Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/5cb98c-ee08-4b99-8b4d-c6f41060c5d7/1/jnCHUjTdAK30-NQlBRnrZWwdGrc.roa
File: jnCHUjTdAK30-NQlBRnrZWwdGrc.roa (raw, json)
Hash identifier: Nu8+T+YbF1uCyGR93X8zw/Mzxp/0xZoFpgA53vgu8Is=
Subject key identifier: 8E:70:87:52:34:DD:00:AD:F4:F8:D4:25:05:19:EB:65:6C:1D:1A:B7
Certificate issuer: /CN=9a78fd4d41a49384bdf6e7dc3ebbc500bf66d9d5
Certificate serial: 018CC5DCC6B339DE235EACF01D236BEB5E9E
Authority key identifier: 9A:78:FD:4D:41:A4:93:84:BD:F6:E7:DC:3E:BB:C5:00:BF:66:D9:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnj9TUGkk4S99ufcPrvFAL9m2dU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/5cb98c-ee08-4b99-8b4d-c6f41060c5d7/1/jnCHUjTdAK30-NQlBRnrZWwdGrc.roa
Signing time: Mon 01 Jan 2024 16:30:29 +0000
ROA not before: Mon 01 Jan 2024 16:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.8.84.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:c6:b3:39:de:23:5e:ac:f0:1d:23:6b:eb:5e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a78fd4d41a49384bdf6e7dc3ebbc500bf66d9d5
Validity
Not Before: Jan 1 16:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e70875234dd00adf4f8d4250519eb656c1d1ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ab:8f:92:e7:b8:6d:6b:ab:ca:95:17:b3:68:
1f:7e:b1:47:37:20:76:12:a5:17:4a:b3:ed:6e:0c:
f8:d2:2a:0d:13:64:5a:db:ef:f4:4d:cf:32:42:4e:
24:b6:96:2a:24:fb:ad:5e:5d:8c:7f:91:81:b2:db:
3d:71:c4:22:f8:d5:97:a9:3a:76:ed:32:6b:80:18:
78:88:ba:22:7d:dd:2c:b8:45:4d:bc:e6:94:68:75:
bf:e6:fc:45:30:aa:f0:98:f1:4c:25:cd:95:6e:a3:
dd:0b:64:03:e1:c0:49:85:0f:0f:c9:72:47:89:6d:
d4:46:98:05:83:70:f2:0d:3b:8c:5b:5a:b0:69:ed:
31:92:1b:9f:bc:32:6e:88:47:1e:7a:60:61:d1:9b:
e1:e5:84:27:e6:84:af:31:a7:4c:e1:9d:98:d4:b8:
a3:de:16:53:62:27:1a:b8:07:03:ae:79:5a:2e:ba:
a0:ce:69:ff:00:96:93:d1:d8:42:98:fb:4c:3e:3f:
8c:58:3d:b7:08:d6:7a:76:1c:d0:0e:c9:20:6e:75:
1c:db:c4:b7:73:5d:e3:df:80:5a:e2:cd:32:8b:11:
54:95:a3:0a:b5:93:30:9d:69:c9:1f:42:d4:d2:82:
39:98:45:0c:3a:2b:0f:e2:bd:e7:88:48:82:4e:ff:
20:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:70:87:52:34:DD:00:AD:F4:F8:D4:25:05:19:EB:65:6C:1D:1A:B7
X509v3 Authority Key Identifier:
keyid:9A:78:FD:4D:41:A4:93:84:BD:F6:E7:DC:3E:BB:C5:00:BF:66:D9:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnj9TUGkk4S99ufcPrvFAL9m2dU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/5cb98c-ee08-4b99-8b4d-c6f41060c5d7/1/jnCHUjTdAK30-NQlBRnrZWwdGrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/5cb98c-ee08-4b99-8b4d-c6f41060c5d7/1/mnj9TUGkk4S99ufcPrvFAL9m2dU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.84.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:8c:46:38:29:c3:0e:f0:68:84:6b:04:0a:27:61:a9:0a:0a:
