Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/JjKs7RUyBnKMPTXLtKyd8FkR8PQ.roa
File: JjKs7RUyBnKMPTXLtKyd8FkR8PQ.roa (raw, json)
Hash identifier: xKZ6i5HIDJxHEaN9Ds5rJM6xbUfcihqII6VS5KICb1w=
Subject key identifier: 26:32:AC:ED:15:32:06:72:8C:3D:35:CB:B4:AC:9D:F0:59:11:F0:F4
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0193BB5B4AA784DD4368CE00DE88F84BE52B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/JjKs7RUyBnKMPTXLtKyd8FkR8PQ.roa
Signing time: Thu 12 Dec 2024 14:52:22 +0000
ROA not before: Thu 12 Dec 2024 14:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 128.0.118.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:5b:4a:a7:84:dd:43:68:ce:00:de:88:f8:4b:e5:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Dec 12 14:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2632aced153206728c3d35cbb4ac9df05911f0f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:23:6a:67:f6:0d:26:07:f1:2e:17:45:d0:56:
ed:06:5a:e9:ad:c2:27:3c:fe:3f:c2:44:49:66:16:
4c:2a:5d:d6:72:3c:35:43:17:c3:e6:12:ea:6e:75:
a8:15:98:99:0c:61:7d:b2:62:a9:6d:da:69:13:1b:
83:83:3f:47:47:93:80:b3:fe:ca:85:a8:5c:b7:7e:
f3:55:07:7f:67:7f:c8:00:45:29:51:2a:82:aa:b7:
79:d7:9f:6b:43:a9:0a:83:40:13:49:88:b5:6d:39:
73:5a:30:6c:73:c9:f6:cd:5b:5d:f6:59:7e:e1:e7:
09:f5:0f:da:65:50:06:88:aa:da:33:43:22:75:e2:
4f:0d:83:b2:37:bf:1c:70:f7:f6:de:05:58:57:7b:
56:84:f5:15:24:bd:61:73:3c:56:3d:c7:bc:38:36:
41:2e:fd:9d:30:2b:6b:19:70:07:c7:9c:81:99:89:
48:a1:17:f2:53:00:39:96:ce:7b:22:2c:78:3f:f3:
c0:06:cb:b1:0e:77:90:0e:6a:c9:8b:12:a4:c2:11:
f5:f3:0c:36:1b:a2:6b:43:bf:55:0c:b5:bc:b3:4f:
ce:a0:e5:bf:30:0d:cf:3d:86:a9:07:21:08:ba:44:
5d:66:ff:aa:bf:75:bb:a0:da:92:c7:3d:d5:18:cb:
6b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:32:AC:ED:15:32:06:72:8C:3D:35:CB:B4:AC:9D:F0:59:11:F0:F4
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/JjKs7RUyBnKMPTXLtKyd8FkR8PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.118.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:05:75:41:3a:bf:87:f7:63:b3:a3:eb:e3:df:95:4b:69:5d:
07:d6:e4:b2:28:70:8e:aa:66:a0:df:c9:83:9e:c9:75:e3:31:
15:0c:9f:f6:57:46:2a:3c:c6:5f:bf:bc:cb:e5:48:56:8b:5a:
74:29:5e:e1:f3:9a:82:d9:ca:38:8f:62:1d:99:cf:07:cb:85:
85:d4:14:05:a5:db:fb:32:f1:d8:18:4a:5f:e0:8a:1a:2b:a8:
aa:c8:c9:11:c7:ce:4a:be:d6:b3:11:86:d8:64:64:05:5a:a4:
fd:7a:e6:b6:49:8b:2a:12:0f:65:26:8f:40:08:54:21:eb:c6:
2c:a0:54:10:68:90:4d:19:e8:23:4d:b9:9a:ae:0b:86:7a:8a:
e6:66:2b:5e:ac:d3:09:9a:34:33:36:16:19:1a:7f:08:54:81:
da:89:94:cf:92:b0:2d:b6:9a:df:85:6b:1e:de:74:f1:0d:b8:
f7:d4:62:2a:45:29:cb:d7:86:f6:89:58:96:df:8b:b0:d1:f6:
2e:02:9a:85:5c:0d:52:d0:b3:35:5a:99:88:28:2f:9f:99:bf:
70:f4:68:7c:f0:6e:2e:2d:4c:40:bf:6b:f3:e0:f7:a0:7e:2f:
13:6f:ce:01:a6:a9:1b:c3:a7:d0:b5:a3:68:ef:cb:b0:84:82:
5c:c3:9f:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO7W0qnhN1DaM4A3oj4S+UrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQxMjEyMTQ1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjMyYWNlZDE1MzIwNjcyOGMzZDM1Y2JiNGFjOWRmMDU5MTFmMGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiNqZ/YNJgfxLhdF0FbtBlrprcIn
PP4/wkRJZhZMKl3Wcjw1QxfD5hLqbnWoFZiZDGF9smKpbdppExuDgz9HR5OAs/7K
hahct37zVQd/Z3/IAEUpUSqCqrd5159rQ6kKg0ATSYi1bTlzWjBsc8n2zVtd9ll+
4ecJ9Q/aZVAGiKraM0MideJPDYOyN78ccPf23gVYV3tWhPUVJL1hczxWPce8ODZB
Lv2dMCtrGXAHx5yBmYlIoRfyUwA5ls57Iix4P/PABsuxDneQDmrJixKkwhH18ww2
G6JrQ79VDLW8s0/OoOW/MA3PPYapByEIukRdZv+qv3W7oNqSxz3VGMtrjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCYyrO0VMgZyjD01y7SsnfBZEfD0MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvSmpLczdSVXlCbktNUFRYTHRLeWQ4RmtSOFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBgAB2MA0G
CSqGSIb3DQEBCwUAA4IBAQAdBXVBOr+H92Ozo+vj35VLaV0H1uSyKHCOqmag38mD
nsl14zEVDJ/2V0YqPMZfv7zL5UhWi1p0KV7h85qC2co4j2Idmc8Hy4WF1BQFpdv7
MvHYGEpf4IoaK6iqyMkRx85KvtazEYbYZGQFWqT9eua2SYsqEg9lJo9ACFQh68Ys
oFQQaJBNGegjTbmarguGeormZiterNMJmjQzNhYZGn8IVIHaiZTPkrAttprfhWse
3nTxDbj31GIqRSnL14b2iViW34uw0fYuApqFXA1S0LM1WpmIKC+fmb9w9Gh88G4u
LUxAv2vz4Pegfi8Tb84Bpqkbw6fQtaNo78uwhIJcw59n
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:34 2025 by rpki-client