Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2c34e9-7559-41a6-9cac-3e6b751a55f4/1/JSr7b3FaGkogfjqd1Q2JgOW0_RE.roa
File: JSr7b3FaGkogfjqd1Q2JgOW0_RE.roa (raw, json)
Hash identifier: tkg5mJaQBEercIOxfBh1BRQkHrsQCP+OLC975fSbo3Q=
Subject key identifier: 25:2A:FB:6F:71:5A:1A:4A:20:7E:3A:9D:D5:0D:89:80:E5:B4:FD:11
Certificate issuer: /CN=22e48e161e4905923f6d4aa2ae0a21530f2de20b
Certificate serial: 01857142E70F2955B54BFF1265BE98C40B28
Authority key identifier: 22:E4:8E:16:1E:49:05:92:3F:6D:4A:A2:AE:0A:21:53:0F:2D:E2:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IuSOFh5JBZI_bUqirgohUw8t4gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2c34e9-7559-41a6-9cac-3e6b751a55f4/1/JSr7b3FaGkogfjqd1Q2JgOW0_RE.roa
Signing time: Mon 02 Jan 2023 06:54:47 +0000
ROA not before: Mon 02 Jan 2023 06:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61244
IP address blocks: 185.14.12.0/22 maxlen: 22
2a02:f880::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:e7:0f:29:55:b5:4b:ff:12:65:be:98:c4:0b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22e48e161e4905923f6d4aa2ae0a21530f2de20b
Validity
Not Before: Jan 2 06:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=252afb6f715a1a4a207e3a9dd50d8980e5b4fd11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7f:f1:59:38:45:c1:e8:22:dc:04:bd:ed:ee:
f8:2a:25:5b:49:8d:c8:1f:93:89:8c:ee:c8:b9:f8:
bf:d2:bb:e4:c9:dc:86:ba:1b:b0:e2:98:e0:fc:c1:
fc:ca:88:f9:78:34:a3:68:4b:4a:68:f5:af:96:cf:
40:ce:36:32:fa:e3:9d:43:c3:ea:1e:1b:e4:ef:ef:
97:b9:44:a5:83:e1:d7:5d:00:ae:91:9a:c1:2e:b3:
c2:bf:52:ce:77:b2:58:bb:80:b4:f5:97:7d:2b:ff:
2b:36:d4:c6:8b:84:da:c9:8f:53:b2:98:54:43:b6:
e8:88:73:01:c9:a9:0d:6c:4e:e5:70:81:ae:91:49:
32:a0:48:1d:c9:1d:6e:b8:0e:1c:39:0e:53:f0:d5:
ad:8a:31:e5:c4:b0:c6:f9:ad:22:51:cd:30:76:98:
ca:81:93:bb:d5:6e:22:22:c7:35:c3:d5:78:21:d9:
58:d9:48:c3:ac:fd:94:cb:0b:de:66:cd:c6:bf:3e:
7c:2f:2e:b1:d2:8b:79:55:2f:93:70:dd:ef:d3:de:
e1:ae:e4:ae:4a:c7:c0:42:1f:71:6f:b1:15:f4:94:
c6:76:e6:52:34:63:f6:56:9a:ba:3f:c2:05:62:9e:
d0:a0:6a:c4:3b:1e:ef:2f:2e:f4:f6:3f:5d:b9:4b:
35:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2A:FB:6F:71:5A:1A:4A:20:7E:3A:9D:D5:0D:89:80:E5:B4:FD:11
X509v3 Authority Key Identifier:
keyid:22:E4:8E:16:1E:49:05:92:3F:6D:4A:A2:AE:0A:21:53:0F:2D:E2:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IuSOFh5JBZI_bUqirgohUw8t4gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c34e9-7559-41a6-9cac-3e6b751a55f4/1/JSr7b3FaGkogfjqd1Q2JgOW0_RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c34e9-7559-41a6-9cac-3e6b751a55f4/1/IuSOFh5JBZI_bUqirgohUw8t4gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.12.0/22
