Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/jnkmHrIlbipQK0T0YAgPfglC5Qg.roa
File: jnkmHrIlbipQK0T0YAgPfglC5Qg.roa (raw, json)
Hash identifier: tSz6yHhkRuLr0HAA2g84dAJKq0qe6tI7FuBlhKwvjKU=
Subject key identifier: 8E:79:26:1E:B2:25:6E:2A:50:2B:44:F4:60:08:0F:7E:09:42:E5:08
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E5FC7AF3373ABD30B57024C9EF25121CB
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/jnkmHrIlbipQK0T0YAgPfglC5Qg.roa
Signing time: Thu 21 Mar 2024 06:51:45 +0000
ROA not before: Thu 21 Mar 2024 06:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8568
IP address blocks: 195.166.160.0/20 maxlen: 20
195.166.160.0/24 maxlen: 24
195.166.163.0/24 maxlen: 24
195.166.176.0/21 maxlen: 21
195.166.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 12:35:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5f:c7:af:33:73:ab:d3:0b:57:02:4c:9e:f2:51:21:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 21 06:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e79261eb2256e2a502b44f460080f7e0942e508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e6:e9:33:a7:60:20:05:f9:bd:18:c5:11:9d:
59:37:62:b2:48:08:ab:48:a4:b4:54:72:32:2b:fc:
bd:6e:14:82:04:81:bb:e5:f6:91:a4:18:92:4e:c2:
b9:95:ba:78:2c:1e:4b:a1:07:0f:f4:15:91:13:c6:
f3:d1:84:eb:0f:21:e1:0d:c5:2b:be:c0:44:79:5e:
2b:47:33:f3:c4:46:dc:46:83:f7:cd:a8:fe:de:a2:
76:d8:fa:8c:49:df:12:a3:8e:2f:b6:36:00:16:27:
ab:9b:d1:2d:3b:49:69:c6:77:db:1a:cd:64:6c:98:
e2:59:1f:1a:e1:9d:d7:b9:4e:b7:27:da:41:89:a6:
6f:13:eb:23:7a:64:bf:51:4c:05:07:ca:68:be:c8:
d3:41:da:43:2f:65:e5:18:19:39:6f:f6:5a:f8:c4:
e8:1a:ff:f0:98:b5:09:64:50:3f:65:18:f6:52:b3:
15:d1:e9:1e:1e:22:ac:ee:36:ce:8c:72:3e:a6:15:
6e:05:16:e1:7e:6c:4a:fe:dc:89:60:4d:06:2a:93:
99:47:99:5b:2a:66:76:c4:c9:72:02:34:17:c3:46:
ed:9d:1b:88:e9:d1:ef:89:06:3f:a2:ad:17:e6:21:
24:be:8c:80:85:43:3d:2b:bc:83:31:1a:04:a2:5f:
7b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:79:26:1E:B2:25:6E:2A:50:2B:44:F4:60:08:0F:7E:09:42:E5:08
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/jnkmHrIlbipQK0T0YAgPfglC5Qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.166.160.0-195.166.183.255
Signature Algorithm: sha256WithRSAEncryption
79:4c:23:8c:2f:32:a6:a9:6c:d3:a6:cd:ac:2a:0f:99:66:2a:
2a:b1:36:76:be:fe:fe:a3:1e:28:86:4d:8b:f7:13:ba:3f:8c:
02:7e:d1:af:77:47:44:8f:63:be:94:e8:95:2e:b4:e2:8d:4b:
32:19:07:3d:3b:e1:c7:af:e6:80:f4:85:07:ae:4c:b1:a9:39:
ee:60:2b:3b:31:a1:6b:7e:b9:ee:3a:cc:2d:19:86:6c:85:73:
81:22:f8:82:03:0b:59:76:08:2b:f2:0d:6e:b8:73:f1:7d:b0:
6e:f8:f0:3f:f2:39:61:3e:f3:37:f2:c6:d1:a7:8a:2d:f7:6a:
ee:3a:9c:3f:39:22:ca:67:18:cf:a3:8e:d2:44:90:03:f4:38:
d4:dc:9d:d1:ae:44:ba:0f:f7:01:3b:55:5a:65:d3:22:77:6b:
13:6c:20:ee:40:94:4c:fa:fa:e3:34:5f:b7:9b:51:04:7e:11:
0f:64:80:17:58:f8:95:53:01:15:35:99:8f:53:31:5b:a2:6e:
e1:ed:6f:08:bb:bd:dc:78:7b:7a:b6:1d:ab:63:c1:bd:01:00:
1f:79:9a:d5:64:db:c3:59:7a:60:ce:52:2f:dd:e6:c6:e8:8e:
54:fd:f3:7a:3a:59:3f:5d:9b:81:52:f2:6b:08:cd:8d:d8:69:
d8:f5:4d:8f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5fx68zc6vTC1cCTJ7yUSHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzIxMDY1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTc5MjYxZWIyMjU2ZTJhNTAyYjQ0ZjQ2MDA4MGY3ZTA5NDJlNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtObpM6dgIAX5vRjFEZ1ZN2KySAir
SKS0VHIyK/y9bhSCBIG75faRpBiSTsK5lbp4LB5LoQcP9BWRE8bz0YTrDyHhDcUr
vsBEeV4rRzPzxEbcRoP3zaj+3qJ22PqMSd8So44vtjYAFierm9EtO0lpxnfbGs1k
bJjiWR8a4Z3XuU63J9pBiaZvE+sjemS/UUwFB8povsjTQdpDL2XlGBk5b/Za+MTo
Gv/wmLUJZFA/ZRj2UrMV0ekeHiKs7jbOjHI+phVuBRbhfmxK/tyJYE0GKpOZR5lb
KmZ2xMlyAjQXw0btnRuI6dHviQY/oq0X5iEkvoyAhUM9K7yDMRoEol97IQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFI55Jh6yJW4qUCtE9GAID34JQuUIMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvam5rbUhySWxiaXBRSzBUMFlBZ1BmZ2xDNVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXDpqAD
BAPDprAwDQYJKoZIhvcNAQELBQADggEBAHlMI4wvMqapbNOmzawqD5lmKiqxNna+
/v6jHiiGTYv3E7o/jAJ+0a93R0SPY76U6JUutOKNSzIZBz074cev5oD0hQeuTLGp
Oe5gKzsxoWt+ue46zC0ZhmyFc4Ei+IIDC1l2CCvyDW64c/F9sG748D/yOWE+8zfy
xtGnii33au46nD85IspnGM+jjtJEkAP0ONTcndGuRLoP9wE7VVpl0yJ3axNsIO5A
lEz6+uM0X7ebUQR+EQ9kgBdY+JVTARU1mY9TMVuibuHtbwi7vdx4e3q2Hatjwb0B
AB95mtVk28NZemDOUi/d5sbojlT983o6WT9dm4FS8msIzY3Yadj1TY8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:26 2024 by rpki-client on console-ams.rpki-client.org