Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/JCMX9BVZ0vPl6dojsOzX4z9-xPU.roa
File: JCMX9BVZ0vPl6dojsOzX4z9-xPU.roa (raw, json)
Hash identifier: 9bhNW94kwLJzyzGNSN2v+CSV7n5X9jIPxeMPf/PGmTQ=
Subject key identifier: 24:23:17:F4:15:59:D2:F3:E5:E9:DA:23:B0:EC:D7:E3:3F:7E:C4:F5
Certificate issuer: /CN=7ef532ebb07ea8506b653430c046ec8d402f968b
Certificate serial: 018ADBEC3DEA7E51BCC215AF9AA7491E296E
Authority key identifier: 7E:F5:32:EB:B0:7E:A8:50:6B:65:34:30:C0:46:EC:8D:40:2F:96:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fvUy67B-qFBrZTQwwEbsjUAvlos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/JCMX9BVZ0vPl6dojsOzX4z9-xPU.roa
Signing time: Thu 28 Sep 2023 13:13:27 +0000
ROA not before: Thu 28 Sep 2023 13:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202050
IP address blocks: 193.108.215.0/24 maxlen: 24
193.108.219.0/24 maxlen: 24
193.109.94.0/24 maxlen: 24
193.109.92.0/24 maxlen: 24
2a0f:f840::/48 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:ec:3d:ea:7e:51:bc:c2:15:af:9a:a7:49:1e:29:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ef532ebb07ea8506b653430c046ec8d402f968b
Validity
Not Before: Sep 28 13:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=242317f41559d2f3e5e9da23b0ecd7e33f7ec4f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:12:e6:36:ef:ba:fa:09:99:c0:fb:f6:c1:58:
eb:15:7a:21:e6:59:aa:e3:f5:6d:45:f9:14:ad:09:
d9:5d:13:7d:22:47:f0:27:ed:a1:34:4d:98:00:85:
9f:65:5a:71:c8:06:6e:ae:d6:37:2d:73:8f:02:f4:
be:a3:b7:97:1f:63:74:8e:36:af:bc:67:93:3a:24:
59:d7:93:2c:66:28:a6:36:d4:53:0f:93:6d:89:56:
22:c8:12:b9:7d:c3:8c:f1:77:d9:0b:27:00:0d:fa:
6a:3d:f7:97:6f:42:d7:9a:bf:41:fb:e7:19:23:3a:
8a:bf:82:0d:ee:f5:c9:d2:14:25:34:59:05:80:51:
9a:db:fd:1e:d2:e0:ed:7b:01:03:00:04:67:d3:b1:
2a:05:3b:98:3e:61:dd:88:90:78:6a:45:63:42:cc:
ad:38:59:4b:1d:87:a5:17:e7:ed:a7:f8:0d:a9:dd:
79:b9:71:16:c0:6b:2b:d3:b7:04:87:b2:7f:33:b8:
57:5c:2e:30:72:c8:94:e8:d4:3f:e9:7c:42:23:ee:
06:76:95:f8:58:54:ad:d0:85:90:4a:10:d8:a7:98:
e0:17:d0:d0:a5:72:5f:c2:ae:e5:8a:d6:01:94:b6:
0a:bc:43:de:7d:e2:4f:7d:e9:fc:4e:13:e6:9f:71:
e0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:23:17:F4:15:59:D2:F3:E5:E9:DA:23:B0:EC:D7:E3:3F:7E:C4:F5
X509v3 Authority Key Identifier:
keyid:7E:F5:32:EB:B0:7E:A8:50:6B:65:34:30:C0:46:EC:8D:40:2F:96:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fvUy67B-qFBrZTQwwEbsjUAvlos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/JCMX9BVZ0vPl6dojsOzX4z9-xPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/9275ff-ba9e-48e0-90a1-477270661163/1/fvUy67B-qFBrZTQwwEbsjUAvlos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.215.0/24