48:f5:2a:af:b7:75:3e:7e:4c:96:97:5b:c0:18:c7:56:ff:f4:
45:e8:68:44:e4:df:ff:f1:43:e8:f8:63:47:97:6e:db:62:e5:
37:86:18:77:a5:29:74:1f:d5:df:79:b0:35:ab:11:65:2e:20:
61:25:6c:3b:f1:76:d5:52:01:97:65:a9:47:14:b3:20:32:3f:
c0:ea:3c:69:f6:c8:9a:34:94:82:bb:aa:e7:58:e6:aa:ce:90:
34:98:62:ac:f2:bd:c7:1e:db:2f:8a:b2:48:67:5e:1a:bf:b4:
48:86:b9:38:34:d3:b1:e6:45:3e:7c:73:22:4a:8f:de:ca:78:
7c:b3:03:07:4d:3e:af:41:b3:1f:eb:ed:ba:d4:9b:e1:96:04:
0e:2c:c7:02:98:de:21:f7:b2:d2:7e:cf:aa:0f:32:8c:2d:15:
36:7e:37:14:76:50:85:1b:c9:25:d3:bf:22:95:06:ba:6e:e8:
58:ee:19:0c:94:45:b8:1d:09:99:f6:b9:33:c4:6f:5f:2f:4f:
96:f3:d0:1f:11:78:8f:a1:bc:38:f7:37:02:81:38:f5:64:da:
ea:13:86:02:66:eb:8a:5c:bb:bb:b4:ba:32:d1:29:0b:18:50:
d3:c2:4a:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3MazOd4jXqzwHSNr616eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzhmZDRkNDFhNDkzODRiZGY2ZTdkYzNlYmJjNTAwYmY2
NmQ5ZDUwHhcNMjQwMTAxMTYzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTcwODc1MjM0ZGQwMGFkZjRmOGQ0MjUwNTE5ZWI2NTZjMWQxYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6uPkue4bWurypUXs2gffrFHNyB2
EqUXSrPtbgz40ioNE2Ra2+/0Tc8yQk4ktpYqJPutXl2Mf5GBsts9ccQi+NWXqTp2
7TJrgBh4iLoifd0suEVNvOaUaHW/5vxFMKrwmPFMJc2VbqPdC2QD4cBJhQ8PyXJH
iW3URpgFg3DyDTuMW1qwae0xkhufvDJuiEceemBh0Zvh5YQn5oSvMadM4Z2Y1Lij
3hZTYicauAcDrnlaLrqgzmn/AJaT0dhCmPtMPj+MWD23CNZ6dhzQDskgbnUc28S3
c13j34Ba4s0yixFUlaMKtZMwnWnJH0LU0oI5mEUMOisP4r3niEiCTv8gGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5wh1I03QCt9PjUJQUZ62VsHRq3MB8GA1UdIwQY
MBaAFJp4/U1BpJOEvfbn3D67xQC/ZtnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5qOVRVR2trNFM5OXVmY1BydkZBTDltMmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS81Y2I5OGMtZWUwOC00Yjk5LThiNGQt
YzZmNDEwNjBjNWQ3LzEvam5DSFVqVGRBSzMwLU5RbEJSbnJaV3dkR3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS81Y2I5OGMtZWUwOC00Yjk5LThiNGQtYzZmNDEwNjBjNWQ3
LzEvbW5qOVRVR2trNFM5OXVmY1BydkZBTDltMmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQhUMA0G
CSqGSIb3DQEBCwUAA4IBAQAqjEY4KcMO8GiEawQKJ2GpCgpI9Sqvt3U+fkyWl1vA
GMdW//RF6GhE5N//8UPo+GNHl27bYuU3hhh3pSl0H9XfebA1qxFlLiBhJWw78XbV
UgGXZalHFLMgMj/A6jxp9siaNJSCu6rnWOaqzpA0mGKs8r3HHtsvirJIZ14av7RI
hrk4NNOx5kU+fHMiSo/eynh8swMHTT6vQbMf6+261JvhlgQOLMcCmN4h97LSfs+q
DzKMLRU2fjcUdlCFG8kl078ilQa6buhY7hkMlEW4HQmZ9rkzxG9fL0+W89AfEXiP
obw49zcCgTj1ZNrqE4YCZuuKXLu7tLoy0SkLGFDTwkrm
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:34 2025 by rpki-client