Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/JOLg5rDbZiVYhRCfazoLKV-KUv4.roa
File: JOLg5rDbZiVYhRCfazoLKV-KUv4.roa (raw, json)
Hash identifier: iS+JjZejtVkYEY+qLNdCHocDBa9l3zC7eKtx2GBGDn0=
Subject key identifier: 24:E2:E0:E6:B0:DB:66:25:58:85:10:9F:6B:3A:0B:29:5F:8A:52:FE
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018B0D431CAF9EE73C9E89B6C108C8D01B06
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/JOLg5rDbZiVYhRCfazoLKV-KUv4.roa
Signing time: Sun 08 Oct 2023 03:09:43 +0000
ROA not before: Sun 08 Oct 2023 03:09:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 2a13:3884::/30 maxlen: 30
2a13:8c44::/30 maxlen: 30
2a13:8c40::/30 maxlen: 30
2a11:5780::/30 maxlen: 30
2a11:5784::/30 maxlen: 30
2a13:3880::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 18 Dec 2023 10:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0d:43:1c:af:9e:e7:3c:9e:89:b6:c1:08:c8:d0:1b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Oct 8 03:09:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24e2e0e6b0db66255885109f6b3a0b295f8a52fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:eb:42:a2:66:a0:79:6a:1d:bf:ae:0c:81:eb:
53:3d:0e:c8:ec:e1:54:64:bb:61:c3:f3:aa:23:34:
be:cc:c2:8d:b2:56:ae:a2:59:42:b6:0e:c4:b6:fb:
47:07:4b:55:66:77:bd:9b:6f:d4:6a:34:ee:5c:19:
f3:25:b9:b5:56:be:c8:36:5d:03:f3:22:62:53:ce:
a1:a6:97:52:d7:ff:44:fd:60:e8:7e:36:c2:e8:73:
1b:c6:25:08:b7:d6:68:0d:e8:37:3e:bd:e0:6f:ed:
11:5c:6a:43:ba:69:b7:5d:40:5b:d2:e8:0b:b3:50:
61:5a:ab:46:8c:17:c5:c3:0a:d1:f0:80:7d:45:e0:
21:f7:b9:6e:a2:58:fa:a5:d4:0c:70:3f:e1:48:75:
85:02:2f:c5:f1:b7:31:cb:af:a6:5d:eb:ef:8f:88:
94:44:52:29:7a:74:31:32:fd:3a:c8:97:32:8f:89:
2c:44:88:77:77:3e:9a:9e:e7:d4:e2:30:22:ec:e5:
b0:14:30:ca:b1:b4:c5:dd:a9:06:e0:f5:ba:c2:95:
06:3d:e9:f3:62:3b:4d:87:2a:c8:fe:95:96:3d:be:
90:4e:e4:af:06:dc:d0:da:a2:a7:d4:51:c6:9e:61:
5e:e9:7a:a6:19:6b:48:88:ff:c1:49:78:2e:bb:7c:
5e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E2:E0:E6:B0:DB:66:25:58:85:10:9F:6B:3A:0B:29:5F:8A:52:FE
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/JOLg5rDbZiVYhRCfazoLKV-KUv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5780::/29
2a13:3880::/29
2a13:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
24:e7:49:71:38:17:8d:8a:d2:b5:df:15:46:9c:8a:6c:bc:af:
58:8b:5f:f7:ba:63:6f:65:30:a5:e1:57:cd:eb:00:bb:aa:60:
c0:43:22:90:79:ce:99:85:e4:69:3f:d4:b2:74:de:96:3d:f5:
c5:a6:b6:69:2a:73:46:1a:6f:ce:d1:10:5c:5d:1f:a5:61:c2:
f1:d3:d9:77:0b:3f:92:b3:33:da:40:ba:19:a0:cb:da:cc:5a:
3e:e7:12:28:ba:5f:07:8a:73:3c:1e:0d:1e:6a:1a:0b:c5:16:
4e:2d:88:86:1d:cd:6c:d0:3c:5d:98:67:20:d8:8e:8b:1b:bb:
6e:a2:f5:ca:59:1f:0d:cf:78:86:9d:b5:93:46:8c:e5:8b:e1:
5a:20:3d:6e:30:74:8e:c5:88:cb:9d:10:f8:c4:74:59:f3:0b:
2d:e2:dd:6f:c5:4d:18:11:e0:cb:d2:7a:d6:b1:03:e1:23:02:
96:79:a2:45:0c:a9:df:46:7c:d6:ca:cb:2d:08:a7:d7:e0:d3:
39:71:98:ba:16:8c:b9:55:27:ca:e0:f3:76:c9:fc:f4:cd:c8:
5d:5c:23:fc:ec:21:3a:49:92:a1:82:96:ee:41:6a:a9:f7:c6:
aa:8c:24:59:c5:5d:87:d7:cc:73:48:3c:9b:c9:2e:f1:24:d3:
65:f9:29:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYsNQxyvnuc8nom2wQjI0BsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMxMDA4MDMwOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGUyZTBlNmIwZGI2NjI1NTg4NTEwOWY2YjNhMGIyOTVmOGE1MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOtComageWodv64MgetTPQ7I7OFU
ZLthw/OqIzS+zMKNslauollCtg7EtvtHB0tVZne9m2/UajTuXBnzJbm1Vr7INl0D
8yJiU86hppdS1/9E/WDofjbC6HMbxiUIt9ZoDeg3Pr3gb+0RXGpDumm3XUBb0ugL
s1BhWqtGjBfFwwrR8IB9ReAh97luolj6pdQMcD/hSHWFAi/F8bcxy6+mXevvj4iU
RFIpenQxMv06yJcyj4ksRIh3dz6anufU4jAi7OWwFDDKsbTF3akG4PW6wpUGPenz
YjtNhyrI/pWWPb6QTuSvBtzQ2qKn1FHGnmFe6XqmGWtIiP/BSXguu3xeUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCTi4Oaw22YlWIUQn2s6CylfilL+MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvSk9MZzVyRGJaaVZZaFJDZmF6b0xLVi1LVXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhFXgAMF
AyoTOIADBQMqE4xAMA0GCSqGSIb3DQEBCwUAA4IBAQAk50lxOBeNitK13xVGnIps
vK9Yi1/3umNvZTCl4VfN6wC7qmDAQyKQec6ZheRpP9SydN6WPfXFprZpKnNGGm/O
0RBcXR+lYcLx09l3Cz+SszPaQLoZoMvazFo+5xIoul8HinM8Hg0eahoLxRZOLYiG
Hc1s0DxdmGcg2I6LG7tuovXKWR8Nz3iGnbWTRozli+FaID1uMHSOxYjLnRD4xHRZ
8wst4t1vxU0YEeDL0nrWsQPhIwKWeaJFDKnfRnzWysstCKfX4NM5cZi6Foy5VSfK
4PN2yfz0zchdXCP87CE6SZKhgpbuQWqp98aqjCRZxV2H18xzSDybyS7xJNNl+Smn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:01 2024 by rpki-client on console-fra.rpki-client.org