Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/jghpfLjJq9sPh4p7BBql8lTLCpQ.roa
File: jghpfLjJq9sPh4p7BBql8lTLCpQ.roa (raw, json)
Hash identifier: pZ1II9LopdeFCLTEqvZFormwnwbu4S2LpguXCibOscE=
Subject key identifier: 8E:08:69:7C:B8:C9:AB:DB:0F:87:8A:7B:04:1A:A5:F2:54:CB:0A:94
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01856E8B1CD5B6B8E053FA9B7604C7BDB8B1
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/jghpfLjJq9sPh4p7BBql8lTLCpQ.roa
Signing time: Sun 01 Jan 2023 18:14:48 +0000
ROA not before: Sun 01 Jan 2023 18:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5089
IP address blocks: 45.86.156.0/22 maxlen: 24
185.255.114.0/24 maxlen: 24
85.117.242.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:1c:d5:b6:b8:e0:53:fa:9b:76:04:c7:bd:b8:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 18:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e08697cb8c9abdb0f878a7b041aa5f254cb0a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2c:c4:57:61:9b:6a:66:af:c2:86:18:ad:16:
70:9c:9a:e8:c1:78:da:da:e7:ee:6c:04:a1:f2:77:
d2:b9:af:cc:14:5c:3f:58:d9:78:45:37:d3:ce:97:
38:e2:18:08:b7:bf:b8:3a:8d:b2:b0:f9:04:78:ac:
c9:7f:e4:35:d3:c7:49:28:8f:fc:ab:ce:3b:e2:76:
4b:03:ad:81:33:ad:56:12:14:81:cf:5b:3f:3e:5d:
c3:e9:c3:8b:09:32:3e:ae:17:1f:36:96:4a:c4:b9:
a7:54:39:1e:6f:b0:ea:7d:1c:fa:50:65:3e:75:40:
97:30:6a:7b:e9:47:4c:f5:c9:53:63:6f:a2:d7:2f:
50:64:e0:26:82:99:d0:bc:7a:8e:02:79:95:c5:bf:
cd:22:d0:20:9d:fa:08:0b:77:3d:fc:ea:7e:10:a1:
f7:ec:5b:fc:ec:1a:2d:c8:9d:38:a6:ab:d4:ef:2d:
96:80:a7:b6:d2:18:f4:fc:98:31:74:ba:b5:87:e7:
86:60:ed:38:97:59:d1:17:6b:ac:36:0a:17:f7:ad:
ca:15:b2:05:7e:25:eb:dd:7f:6f:66:0d:b6:fb:c5:
0e:8c:4c:d6:3d:dd:df:5f:29:97:1d:18:f0:82:16:
11:ce:8b:39:ea:03:1a:a9:b2:42:f4:63:bb:90:12:
29:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:08:69:7C:B8:C9:AB:DB:0F:87:8A:7B:04:1A:A5:F2:54:CB:0A:94
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/jghpfLjJq9sPh4p7BBql8lTLCpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.156.0/22
85.117.242.0/24
185.255.114.0/24
Signature Algorithm: sha256WithRSAEncryption
69:ab:0a:af:05:78:78:ec:c5:40:7c:5c:0f:13:7a:17:b0:52:
cd:4b:bb:3e:77:a0:a8:96:a5:01:ec:9e:d9:f4:7a:4d:e0:c7:
d0:23:24:c6:6b:c2:97:25:fc:70:28:5e:06:95:ed:70:3f:f4:
f2:9a:54:76:b6:a2:fa:0f:b5:6e:17:33:ea:72:15:59:5b:c5:
a4:90:69:c2:47:a2:28:ed:ca:b7:b4:20:22:4c:da:e5:c8:81:
cd:98:c5:3d:6f:55:06:82:b7:32:cc:89:9e:25:94:f7:07:a2:
bc:a1:e0:38:9c:90:09:f4:10:63:5e:cd:e2:13:d2:f5:cb:5c:
0b:fc:6e:dd:ec:31:a2:65:9c:7d:ca:76:16:30:da:78:d6:32:
ba:d9:76:40:d2:7e:9e:8a:b5:52:f9:08:08:f2:a3:48:be:de:
a7:84:78:e6:e3:ca:67:61:69:f0:26:61:2f:a0:81:7e:80:ad:
1e:a8:10:a3:af:cc:91:03:1f:fc:88:3f:48:30:54:33:ff:d8:
d8:27:fb:e9:7d:cd:ee:9f:e6:99:b1:fe:02:f0:2f:8d:7b:4e:
57:5d:b4:64:bb:9b:b5:d4:cc:0a:52:60:52:d8:a0:e6:5b:2c:
63:c3:b6:58:57:d1:c0:b8:94:8e:74:29:27:dd:b1:09:c9:a8:
84:8a:e1:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuixzVtrjgU/qbdgTHvbixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwMTAxMTgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTA4Njk3Y2I4YzlhYmRiMGY4NzhhN2IwNDFhYTVmMjU0Y2IwYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzizEV2GbamavwoYYrRZwnJrowXja
2ufubASh8nfSua/MFFw/WNl4RTfTzpc44hgIt7+4Oo2ysPkEeKzJf+Q108dJKI/8
q8474nZLA62BM61WEhSBz1s/Pl3D6cOLCTI+rhcfNpZKxLmnVDkeb7DqfRz6UGU+
dUCXMGp76UdM9clTY2+i1y9QZOAmgpnQvHqOAnmVxb/NItAgnfoIC3c9/Op+EKH3
7Fv87BotyJ04pqvU7y2WgKe20hj0/JgxdLq1h+eGYO04l1nRF2usNgoX963KFbIF
fiXr3X9vZg22+8UOjEzWPd3fXymXHRjwghYRzos56gMaqbJC9GO7kBIpcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI4IaXy4yavbD4eKewQapfJUywqUMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvamdocGZMakpxOXNQaDRwN0JCcWw4bFRMQ3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVacAwQA
VXXyAwQAuf9yMA0GCSqGSIb3DQEBCwUAA4IBAQBpqwqvBXh47MVAfFwPE3oXsFLN
S7s+d6ColqUB7J7Z9HpN4MfQIyTGa8KXJfxwKF4Gle1wP/TymlR2tqL6D7VuFzPq
chVZW8WkkGnCR6Io7cq3tCAiTNrlyIHNmMU9b1UGgrcyzImeJZT3B6K8oeA4nJAJ
9BBjXs3iE9L1y1wL/G7d7DGiZZx9ynYWMNp41jK62XZA0n6eirVS+QgI8qNIvt6n
hHjm48pnYWnwJmEvoIF+gK0eqBCjr8yRAx/8iD9IMFQz/9jYJ/vpfc3un+aZsf4C
8C+Ne05XXbRku5u11MwKUmBS2KDmWyxjw7ZYV9HAuJSOdCkn3bEJyaiEiuF4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:34 2023 by rpki-client on console-fra.rpki-client.org