6:a0:3c:76:76:4f:86:60:4b:b4:f4:5d:b0:6c:
7d:fd:0c:53:e1:17:7a:e5:ac:b3:66:98:48:69:af:18:08:2a:
48:5e:50:38:7f:0b:8a:6d:85:7d:f9:98:af:1b:e3:c2:1b:99:
19:b5:5b:6e:fd:ac:98:9f:dc:fb:5f:e7:ac:bd:12:43:b4:f4:
8b:86:6b:a8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVvQqsnC5rae1UgyFg8HMdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjMwMTAxMjEzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzNjYmMxN2Y0ZjY4YWE2N2E3MDJlZTFlZDljMzYxM2FmYzk0MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU/D7lwxeHEAhv1tdae6MM1X4OhJ
rsqiYXOYZ/DFXCB1uWQNlYDyL0VS+ziXuzRiaXS6IssolvShINX5ARThjAPEzDkT
HctftmIRRjYf1/VsTW/KPI0XiGKbAyKBo7NgnRHxPfSYRiqhIDdnDFLpQCMfAZR+
DPAowsSqTWy6dlCZIb8CBwDhWq5qdIUztr9OXAry5CUMVlx+WManDXuy9UFLKcPv
vZpR/+B3sOaZ+Tpt4mzqfF1WivO92s3Iwbv8ngPgYoGCdD5XniLnDVUoIJmZYN16
ASTBhb1VBwl7BPQp0iqqaSKDt+ZlInZSShpAHEY9w3S7t2yPr2w9nJqaLwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIw8vBf09oqmenAu4e2cNhOvyUNPMB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvakR5OEZfVDJpcVo2Y0M3aDdadzJFNl9KUTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAAjpwMA4E
AgACMAgDBgAqCeRAADANBgkqhkiG9w0BAQsFAAOCAQEANDOWFKE3jtOi6uxPwvgE
dpxpQJCiAMYCAZ10u2h2Wb4cjK36Igip1q4bZSbADhyQ6MiKIbgbosv28Tz2qbQ7
dl+wBgOFjabsyA1QunQ35Br4VIYxnwadltdX+11T/GIcORA9HG7U37/AsvB3ZlZ+
BGGniOqVBC6bwqjmF6Dej/krQCAnZpBPsIYuXHMX/U4fRUQ04ennHWV1mx2CfC13
C0U9zm709uP4LoC+R1YrqaZOSLcdWDI+jcagPHZ2T4ZgS7T0XbBsff0MU+EXeuWs
s2aYSGmvGAgqSF5QOH8Lim2FffmYrxvjwhuZGbVbbv2smJ/c+1/nrL0SQ7T0i4Zr
qA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:03 2024 by rpki-client on console-ams.rpki-client.org