Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/JKQPGeN_It09YqX6w6OKSKVJTQQ.roa
File: JKQPGeN_It09YqX6w6OKSKVJTQQ.roa (raw, json)
Hash identifier: eoipszgAYOjlDXKRwvn9us6oJIoK5t3dqX2pn3rQLoo=
Subject key identifier: 24:A4:0F:19:E3:7F:22:DD:3D:62:A5:FA:C3:A3:8A:48:A5:49:4D:04
Certificate issuer: /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial: 018FA21036CFF345D4FB71BFE96EB9F88E3F
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/JKQPGeN_It09YqX6w6OKSKVJTQQ.roa
Signing time: Wed 22 May 2024 20:48:42 +0000
ROA not before: Wed 22 May 2024 20:48:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215287
IP address blocks: 202.50.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 10:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a2:10:36:cf:f3:45:d4:fb:71:bf:e9:6e:b9:f8:8e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Validity
Not Before: May 22 20:48:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24a40f19e37f22dd3d62a5fac3a38a48a5494d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1a:29:11:8f:7c:08:1e:b5:07:8d:c0:78:b0:
2a:94:9b:f7:e1:d9:eb:bb:9a:98:7f:7a:ce:dd:8c:
49:47:8b:ec:1c:63:98:0c:e9:fd:77:2a:84:76:a7:
1d:f5:eb:7b:a1:08:bf:af:45:7a:3a:0e:7a:f8:95:
df:0d:f8:e0:67:a3:f5:02:41:6a:f5:fd:50:9c:cd:
74:5a:d8:a4:07:54:fb:79:f9:1a:5d:db:d5:ca:b0:
a2:22:33:62:50:53:78:2b:f3:60:15:38:29:af:c3:
99:fc:a9:7f:56:3d:9a:84:7f:13:db:6a:47:8c:6a:
dc:86:68:27:31:62:35:0d:40:51:58:31:bb:51:5e:
36:a8:53:ad:be:e8:23:dc:02:bb:7d:16:e3:59:eb:
74:18:de:7e:b2:d8:ae:0f:56:f2:f7:d6:18:02:92:
13:db:44:fc:71:54:f5:e4:84:01:4b:fd:18:ca:31:
a8:96:f9:15:41:76:45:44:8e:6c:88:eb:64:b1:36:
d2:08:87:7f:83:a4:4c:63:de:b4:82:c6:04:b8:ad:
77:d9:e1:83:7a:7b:4b:02:16:00:db:f5:19:cc:f1:
96:ae:48:54:ec:3e:3a:dd:f9:52:95:0b:d7:f3:48:
ce:41:d7:9b:4a:1f:7b:26:14:b9:c7:d8:34:d2:de:
d3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A4:0F:19:E3:7F:22:DD:3D:62:A5:FA:C3:A3:8A:48:A5:49:4D:04
X509v3 Authority Key Identifier:
keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/JKQPGeN_It09YqX6w6OKSKVJTQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.50.253.0/24
Signature Algorithm: sha256WithRSAEncryption
65:74:73:d0:a3:da:69:65:36:6e:45:a0:4c:1c:b0:fc:5d:e8:
f2:b8:e9:50:9a:93:d2:c5:02:37:aa:fd:f8:0e:34:65:dd:05:
69:bd:f2:ca:e0:f1:a4:a8:bf:d7:d3:ed:19:32:89:59:ff:99:
c8:d9:c2:64:47:2c:16:5c:29:6b:32:a0:cb:fb:f3:db:8d:b3:
16:cd:e9:08:ca:ac:ed:e6:2a:b9:78:8a:13:ef:a2:02:86:00:
7b:ef:22:b6:49:81:d6:8d:09:22:2a:8b:82:70:9d:a2:9d:2b:
8c:1e:2f:03:4b:0f:1b:13:f7:cd:5a:d0:29:7f:3d:79:00:a4:
d1:32:c1:b4:eb:62:bc:f6:d3:3d:54:5c:78:3c:67:37:b8:49:
da:65:31:84:1a:eb:ee:f3:b7:97:17:62:15:be:ba:c1:79:2e:
ca:84:6c:e5:f9:76:5e:f8:8b:4b:42:1f:3b:4b:77:5f:06:26:
8e:91:28:28:91:e9:ed:f0:3c:03:6c:51:19:7f:e3:fd:d7:9f:
d5:c5:1c:55:c1:dd:51:ac:76:c7:b0:d4:e0:8b:ac:c6:4a:5c:
37:7f:1e:e5:c8:63:00:74:cf:70:17:5f:3b:a9:d5:b2:0a:5f:
af:94:6c:06:09:60:96:d7:77:d9:94:71:da:64:5f:ef:c7:6b:
be:ab:09:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+iEDbP80XU+3G/6W65+I4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjQwNTIyMjA0ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGE0MGYxOWUzN2YyMmRkM2Q2MmE1ZmFjM2EzOGE0OGE1NDk0ZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBopEY98CB61B43AeLAqlJv34dnr
u5qYf3rO3YxJR4vsHGOYDOn9dyqEdqcd9et7oQi/r0V6Og56+JXfDfjgZ6P1AkFq
9f1QnM10WtikB1T7efkaXdvVyrCiIjNiUFN4K/NgFTgpr8OZ/Kl/Vj2ahH8T22pH
jGrchmgnMWI1DUBRWDG7UV42qFOtvugj3AK7fRbjWet0GN5+stiuD1by99YYApIT
20T8cVT15IQBS/0YyjGolvkVQXZFRI5siOtksTbSCId/g6RMY960gsYEuK132eGD
entLAhYA2/UZzPGWrkhU7D463flSlQvX80jOQdebSh97JhS5x9g00t7TbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCSkDxnjfyLdPWKl+sOjikilSU0EMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEvSktRUEdlTl9JdDA5WXFYNnc2T0tTS1ZKVFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMtYzBjZWIwMzdhZDQy
LzEvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyjL9MA0G
CSqGSIb3DQEBCwUAA4IBAQBldHPQo9ppZTZuRaBMHLD8XejyuOlQmpPSxQI3qv34
DjRl3QVpvfLK4PGkqL/X0+0ZMolZ/5nI2cJkRywWXClrMqDL+/PbjbMWzekIyqzt
5iq5eIoT76IChgB77yK2SYHWjQkiKouCcJ2inSuMHi8DSw8bE/fNWtApfz15AKTR
MsG062K89tM9VFx4PGc3uEnaZTGEGuvu87eXF2IVvrrBeS7KhGzl+XZe+ItLQh87
S3dfBiaOkSgokent8DwDbFEZf+P915/VxRxVwd1RrHbHsNTgi6zGSlw3fx7lyGMA
dM9wF187qdWyCl+vlGwGCWCW13fZlHHaZF/vx2u+qwk5
-----END CERTIFICATE-----
Generated at Fri Jun 21 13:17:26 2024 by rpki-client on console-fra.rpki-client.org