Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/JuJ8KYDt9-G6xNYeV-ixVow9yMc.roa
File: JuJ8KYDt9-G6xNYeV-ixVow9yMc.roa (raw, json)
Hash identifier: SNghjxkgiXmo1MMRSZ/Z3Qs7huG4WUC+3LU9uW85Buw=
Subject key identifier: 26:E2:7C:29:80:ED:F7:E1:BA:C4:D6:1E:57:E8:B1:56:8C:3D:C8:C7
Certificate issuer: /CN=cadc74e10830421d4eeea98244cfd1b4119037ff
Certificate serial: 01856B0A323A1EC1C8814A5EB94C973A36B5
Authority key identifier: CA:DC:74:E1:08:30:42:1D:4E:EE:A9:82:44:CF:D1:B4:11:90:37:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ytx04QgwQh1O7qmCRM_RtBGQN_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/JuJ8KYDt9-G6xNYeV-ixVow9yMc.roa
Signing time: Sun 01 Jan 2023 01:55:08 +0000
ROA not before: Sun 01 Jan 2023 01:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 141.71.0.0/16 maxlen: 16
192.108.51.0/24 maxlen: 24
192.108.52.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:32:3a:1e:c1:c8:81:4a:5e:b9:4c:97:3a:36:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cadc74e10830421d4eeea98244cfd1b4119037ff
Validity
Not Before: Jan 1 01:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26e27c2980edf7e1bac4d61e57e8b1568c3dc8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2c:02:3d:e6:50:b0:57:26:b0:ac:dd:58:a4:
bc:fd:43:88:6d:9d:24:8d:7b:5e:8e:41:d8:8f:37:
98:79:a4:d8:0f:12:06:97:bb:f5:1e:69:d1:39:48:
8a:f9:c6:05:65:21:78:9d:06:68:42:43:19:71:24:
69:45:69:3f:83:47:96:e4:33:ed:8f:25:07:4e:f5:
d9:3c:68:4d:73:95:ad:a7:a3:02:a9:a6:68:b1:e5:
28:ca:0d:30:6f:72:c2:b4:e6:31:be:7c:02:bb:67:
14:39:0b:45:e1:3f:80:b0:8f:e1:e9:d2:6e:ea:b1:
2f:3a:da:0c:61:56:3a:cf:4e:53:7a:61:f5:d9:51:
48:81:ff:af:03:32:aa:32:ed:43:a6:6f:a7:5a:48:
2d:8c:f4:26:bb:31:3f:86:2c:45:e8:4d:f0:f0:10:
20:12:dd:80:84:da:53:47:65:01:85:7f:d3:a7:80:
62:b1:d1:4c:8c:ed:93:87:4a:56:bf:43:52:1e:45:
df:ef:44:e2:08:1c:98:3a:53:2d:da:18:a1:3c:ba:
2a:7e:02:08:34:db:ae:9c:b1:c6:6d:5e:cb:ce:20:
d0:6f:d9:32:25:b2:97:94:3e:91:e1:47:4f:07:5a:
1c:60:07:34:82:9b:4a:d4:60:9e:6e:34:14:41:8a:
87:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E2:7C:29:80:ED:F7:E1:BA:C4:D6:1E:57:E8:B1:56:8C:3D:C8:C7
X509v3 Authority Key Identifier:
keyid:CA:DC:74:E1:08:30:42:1D:4E:EE:A9:82:44:CF:D1:B4:11:90:37:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ytx04QgwQh1O7qmCRM_RtBGQN_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/JuJ8KYDt9-G6xNYeV-ixVow9yMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/ytx04QgwQh1O7qmCRM_RtBGQN_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.71.0.0/16
192.108.51.0-192.108.53.255
Signature Algorithm: sha256WithRSAEncryption
