Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/JvMfbkU9s-OmxnAZ9TjYTLRHJRw.roa
File: JvMfbkU9s-OmxnAZ9TjYTLRHJRw.roa (raw, json)
Hash identifier: WqR3EhJ8xrYlD3rRebLqOY2XU8c6ylFg1gggfCqPexs=
Subject key identifier: 26:F3:1F:6E:45:3D:B3:E3:A6:C6:70:19:F5:38:D8:4C:B4:47:25:1C
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC801FF08F908CB99AAD45CF7B367F8CD
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/JvMfbkU9s-OmxnAZ9TjYTLRHJRw.roa
Signing time: Tue 02 Jan 2024 02:30:23 +0000
ROA not before: Tue 02 Jan 2024 02:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12668
IP address blocks: 90.157.68.0/23 maxlen: 23
188.18.112.0/24 maxlen: 24
188.18.116.0/24 maxlen: 24
188.18.113.0/24 maxlen: 24
94.31.250.0/24 maxlen: 24
92.54.90.0/24 maxlen: 24
188.17.116.0/23 maxlen: 23
94.31.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 08:33:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ff:08:f9:08:cb:99:aa:d4:5c:f7:b3:67:f8:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26f31f6e453db3e3a6c67019f538d84cb447251c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1d:f7:de:41:21:de:e5:69:9b:cf:b0:6b:81:
1b:62:39:b3:74:6e:72:8d:2e:08:b6:94:17:41:4e:
56:55:8d:ff:48:b2:03:ed:93:85:e4:b4:7d:68:ca:
66:17:82:18:af:d4:6f:66:b1:94:52:f4:9b:f7:55:
83:8e:79:21:ab:4c:71:a9:ac:75:09:5e:8d:25:f5:
c0:ba:ce:e6:4b:54:96:6a:fd:da:d8:4a:cc:b7:f6:
f6:d7:e2:15:4a:d4:d7:9f:4a:39:97:3a:7a:31:80:
65:60:60:2b:af:e7:b3:66:33:b8:f3:56:2b:88:0b:
af:eb:ae:54:35:2a:4c:57:7f:1d:97:14:5e:0a:00:
95:6d:f3:b7:cb:50:b9:14:90:a3:89:79:03:00:c5:
5d:40:7f:d0:6b:fd:5c:af:e6:25:d1:76:fa:99:8c:
3a:7f:ed:38:71:ac:69:e6:01:4c:60:4e:6b:96:4e:
cd:a3:d0:0a:a0:72:70:fe:f5:ea:23:3e:9c:91:db:
c1:b0:29:1b:d1:0e:b7:3f:23:a7:4d:2a:73:e2:21:
b7:28:66:a1:5d:8e:3a:59:26:1e:a8:4b:12:4b:a3:
0d:b0:d6:ea:a5:f8:56:61:d6:54:cf:30:97:71:70:
83:90:8e:f2:81:ee:45:d1:72:e7:18:72:f7:50:a5:
8c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:F3:1F:6E:45:3D:B3:E3:A6:C6:70:19:F5:38:D8:4C:B4:47:25:1C
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/JvMfbkU9s-OmxnAZ9TjYTLRHJRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.157.68.0/23
92.54.90.0/24
94.31.195.0/24
94.31.250.0/24
188.17.116.0/23
188.18.112.0/23
188.18.116.0/24
Signature Algorithm: sha256WithRSAEncryption
65:bf:98:71:6d:37:b6:af:d3:4b:1a:db:1e:5a:eb:c6:a1:15:
bc:60:05:2c:1a:a5:da:e6:5a:9b:52:d2:d2:05:6e:a7:fa:ec:
a2:2b:34:11:b1:8b:f7:ed:56:d9:0c:2f:1d:d0:05:d6:65:fe:
c1:30:60:71:1f:f5:af:22:93:f5:99:06:5d:f5:22:85:5a:a0:
ad:58:55:15:9d:1a:d9:f1:9f:51:71:61:6e:1e:cc:54:64:49:
b8:d6:c1:e6:f9:6a:c3:1b:2b:c9:67:1c:aa:e2:57:ee:29:2a:
7a:a2:e7:38:c7:db:b0:cf:92:db:3e:21:d9:ab:ac:fe:95:8f:
d8:a9:b5:6d:02:cb:bf:1a:9e:10:de:ab:cd:c3:d1:93:c3:8c:
ef:ad:de:cd:c4:3a:1c:4f:04:97:8a:1b:e1:27:0b:ad:56:c2:
0e:1c:13:1d:8c:85:3a:59:b7:27:c2:74:39:f6:81:a4:17:5f:
4f:28:c0:39:2a:7b:e7:6d:44:24:82:a6:e2:26:2f:b0:94:c9:
57:92:c2:62:ff:cf:13:1b:82:af:71:2e:57:15:94:25:cc:2c:
cc:ad:0f:7f:8f:21:8a:6e:ba:5b:87:10:5f:ff:9d:61:6b:f1:
12:55:b0:c1:1e:ee:1d:fa:f1:b2:00:77:86:3c:d1:cc:94:c9:
c7:79:af:40
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIAf8I+QjLmarUXPezZ/jNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmYzMWY2ZTQ1M2RiM2UzYTZjNjcwMTlmNTM4ZDg0Y2I0NDcyNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhx333kEh3uVpm8+wa4EbYjmzdG5y
jS4ItpQXQU5WVY3/SLID7ZOF5LR9aMpmF4IYr9RvZrGUUvSb91WDjnkhq0xxqax1
CV6NJfXAus7mS1SWav3a2ErMt/b21+IVStTXn0o5lzp6MYBlYGArr+ezZjO481Yr
iAuv665UNSpMV38dlxReCgCVbfO3y1C5FJCjiXkDAMVdQH/Qa/1cr+Yl0Xb6mYw6
f+04caxp5gFMYE5rlk7No9AKoHJw/vXqIz6ckdvBsCkb0Q63PyOnTSpz4iG3KGah
XY46WSYeqEsSS6MNsNbqpfhWYdZUzzCXcXCDkI7yge5F0XLnGHL3UKWM8QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCbzH25FPbPjpsZwGfU42Ey0RyUcMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvSnZNZmJrVTlzLU9teG5BWjlUallUTFJISlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBWp1EAwQA
XDZaAwQAXh/DAwQAXh/6AwQBvBF0AwQBvBJwAwQAvBJ0MA0GCSqGSIb3DQEBCwUA
A4IBAQBlv5hxbTe2r9NLGtseWuvGoRW8YAUsGqXa5lqbUtLSBW6n+uyiKzQRsYv3
7VbZDC8d0AXWZf7BMGBxH/WvIpP1mQZd9SKFWqCtWFUVnRrZ8Z9RcWFuHsxUZEm4
1sHm+WrDGyvJZxyq4lfuKSp6ouc4x9uwz5LbPiHZq6z+lY/YqbVtAsu/Gp4Q3qvN
w9GTw4zvrd7NxDocTwSXihvhJwutVsIOHBMdjIU6WbcnwnQ59oGkF19PKMA5Knvn
bUQkgqbiJi+wlMlXksJi/88TG4KvcS5XFZQlzCzMrQ9/jyGKbrpbhxBf/51ha/ES
VbDBHu4d+vGyAHeGPNHMlMnHea9A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:24 2024 by rpki-client on console-ams.rpki-client.org