Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/JCGHpIJu4urGQ7LsdPPuqygPEQY.roa
File: JCGHpIJu4urGQ7LsdPPuqygPEQY.roa (raw, json)
Hash identifier: Y0LI1PKt2hFQy3anEgwAsWyMVAEA+2kAaSXenhP9Bsc=
Subject key identifier: 24:21:87:A4:82:6E:E2:EA:C6:43:B2:EC:74:F3:EE:AB:28:0F:11:06
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018BABCD800E460C5C464F5D148DFAFB600F
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/JCGHpIJu4urGQ7LsdPPuqygPEQY.roa
Signing time: Tue 07 Nov 2023 22:00:53 +0000
ROA not before: Tue 07 Nov 2023 22:00:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39130
IP address blocks: 195.5.124.0/24 maxlen: 24
195.5.124.0/23 maxlen: 24
195.222.124.0/24 maxlen: 24
195.222.124.0/22 maxlen: 22
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 Nov 2023 23:35:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ab:cd:80:0e:46:0c:5c:46:4f:5d:14:8d:fa:fb:60:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Nov 7 22:00:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=242187a4826ee2eac643b2ec74f3eeab280f1106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7b:a6:df:fe:70:46:ae:67:0c:49:69:72:2a:
7a:7c:e0:a4:cf:c6:e6:26:13:d9:a8:c2:dc:f8:a7:
a7:35:67:7c:5d:78:4b:fb:7f:3b:25:c8:e5:c2:83:
43:48:56:80:5f:7f:9b:89:93:44:93:7f:e7:f2:29:
c3:3a:0f:d2:00:90:e4:35:3d:04:80:3e:f0:35:0c:
d4:a0:6b:8b:3a:33:d5:2d:4b:84:43:0a:b0:ef:b9:
a5:2f:94:f7:a4:12:9e:cf:2d:99:c8:ed:1f:e2:38:
fc:ed:38:4d:92:22:dc:cd:3e:81:85:72:7a:c9:07:
40:02:ae:46:ca:7c:b8:17:44:67:0c:42:fd:c8:0c:
cd:a5:7a:35:47:82:6b:f3:1f:bb:d0:31:4d:48:83:
a5:33:c4:e8:b6:99:bf:77:75:fe:7e:6f:fc:a1:95:
09:aa:70:00:49:1c:bd:9d:dc:fc:f4:e2:f7:b2:71:
fc:da:fa:5c:df:f7:66:17:ae:06:c0:74:19:43:19:
85:9e:89:3f:1d:11:31:17:6e:d3:c7:e7:bc:6f:6e:
d1:81:2b:3a:df:f5:6d:c1:88:69:53:3a:25:9a:8c:
a7:20:af:f0:78:90:f2:fe:bc:7b:e2:94:8b:e5:40:
70:a8:22:8b:69:cf:0d:8b:ea:d7:3c:36:84:29:e2:
1f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:21:87:A4:82:6E:E2:EA:C6:43:B2:EC:74:F3:EE:AB:28:0F:11:06
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/JCGHpIJu4urGQ7LsdPPuqygPEQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.124.0/23
195.222.124.0/22
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
86:17:d4:0c:e0:92:ac:dc:dc:96:1a:d8:48:13:35:38:c2:ad:
35:e7:40:95:c7:96:ff:9a:1c:6a:bf:7d:dd:f2:ca:73:c8:e3:
14:d4:ee:d4:63:88:3d:eb:bf:a3:c5:f3:a5:aa:4f:3e:86:78:
f1:e0:e9:4f:c3:39:ef:42:ae:5e:c3:a0:07:1f:a5:43:ab:5e:
1a:37:d8:a4:2f:12:36:fb:8a:2d:ce:a2:23:6b:e2:ba:95:30:
6d:3f:18:ad:56:ae:37:fb:6b:89:dc:03:b1:2a:79:9e:fc:41:
5a:73:cf:24:7d:28:a7:c3:24:72:eb:27:9e:c3:39:0a:39:49:
eb:ad:af:e8:23:ed:68:ce:90:fd:31:8b:6d:23:a1:51:ed:6d:
18:16:cb:93:b9:9d:6b:3a:14:eb:06:1f:3b:ed:79:a2:a1:08:
b2:3b:17:78:c3:6a:cb:32:df:52:15:b8:bc:d8:2c:87:58:b3:
cf:59:4b:b7:3a:8e:4c:1e:9a:d4:b3:29:a8:42:86:be:85:81:
12:3d:cd:15:af:38:0e:5d:46:ee:a2:06:38:12:bc:93:89:87:
56:81:ac:06:2a:c5:1b:38:a2:45:39:59:8e:9a:36:16:7d:ed:
cb:0c:64:e8:d7:b0:78:40:39:72:ff:fe:08:bd:73:eb:7b:7b:
a7:25:11:7a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYurzYAORgxcRk9dFI36+2APMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMxMTA3MjIwMDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDIxODdhNDgyNmVlMmVhYzY0M2IyZWM3NGYzZWVhYjI4MGYxMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3um3/5wRq5nDElpcip6fOCkz8bm
JhPZqMLc+KenNWd8XXhL+387JcjlwoNDSFaAX3+biZNEk3/n8inDOg/SAJDkNT0E
gD7wNQzUoGuLOjPVLUuEQwqw77mlL5T3pBKezy2ZyO0f4jj87ThNkiLczT6BhXJ6
yQdAAq5Gyny4F0RnDEL9yAzNpXo1R4Jr8x+70DFNSIOlM8Totpm/d3X+fm/8oZUJ
qnAASRy9ndz89OL3snH82vpc3/dmF64GwHQZQxmFnok/HRExF27Tx+e8b27RgSs6
3/VtwYhpUzolmoynIK/weJDy/rx74pSL5UBwqCKLac8Ni+rXPDaEKeIfYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCQhh6SCbuLqxkOy7HTz7qsoDxEGMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvSkNHSHBJSnU0dXJHUTdMc2RQUHVxeWdQRVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwwV8AwQC
w958MA0EAgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQCGF9QM4JKs3NyW
GthIEzU4wq0150CVx5b/mhxqv33d8spzyOMU1O7UY4g967+jxfOlqk8+hnjx4OlP
wznvQq5ew6AHH6VDq14aN9ikLxI2+4otzqIja+K6lTBtPxitVq43+2uJ3AOxKnme
/EFac88kfSinwyRy6yeewzkKOUnrra/oI+1ozpD9MYttI6FR7W0YFsuTuZ1rOhTr
Bh877XmioQiyOxd4w2rLMt9SFbi82CyHWLPPWUu3Oo5MHprUsymoQoa+hYESPc0V
rzgOXUbuogY4EryTiYdWgawGKsUbOKJFOVmOmjYWfe3LDGTo17B4QDly//4IvXPr
e3unJRF6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:06 2024 by rpki-client on console-ams.rpki-client.org