IPv6:
2a02:f880::/29
Signature Algorithm: sha256WithRSAEncryption
06:23:fd:bf:3b:16:b4:3a:7c:bd:8f:13:07:70:92:f0:1d:81:
ac:ec:e5:07:21:66:6d:02:4e:21:39:40:e3:d6:37:88:e7:ba:
24:28:1d:f0:e2:a2:eb:47:66:f0:ad:e8:38:85:db:54:57:e6:
d2:64:96:5e:f3:c2:1e:c3:fb:55:44:1d:5e:c4:d5:74:ac:e3:
cb:77:e8:3c:3b:8c:e2:29:37:ae:bd:6c:38:4c:ce:50:f8:99:
c7:19:80:9b:06:07:aa:df:36:39:cf:4a:57:4e:4a:ef:b3:56:
5e:a2:90:69:ec:5d:b6:08:79:0f:c5:a4:b9:58:8d:e5:c0:a4:
4b:1c:07:09:6a:59:83:eb:74:7c:d9:39:bf:67:ea:bb:39:50:
7b:49:b7:f0:8a:be:5e:dc:db:75:37:a2:e5:af:08:b2:8d:a4:
87:ed:ee:ed:4e:ac:9d:54:82:39:ff:c3:5b:d3:5b:58:a5:33:
de:f7:04:1e:24:73:ce:5e:6b:81:ee:18:44:e9:29:f7:9a:ae:
00:0e:07:02:c2:eb:e4:4b:e9:4b:36:97:4e:04:2f:c3:28:eb:
8f:b6:f3:9c:22:60:5b:8c:59:08:e3:25:79:f6:71:e7:74:5c:
92:d6:ab:2c:2d:5f:23:a5:fa:ab:1a:6a:cc:fb:14:00:20:75:
9f:31:16:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxQucPKVW1S/8SZb6YxAsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZTQ4ZTE2MWU0OTA1OTIzZjZkNGFhMmFlMGEyMTUzMGYy
ZGUyMGIwHhcNMjMwMTAyMDY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTJhZmI2ZjcxNWExYTRhMjA3ZTNhOWRkNTBkODk4MGU1YjRmZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX/xWThFwegi3AS97e74KiVbSY3I
H5OJjO7Iufi/0rvkydyGuhuw4pjg/MH8yoj5eDSjaEtKaPWvls9AzjYy+uOdQ8Pq
Hhvk7++XuUSlg+HXXQCukZrBLrPCv1LOd7JYu4C09Zd9K/8rNtTGi4TayY9TsphU
Q7boiHMByakNbE7lcIGukUkyoEgdyR1uuA4cOQ5T8NWtijHlxLDG+a0iUc0wdpjK
gZO71W4iIsc1w9V4IdlY2UjDrP2UywveZs3Gvz58Ly6x0ot5VS+TcN3v097hruSu
SsfAQh9xb7EV9JTGduZSNGP2Vpq6P8IFYp7QoGrEOx7vLy709j9duUs1+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCUq+29xWhpKIH46ndUNiYDltP0RMB8GA1UdIwQY
MBaAFCLkjhYeSQWSP21Koq4KIVMPLeILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVTT0ZoNUpCWklfYlVxaXJnb2hVdzh0NGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yYzM0ZTktNzU1OS00MWE2LTljYWMt
M2U2Yjc1MWE1NWY0LzEvSlNyN2IzRmFHa29nZmpxZDFRMkpnT1cwX1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yYzM0ZTktNzU1OS00MWE2LTljYWMtM2U2Yjc1MWE1NWY0
LzEvSXVTT0ZoNUpCWklfYlVxaXJnb2hVdzh0NGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ4MMA0E
AgACMAcDBQMqAviAMA0GCSqGSIb3DQEBCwUAA4IBAQAGI/2/Oxa0Ony9jxMHcJLw
HYGs7OUHIWZtAk4hOUDj1jeI57okKB3w4qLrR2bwreg4hdtUV+bSZJZe88Iew/tV
RB1exNV0rOPLd+g8O4ziKTeuvWw4TM5Q+JnHGYCbBgeq3zY5z0pXTkrvs1ZeopBp
7F22CHkPxaS5WI3lwKRLHAcJalmD63R82Tm/Z+q7OVB7Sbfwir5e3Nt1N6Llrwiy
jaSH7e7tTqydVII5/8Nb01tYpTPe9wQeJHPOXmuB7hhE6Sn3mq4ADgcCwuvkS+lL
NpdOBC/DKOuPtvOcImBbjFkI4yV59nHndFyS1qssLV8jpfqrGmrM+xQAIHWfMRYD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:02 2024 by rpki-client on console-fra.rpki-client.org