Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/JMljoxR3uRIRkjjClCzqCVHT3y8.roa
File: JMljoxR3uRIRkjjClCzqCVHT3y8.roa (raw, json)
Hash identifier: 2HmhE0aDYKQwbwmyOeef4veCK5BVsIvqv3DlfMlokds=
Subject key identifier: 24:C9:63:A3:14:77:B9:12:11:92:38:C2:94:2C:EA:09:51:D3:DF:2F
Certificate issuer: /CN=715b885c3b302fd50e6c22647a33dc47727fea95
Certificate serial: 018CC7943CE110FA463BCBE3551831497F5C
Authority key identifier: 71:5B:88:5C:3B:30:2F:D5:0E:6C:22:64:7A:33:DC:47:72:7F:EA:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cVuIXDswL9UObCJkejPcR3J_6pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/JMljoxR3uRIRkjjClCzqCVHT3y8.roa
Signing time: Tue 02 Jan 2024 00:30:30 +0000
ROA not before: Tue 02 Jan 2024 00:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 5.62.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:3c:e1:10:fa:46:3b:cb:e3:55:18:31:49:7f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=715b885c3b302fd50e6c22647a33dc47727fea95
Validity
Not Before: Jan 2 00:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24c963a31477b912119238c2942cea0951d3df2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ad:27:e6:ec:ec:15:df:11:fa:3b:fb:74:e4:
1e:14:ec:ed:65:52:81:8a:9f:ca:0d:30:d5:fd:ce:
25:f8:47:30:c0:14:c1:ab:8c:87:a7:cd:9f:01:44:
1d:11:e8:a5:c7:87:81:79:a7:1d:6e:d8:62:0a:18:
fe:c9:a1:97:30:0f:9d:2c:a7:a5:f8:e3:57:ba:c9:
d7:e4:38:f9:6c:b1:5c:73:54:aa:d0:8c:f2:83:52:
b2:75:a1:04:97:a7:c2:f0:f8:79:f3:57:48:b7:c1:
08:2c:68:8a:27:2d:6d:a0:ec:4c:3c:dd:99:30:98:
e3:8e:b3:97:63:d3:5c:62:e6:74:fb:ac:33:de:cb:
38:f7:5f:3e:a4:3b:29:4e:d8:c1:ef:a5:d9:fd:9b:
dd:26:62:96:96:49:55:f0:6d:7c:cf:81:4e:9e:e8:
73:6c:70:c3:9d:79:3d:5f:0e:c9:bb:11:81:75:81:
2a:dd:35:29:6e:a7:0a:d1:a4:a3:d1:b7:56:17:0a:
b7:80:0b:c0:7d:26:d9:83:5f:e8:8e:5c:1a:a4:a5:
c7:c1:71:14:78:66:d6:c6:22:dc:a3:19:af:ef:f0:
44:f7:dc:50:da:3e:97:1e:6a:be:70:5d:8e:47:ff:
c2:db:8a:51:2f:db:94:a1:d1:d7:0d:e0:85:f3:41:
97:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C9:63:A3:14:77:B9:12:11:92:38:C2:94:2C:EA:09:51:D3:DF:2F
X509v3 Authority Key Identifier:
keyid:71:5B:88:5C:3B:30:2F:D5:0E:6C:22:64:7A:33:DC:47:72:7F:EA:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cVuIXDswL9UObCJkejPcR3J_6pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/JMljoxR3uRIRkjjClCzqCVHT3y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/cVuIXDswL9UObCJkejPcR3J_6pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.21.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:50:35:55:89:ec:3f:a8:e9:93:aa:4b:78:54:82:ef:03:df:
