Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JGMQ30VMRQG2tixYrMtKBbWaYHc.roa
File: JGMQ30VMRQG2tixYrMtKBbWaYHc.roa (raw, json)
Hash identifier: FwF4G4SuMBtp0qRnRweC/jxOkKay3JuEb6CSLqpvFGQ=
Subject key identifier: 24:63:10:DF:45:4C:45:01:B6:B6:2C:58:AC:CB:4A:05:B5:9A:60:77
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01958133559C6FB3B7DD0450134D0B88937A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JGMQ30VMRQG2tixYrMtKBbWaYHc.roa
Signing time: Mon 10 Mar 2025 17:56:19 +0000
ROA not before: Mon 10 Mar 2025 17:56:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36680
IP address blocks: 2a12:d540::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 10 Mar 2025 19:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:81:33:55:9c:6f:b3:b7:dd:04:50:13:4d:0b:88:93:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 10 17:56:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=246310df454c4501b6b62c58accb4a05b59a6077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d1:35:30:d4:c7:b9:92:91:9b:f4:b3:c5:4a:
f9:a4:24:e7:80:e2:8f:5e:1f:25:8a:0c:12:5c:a9:
97:4d:78:0b:38:61:6e:75:95:a1:f4:ce:75:8d:58:
ab:ac:e8:e9:fd:32:3e:97:5c:8d:eb:ae:2d:31:ca:
43:40:32:0c:cc:99:6a:58:02:e7:d0:3d:d6:cc:58:
c5:b4:4d:ad:ec:a9:53:b9:cf:b3:cf:9e:76:e9:c2:
31:21:6a:1f:e1:22:5f:f8:57:c8:6c:06:04:7a:78:
b4:c8:28:dd:02:a2:4f:fa:e0:d2:34:62:73:41:ed:
14:48:73:33:96:4d:ab:fd:eb:cc:3e:9b:40:96:ad:
ac:f9:af:8c:00:49:25:48:ee:84:79:ed:2b:7b:96:
66:97:fc:f3:2a:92:46:c4:7a:fe:9c:7d:c5:67:fb:
13:58:ae:ea:5b:cf:48:1d:d6:72:c2:94:4f:89:89:
31:1b:15:1e:9c:8f:fb:2c:d4:0b:69:27:42:06:4c:
3c:3e:e7:48:db:39:7c:e4:1d:15:6b:06:59:bc:42:
c3:eb:5c:f1:0c:bb:f6:dd:e7:d6:51:f5:d1:70:24:
1d:1c:51:7a:be:2d:c0:e7:74:91:e7:81:97:84:9b:
24:c7:dc:42:ad:95:65:ce:86:be:20:d1:5a:7d:cc:
77:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:63:10:DF:45:4C:45:01:B6:B6:2C:58:AC:CB:4A:05:B5:9A:60:77
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JGMQ30VMRQG2tixYrMtKBbWaYHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:d540::/29
Signature Algorithm: sha256WithRSAEncryption
7a:98:34:bc:be:ab:e5:8e:3e:41:d1:18:81:d7:b9:00:74:3f:
6c:c4:aa:61:e9:fe:63:10:be:91:bb:f5:4d:53:7e:2b:fd:56:
20:7d:2e:cc:2b:b1:ed:93:e1:75:a7:aa:90:80:4d:bc:28:c3:
c9:69:74:a1:b1:01:e8:5a:05:f1:ec:36:01:73:98:7a:88:04:
c4:89:ff:54:83:ea:1f:46:79:c6:be:da:1b:b6:4e:98:cd:aa:
02:ed:6f:7c:af:8a:ec:fa:8d:d3:60:6f:3b:e7:e8:27:43:ca:
61:72:83:3f:11:80:8b:b4:f5:90:ea:24:09:a2:43:a4:6a:e1:
e6:8d:ad:e2:03:9d:e5:7f:13:6a:c0:f8:a4:06:86:43:00:4d:
59:12:a2:13:be:a3:d3:2f:9a:a8:37:1c:b6:eb:1e:ef:00:bf:
7c:91:ba:60:70:1b:f9:ae:c3:df:c8:3d:1a:c4:04:fe:64:6b:
5c:43:7f:a4:75:a5:b1:59:a2:41:dc:1a:82:4b:09:5b:5e:eb:
a0:25:0d:c1:49:12:57:6a:4b:51:0c:23:5b:72:41:be:ae:1d:
62:a1:20:84:ae:1e:07:82:03:c9:e0:4d:43:ee:6b:08:fb:b4:
94:fe:62:1b:5c:2e:e5:b0:c7:93:8d:d6:a0:73:be:12:f1:1e:
f5:5f:c2:7c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZWBM1Wcb7O33QRQE00LiJN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzEwMTc1NjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDYzMTBkZjQ1NGM0NTAxYjZiNjJjNThhY2NiNGEwNWI1OWE2MDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNE1MNTHuZKRm/SzxUr5pCTngOKP
Xh8ligwSXKmXTXgLOGFudZWh9M51jVirrOjp/TI+l1yN664tMcpDQDIMzJlqWALn
0D3WzFjFtE2t7KlTuc+zz5526cIxIWof4SJf+FfIbAYEeni0yCjdAqJP+uDSNGJz
Qe0USHMzlk2r/evMPptAlq2s+a+MAEklSO6Eee0re5Zml/zzKpJGxHr+nH3FZ/sT
WK7qW89IHdZywpRPiYkxGxUenI/7LNQLaSdCBkw8PudI2zl85B0VawZZvELD61zx
DLv23efWUfXRcCQdHFF6vi3A53SR54GXhJskx9xCrZVlzoa+INFafcx3owIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCRjEN9FTEUBtrYsWKzLSgW1mmB3MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSkdNUTMwVk1SUUcydGl4WXJNdEtCYldhWUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLVQDAN
BgkqhkiG9w0BAQsFAAOCAQEAepg0vL6r5Y4+QdEYgde5AHQ/bMSqYen+YxC+kbv1
TVN+K/1WIH0uzCux7ZPhdaeqkIBNvCjDyWl0obEB6FoF8ew2AXOYeogExIn/VIPq
H0Z5xr7aG7ZOmM2qAu1vfK+K7PqN02BvO+foJ0PKYXKDPxGAi7T1kOokCaJDpGrh
5o2t4gOd5X8TasD4pAaGQwBNWRKiE76j0y+aqDcctuse7wC/fJG6YHAb+a7D38g9
GsQE/mRrXEN/pHWlsVmiQdwagksJW17roCUNwUkSV2pLUQwjW3JBvq4dYqEghK4e
B4IDyeBNQ+5rCPu0lP5iG1wu5bDHk43WoHO+EvEe9V/CfA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:06:47 2025 by rpki-client