Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/jwcrL-jFzKb3o9fUiib-oG6roYk.roa
File: jwcrL-jFzKb3o9fUiib-oG6roYk.roa (raw, json)
Hash identifier: XG83kaun7i3fb8/MTJrh//cCBkjj43K2IdzkNw6xJII=
Subject key identifier: 8F:07:2B:2F:E8:C5:CC:A6:F7:A3:D7:D4:8A:26:FE:A0:6E:AB:A1:89
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018CC3B685F8E3945E0B5E21991FD41A1766
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/jwcrL-jFzKb3o9fUiib-oG6roYk.roa
Signing time: Mon 01 Jan 2024 06:29:28 +0000
ROA not before: Mon 01 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39486
IP address blocks: 193.161.128.0/22 maxlen: 24
171.22.252.0/24 maxlen: 32
194.104.104.0/22 maxlen: 24
45.134.79.0/24 maxlen: 32
87.239.254.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
36.255.188.0/22 maxlen: 32
Validation: Failed, certificate revoked on Wed 08 May 2024 12:37:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:85:f8:e3:94:5e:0b:5e:21:99:1f:d4:1a:17:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 1 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f072b2fe8c5cca6f7a3d7d48a26fea06eaba189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1f:ca:3c:97:22:1f:40:76:00:2b:aa:0a:cb:
dc:18:17:f8:66:a0:eb:d8:36:9f:58:d0:b2:4f:22:
8f:3d:39:d8:72:c4:0c:dd:26:0e:03:16:74:05:1d:
83:f7:5a:fd:8d:78:cd:9b:97:9a:67:9b:0e:07:7a:
b9:c8:f1:8e:40:13:e2:91:7c:84:d4:59:dc:01:5e:
7f:39:4d:6d:92:4e:15:d1:b5:88:37:82:25:73:0b:
85:a2:fa:a0:c1:b4:e9:fb:a2:20:64:00:c7:54:08:
9d:71:8b:fb:65:f4:ff:ab:a1:d6:cd:66:30:6e:27:
b7:59:8f:c7:40:29:d1:fd:8c:2c:ca:35:ff:91:67:
a1:a1:ff:40:ff:33:c5:2d:bc:16:0b:c6:cb:f9:a8:
36:2b:4f:63:ac:96:61:80:9e:c1:06:89:91:40:27:
75:d5:99:8f:18:68:32:2f:65:1c:6c:87:94:73:ff:
1c:aa:d2:31:1b:77:6f:d4:8d:5b:2f:d0:fd:c1:84:
bf:e1:62:ac:b2:47:58:23:6e:6e:33:a9:2e:b3:b3:
b5:40:5c:66:54:c0:da:3c:30:9b:61:98:3c:8d:9e:
80:5a:83:72:c2:81:c3:76:fc:e6:60:cd:5c:f2:b9:
1a:df:00:5f:ee:77:47:72:47:9a:cc:f4:dd:56:d6:
28:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:07:2B:2F:E8:C5:CC:A6:F7:A3:D7:D4:8A:26:FE:A0:6E:AB:A1:89
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/jwcrL-jFzKb3o9fUiib-oG6roYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.255.188.0/22
45.134.79.0/24
87.239.254.0/24
171.22.252.0/24
185.184.228.0/24
193.161.128.0/22
194.104.104.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:1f:3f:94:78:cb:78:ba:1a:d5:6e:81:51:bd:14:db:16:6b:
db:44:21:11:ed:4d:5a:57:30:6b:82:15:fa:1b:d3:d8:49:52:
4d:58:fa:68:79:8d:61:6a:84:5a:5f:29:ad:7a:95:09:4f:5b:
5e:32:95:ab:a2:ce:f9:e8:d1:4b:84:cb:07:e5:a5:b3:e5:1d:
2c:d2:a8:0c:3b:74:ca:ac:70:8b:c9:e9:81:56:cf:1f:dc:ea:
d1:0c:70:67:7e:bd:1b:2e:3e:3f:b2:27:5a:e8:5c:8c:58:0b:
ae:ee:9a:29:07:5d:4c:49:3c:70:96:8e:61:37:24:27:e6:f4:
b4:69:37:40:91:0c:10:d2:f6:5a:b8:34:a5:8e:d8:39:e3:3b:
a6:9c:0d:34:2c:38:c9:a2:2c:40:a5:79:05:4e:a7:e0:15:d1:
a5:51:3b:60:cc:63:72:d2:7a:6f:2d:e4:8c:36:39:07:4f:74:
fe:37:ff:e3:f3:2b:1e:7f:f6:46:c2:d0:e1:29:b3:65:0b:ce:
d0:b0:90:e5:35:4a:fa:34:95:ab:94:f5:3f:15:68:b1:a2:e6:
1a:4d:53:5f:c0:2c:6a:2b:8a:a5:f6:42:85:e8:55:c9:0a:e6:
7f:42:60:c8:68:ff:8d:6c:7f:3d:04:49:81:95:b8:f7:a8:ec:
38:b3:c0:36
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzDtoX445ReC14hmR/UGhdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjA3MmIyZmU4YzVjY2E2ZjdhM2Q3ZDQ4YTI2ZmVhMDZlYWJhMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR/KPJciH0B2ACuqCsvcGBf4ZqDr
2DafWNCyTyKPPTnYcsQM3SYOAxZ0BR2D91r9jXjNm5eaZ5sOB3q5yPGOQBPikXyE
1FncAV5/OU1tkk4V0bWIN4IlcwuFovqgwbTp+6IgZADHVAidcYv7ZfT/q6HWzWYw
bie3WY/HQCnR/YwsyjX/kWehof9A/zPFLbwWC8bL+ag2K09jrJZhgJ7BBomRQCd1
1ZmPGGgyL2UcbIeUc/8cqtIxG3dv1I1bL9D9wYS/4WKsskdYI25uM6kus7O1QFxm
VMDaPDCbYZg8jZ6AWoNywoHDdvzmYM1c8rka3wBf7ndHckeazPTdVtYolwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFI8HKy/oxcym96PX1Iom/qBuq6GJMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvandjckwtakZ6S2IzbzlmVWlpYi1vRzZyb1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCJP+8AwQA
LYZPAwQAV+/+AwQAqxb8AwQAubjkAwQCwaGAAwQCwmhoMA0GCSqGSIb3DQEBCwUA
A4IBAQCaHz+UeMt4uhrVboFRvRTbFmvbRCER7U1aVzBrghX6G9PYSVJNWPpoeY1h
aoRaXymtepUJT1teMpWros756NFLhMsH5aWz5R0s0qgMO3TKrHCLyemBVs8f3OrR
DHBnfr0bLj4/sida6FyMWAuu7popB11MSTxwlo5hNyQn5vS0aTdAkQwQ0vZauDSl
jtg54zumnA00LDjJoixApXkFTqfgFdGlUTtgzGNy0npvLeSMNjkHT3T+N//j8yse
f/ZGwtDhKbNlC87QsJDlNUr6NJWrlPU/FWixouYaTVNfwCxqK4ql9kKF6FXJCuZ/
QmDIaP+NbH89BEmBlbj3qOw4s8A2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org