97:d0:12:3e:67:8f:78:0e:8b:38:eb:8c:f7:b0:ca:d8:bd:78:
eb:81:30:3a:ff:1e:33:a8:8b:31:ab:1b:67:9a:05:b6:8d:5a:
d5:23:89:3c:0f:f1:6d:30:0f:2b:af:6a:8d:75:52:2d:9f:28:
93:93:ad:8a:ed:02:d7:0b:9b:c2:72:93:f9:0f:1b:f1:92:a6:
bb:7a:d4:f5:e7:c4:90:7f:49:14:0d:7d:40:8e:e3:0c:a2:85:
54:91:c2:20:01:41:58:23:c4:a7:e2:4e:e1:36:04:eb:09:38:
c4:f4:d1:e2:3f:68:c1:88:88:cf:78:0f:fa:30:9d:ad:a1:ea:
43:57:8c:e8:e4:2b:0f:01:53:3e:b4:46:d1:09:18:c5:e2:21:
24:dd:c3:b1:54:da:d1:84:92:dc:c1:ce:05:41:88:ba:f3:65:
db:a5:73:65:26:7a:7a:7e:01:b4:78:25:e1:67:8c:05:2e:da:
b3:17:b9:12:a7:89:cd:58:2d:02:80:d8:64:52:32:b5:40:9a:
7e:67:ed:11:2b:f9:f0:70:3a:3a:73:fa:0d:6c:83:56:2e:71:
07:37:ed:3b:7b:99:62:10:f9:ba:a2:7d:81:cd:58:7d:c8:17:
cd:9e:89:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlDzhEPpGO8vjVRgxSX9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNWI4ODVjM2IzMDJmZDUwZTZjMjI2NDdhMzNkYzQ3NzI3
ZmVhOTUwHhcNMjQwMTAyMDAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGM5NjNhMzE0NzdiOTEyMTE5MjM4YzI5NDJjZWEwOTUxZDNkZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK0n5uzsFd8R+jv7dOQeFOztZVKB
ip/KDTDV/c4l+EcwwBTBq4yHp82fAUQdEeilx4eBeacdbthiChj+yaGXMA+dLKel
+ONXusnX5Dj5bLFcc1Sq0Izyg1KydaEEl6fC8Ph581dIt8EILGiKJy1toOxMPN2Z
MJjjjrOXY9NcYuZ0+6wz3ss4918+pDspTtjB76XZ/ZvdJmKWlklV8G18z4FOnuhz
bHDDnXk9Xw7JuxGBdYEq3TUpbqcK0aSj0bdWFwq3gAvAfSbZg1/ojlwapKXHwXEU
eGbWxiLcoxmv7/BE99xQ2j6XHmq+cF2OR//C24pRL9uUodHXDeCF80GXjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTJY6MUd7kSEZI4wpQs6glR098vMB8GA1UdIwQY
MBaAFHFbiFw7MC/VDmwiZHoz3Edyf+qVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1Z1SVhEc3dMOVVPYkNKa2VqUGNSM0pfNnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODk5OWMtMDQwYS00MjRhLTg4OTYt
MmE5MjMzM2Y5ZGY2LzEvSk1sam94UjN1UklSa2pqQ2xDenFDVkhUM3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mODk5OWMtMDQwYS00MjRhLTg4OTYtMmE5MjMzM2Y5ZGY2
LzEvY1Z1SVhEc3dMOVVPYkNKa2VqUGNSM0pfNnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABT4VMA0G
CSqGSIb3DQEBCwUAA4IBAQBfUDVView/qOmTqkt4VILvA9+X0BI+Z494Dos464z3
sMrYvXjrgTA6/x4zqIsxqxtnmgW2jVrVI4k8D/FtMA8rr2qNdVItnyiTk62K7QLX
C5vCcpP5Dxvxkqa7etT158SQf0kUDX1AjuMMooVUkcIgAUFYI8Sn4k7hNgTrCTjE
9NHiP2jBiIjPeA/6MJ2toepDV4zo5CsPAVM+tEbRCRjF4iEk3cOxVNrRhJLcwc4F
QYi682XbpXNlJnp6fgG0eCXhZ4wFLtqzF7kSp4nNWC0CgNhkUjK1QJp+Z+0RK/nw
cDo6c/oNbINWLnEHN+07e5liEPm6on2BzVh9yBfNnom0
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:19 2025 by rpki-client