Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/JEbhz0FWw65QOBESzAGcukV030Y.roa
File: JEbhz0FWw65QOBESzAGcukV030Y.roa (raw, json)
Hash identifier: 0j/xrD/2j/BYFn9nMHUfMBiE5AI06AI7iem8bJS11ys=
Subject key identifier: 24:46:E1:CF:41:56:C3:AE:50:38:11:12:CC:01:9C:BA:45:74:DF:46
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01856DE6770DD5E12A447831368368F4A525
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/JEbhz0FWw65QOBESzAGcukV030Y.roa
Signing time: Sun 01 Jan 2023 15:14:58 +0000
ROA not before: Sun 01 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41989
IP address blocks: 178.239.112.0/20 maxlen: 20
85.239.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 29 Sep 2023 19:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:77:0d:d5:e1:2a:44:78:31:36:83:68:f4:a5:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 1 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2446e1cf4156c3ae50381112cc019cba4574df46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7e:c3:77:35:6b:c8:e9:87:d8:aa:e5:ec:13:
6a:04:90:3c:8a:66:b5:58:42:23:0b:d1:a7:92:e1:
3d:aa:5e:be:39:d1:56:20:d3:03:9e:f2:92:15:b1:
21:78:a0:e0:24:10:d6:73:2e:d0:98:d2:b8:5a:42:
15:06:95:38:aa:8e:ad:ab:50:da:d6:18:0b:b3:98:
87:11:66:ab:aa:80:ed:cd:45:bc:cd:49:50:ab:39:
ab:6a:8c:47:e1:0a:3a:38:0a:2c:ff:0a:2c:0e:fe:
52:f9:d2:c2:f0:df:1b:e0:a5:7f:93:66:05:c1:1c:
80:cc:34:a3:d0:3d:6c:c7:ff:e9:b5:25:ed:68:ea:
0a:b6:c2:c3:84:05:ac:05:a7:44:78:48:75:41:c4:
7e:4a:63:fa:c4:7f:fb:48:c2:74:f3:67:d0:0a:eb:
08:81:ce:67:5a:0c:4f:d5:27:e7:93:74:fc:9e:a2:
20:be:df:2f:26:58:e8:51:1d:ea:88:b9:09:57:2b:
f9:98:2d:18:7f:78:a9:87:7d:65:c6:1a:88:76:4f:
e6:4d:44:a4:a9:dc:60:6b:25:85:e3:d4:3f:47:57:
5b:de:df:60:00:94:f0:7d:f2:57:87:85:0c:ab:97:
2e:cb:5c:0e:03:df:d2:9b:e6:e4:da:d3:0a:08:21:
f3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:46:E1:CF:41:56:C3:AE:50:38:11:12:CC:01:9C:BA:45:74:DF:46
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/JEbhz0FWw65QOBESzAGcukV030Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.152.0/22
178.239.112.0/20
Signature Algorithm: sha256WithRSAEncryption
ab:ed:f5:ba:75:ce:43:c3:64:c4:75:26:48:f6:b8:1e:10:2f:
19:99:f9:f7:7e:54:a5:f0:5a:80:a7:5f:50:33:2f:0c:e2:3c:
0a:c7:ec:74:70:0f:f1:c6:42:3c:8e:68:ff:eb:a2:28:0e:70:
3a:2b:ed:6b:ba:95:dc:e1:95:b5:54:c1:50:bc:b8:6e:7c:c3:
b5:04:4a:0a:11:24:9a:3a:3f:bd:11:b2:73:94:48:f7:bc:c0:
3f:14:99:ba:84:98:14:ae:be:7f:16:ad:9d:3f:c6:6d:b4:8c:
5e:e4:f2:1f:69:46:8a:84:40:c1:25:cb:40:20:cc:d2:87:c9:
31:d4:99:ad:04:4b:c2:b1:bc:50:67:19:e3:d7:fe:5c:89:49:
50:18:19:82:18:be:02:bf:31:c6:92:58:ba:7b:7e:a0:91:28:
1f:93:ae:9c:72:44:76:5e:68:a6:1c:cf:cc:9d:7a:9c:0e:e1:
24:18:f6:15:c9:31:b2:a5:28:06:68:ac:f1:c6:47:ef:27:d8:
37:d9:08:4e:11:df:4a:a4:81:bc:68:23:5b:ca:5d:ea:cf:0e:
80:f6:33:ea:2c:00:d1:c5:79:26:69:d3:3e:50:35:5d:2e:38:
49:dd:1c:5f:0f:50:9e:03:43:ad:df:d3:98:9c:92:3a:3a:23:
c6:1f:bd:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt5ncN1eEqRHgxNoNo9KUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwMTAxMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQ2ZTFjZjQxNTZjM2FlNTAzODExMTJjYzAxOWNiYTQ1NzRkZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH7DdzVryOmH2Krl7BNqBJA8ima1
WEIjC9GnkuE9ql6+OdFWINMDnvKSFbEheKDgJBDWcy7QmNK4WkIVBpU4qo6tq1Da
1hgLs5iHEWarqoDtzUW8zUlQqzmraoxH4Qo6OAos/wosDv5S+dLC8N8b4KV/k2YF
wRyAzDSj0D1sx//ptSXtaOoKtsLDhAWsBadEeEh1QcR+SmP6xH/7SMJ082fQCusI
gc5nWgxP1Sfnk3T8nqIgvt8vJljoUR3qiLkJVyv5mC0Yf3iph31lxhqIdk/mTUSk
qdxgayWF49Q/R1db3t9gAJTwffJXh4UMq5cuy1wOA9/Sm+bk2tMKCCHzdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCRG4c9BVsOuUDgREswBnLpFdN9GMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvSkViaHowRld3NjVRT0JFU3pBR2N1a1YwMzBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVe+YAwQE
su9wMA0GCSqGSIb3DQEBCwUAA4IBAQCr7fW6dc5Dw2TEdSZI9rgeEC8Zmfn3flSl
8FqAp19QMy8M4jwKx+x0cA/xxkI8jmj/66IoDnA6K+1rupXc4ZW1VMFQvLhufMO1
BEoKESSaOj+9EbJzlEj3vMA/FJm6hJgUrr5/Fq2dP8ZttIxe5PIfaUaKhEDBJctA
IMzSh8kx1JmtBEvCsbxQZxnj1/5ciUlQGBmCGL4CvzHGkli6e36gkSgfk66cckR2
XmimHM/MnXqcDuEkGPYVyTGypSgGaKzxxkfvJ9g32QhOEd9KpIG8aCNbyl3qzw6A
9jPqLADRxXkmadM+UDVdLjhJ3RxfD1CeA0Ot39OYnJI6OiPGH73a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org