193.108.219.0/24
193.109.92.0/24
193.109.94.0/24
IPv6:
2a0f:f840::/48
Signature Algorithm: sha256WithRSAEncryption
59:3e:22:98:65:89:36:fe:b4:5b:73:88:4b:fe:71:b1:84:5a:
02:b4:5d:27:80:9f:37:be:bf:a4:fb:ac:28:7e:ba:83:e3:b3:
9f:17:e1:e1:82:e0:8d:fd:d4:f6:9a:5e:4d:60:09:a6:dc:42:
db:c6:b5:70:db:3c:26:db:d3:31:b9:b8:94:d1:3e:ca:d8:89:
58:f7:1e:c3:48:0b:1a:74:72:29:c2:17:12:7b:55:39:ba:e0:
84:f5:1e:4f:c3:61:da:90:2c:98:25:c5:23:9a:ef:c6:33:6d:
a1:73:76:d3:6d:bd:b1:a3:85:4f:ea:b3:8f:35:43:1a:af:7b:
cb:1a:4d:55:64:4e:b0:10:f9:17:8b:34:56:70:c7:17:31:ce:
9a:df:cd:06:8d:96:f0:1c:59:7b:6a:b5:20:93:9c:85:d6:ab:
11:b8:42:d8:51:d1:5e:d9:41:13:00:ab:c9:67:53:68:d8:69:
f4:72:97:43:0f:62:02:39:b4:57:91:bf:6d:ad:0c:1c:07:ee:
ca:4c:ec:a8:3e:81:70:b0:e6:68:af:21:81:84:4c:7a:4b:25:
b1:2e:4d:ef:1b:dc:a3:34:7f:22:ad:28:9f:0f:54:f7:01:cc:
17:b1:20:fc:47:35:44:ca:0c:05:2d:df:36:8f:32:70:e3:00:
2c:04:7e:2e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYrb7D3qflG8whWvmqdJHiluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZjUzMmViYjA3ZWE4NTA2YjY1MzQzMGMwNDZlYzhkNDAy
Zjk2OGIwHhcNMjMwOTI4MTMxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDIzMTdmNDE1NTlkMmYzZTVlOWRhMjNiMGVjZDdlMzNmN2VjNGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRLmNu+6+gmZwPv2wVjrFXoh5lmq
4/VtRfkUrQnZXRN9IkfwJ+2hNE2YAIWfZVpxyAZurtY3LXOPAvS+o7eXH2N0jjav
vGeTOiRZ15MsZiimNtRTD5NtiVYiyBK5fcOM8XfZCycADfpqPfeXb0LXmr9B++cZ
IzqKv4IN7vXJ0hQlNFkFgFGa2/0e0uDtewEDAARn07EqBTuYPmHdiJB4akVjQsyt
OFlLHYelF+ftp/gNqd15uXEWwGsr07cEh7J/M7hXXC4wcsiU6NQ/6XxCI+4GdpX4
WFSt0IWQShDYp5jgF9DQpXJfwq7litYBlLYKvEPefeJPfen8ThPmn3HgYwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCQjF/QVWdLz5enaI7Ds1+M/fsT1MB8GA1UdIwQY
MBaAFH71MuuwfqhQa2U0MMBG7I1AL5aLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnZVeTY3Qi1xRkJyWlRRd3dFYnNqVUF2bG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85Mjc1ZmYtYmE5ZS00OGUwLTkwYTEt
NDc3MjcwNjYxMTYzLzEvSkNNWDlCVlowdlBsNmRvanNPelg0ejkteFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85Mjc1ZmYtYmE5ZS00OGUwLTkwYTEtNDc3MjcwNjYxMTYz
LzEvZnZVeTY3Qi1xRkJyWlRRd3dFYnNqVUF2bG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAwWzXAwQA
wWzbAwQAwW1cAwQAwW1eMA8EAgACMAkDBwAqD/hAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAFk+IphliTb+tFtziEv+cbGEWgK0XSeAnze+v6T7rCh+uoPjs58X4eGC4I39
1PaaXk1gCabcQtvGtXDbPCbb0zG5uJTRPsrYiVj3HsNICxp0cinCFxJ7VTm64IT1
Hk/DYdqQLJglxSOa78YzbaFzdtNtvbGjhU/qs481Qxqve8saTVVkTrAQ+ReLNFZw
xxcxzprfzQaNlvAcWXtqtSCTnIXWqxG4QthR0V7ZQRMAq8lnU2jYafRyl0MPYgI5
tFeRv22tDBwH7spM7Kg+gXCw5mivIYGETHpLJbEuTe8b3KM0fyKtKJ8PVPcBzBex
IPxHNUTKDAUt3zaPMnDjACwEfi4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org