85:f8:13:15:38:c2:3f:10:20:e9:a4:36:e9:fd:70:21:ab:e4:
8c:b7:f6:bf:9c:fc:6a:3f:cc:16:03:4f:56:2a:35:ad:26:ca:
ff:49:af:d0:48:50:56:65:35:2b:33:90:86:75:f9:ed:94:12:
91:a6:44:e4:7b:26:4e:7a:8e:47:71:70:b5:32:ec:d3:ec:70:
e8:54:a7:dc:83:ae:a9:e8:50:f9:bc:bf:55:f5:a1:98:e6:3e:
b2:6a:5e:9b:24:a1:0e:e0:54:35:29:42:89:fb:cc:c6:f7:b0:
05:b7:d7:c2:46:ba:6e:70:22:f4:81:78:73:68:2d:5d:a4:d5:
30:10:8f:ad:90:99:99:b9:1d:74:dd:64:ed:84:81:3e:34:ce:
d1:41:26:6c:05:b2:3d:5e:97:32:e2:f5:c2:45:d7:f7:d5:be:
18:6a:ab:87:5f:2c:3a:02:16:9a:66:98:96:6b:60:b1:2b:ba:
20:dd:b0:d5:19:85:d2:bb:cf:c6:8d:a0:bf:54:7f:5d:00:c2:
3a:58:32:23:cf:cd:7b:a2:77:d3:77:b9:fe:f4:95:38:24:cb:
80:d0:b7:2f:9b:fb:18:4b:d4:46:ff:c3:59:65:31:10:6a:06:
0a:09:a8:01:20:23:6b:4d:00:30:fa:4d:bf:1a:54:71:7a:21:
bf:7f:c0:6c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVrCjI6HsHIgUpeuUyXOja1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZGM3NGUxMDgzMDQyMWQ0ZWVlYTk4MjQ0Y2ZkMWI0MTE5
MDM3ZmYwHhcNMjMwMTAxMDE1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmUyN2MyOTgwZWRmN2UxYmFjNGQ2MWU1N2U4YjE1NjhjM2RjOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSwCPeZQsFcmsKzdWKS8/UOIbZ0k
jXtejkHYjzeYeaTYDxIGl7v1HmnROUiK+cYFZSF4nQZoQkMZcSRpRWk/g0eW5DPt
jyUHTvXZPGhNc5Wtp6MCqaZoseUoyg0wb3LCtOYxvnwCu2cUOQtF4T+AsI/h6dJu
6rEvOtoMYVY6z05TemH12VFIgf+vAzKqMu1Dpm+nWkgtjPQmuzE/hixF6E3w8BAg
Et2AhNpTR2UBhX/Tp4BisdFMjO2Th0pWv0NSHkXf70TiCByYOlMt2hihPLoqfgII
NNuunLHGbV7LziDQb9kyJbKXlD6R4UdPB1ocYAc0gptK1GCebjQUQYqHhQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCbifCmA7ffhusTWHlfosVaMPcjHMB8GA1UdIwQY
MBaAFMrcdOEIMEIdTu6pgkTP0bQRkDf/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXR4MDRRZ3dRaDFPN3FtQ1JNX1J0QkdRTl84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84YmZmNzItNWMxNi00NDg0LWFjYzIt
N2ViNGMwODg1OTBmLzEvSnVKOEtZRHQ5LUc2eE5ZZVYtaXhWb3c5eU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84YmZmNzItNWMxNi00NDg0LWFjYzItN2ViNGMwODg1OTBm
LzEveXR4MDRRZ3dRaDFPN3FtQ1JNX1J0QkdRTl84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwMAjUcwDAME
AMBsMwMEAcBsNDANBgkqhkiG9w0BAQsFAAOCAQEAhfgTFTjCPxAg6aQ26f1wIavk
jLf2v5z8aj/MFgNPVio1rSbK/0mv0EhQVmU1KzOQhnX57ZQSkaZE5HsmTnqOR3Fw
tTLs0+xw6FSn3IOuqehQ+by/VfWhmOY+smpemyShDuBUNSlCifvMxvewBbfXwka6
bnAi9IF4c2gtXaTVMBCPrZCZmbkddN1k7YSBPjTO0UEmbAWyPV6XMuL1wkXX99W+
GGqrh18sOgIWmmaYlmtgsSu6IN2w1RmF0rvPxo2gv1R/XQDCOlgyI8/Ne6J303e5
/vSVOCTLgNC3L5v7GEvURv/DWWUxEGoGCgmoASAja00AMPpNvxpUcXohv3/AbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:18 2024 by rpki-client on console-ams.rpki-client.org