Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/jLIqeP7Vn19oeYShPgvuARGQqTU.roa
File: jLIqeP7Vn19oeYShPgvuARGQqTU.roa (raw, json)
Hash identifier: 5xgM0mMstO3xmWErVQ62c15Kg1khibCC01gcyeu1dNE=
Subject key identifier: 8C:B2:2A:78:FE:D5:9F:5F:68:79:84:A1:3E:0B:EE:01:11:90:A9:35
Certificate issuer: /CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462
Certificate serial: 0185BB5498B7A0C1963A77E33D83D452E500
Authority key identifier: 42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/jLIqeP7Vn19oeYShPgvuARGQqTU.roa
Signing time: Mon 16 Jan 2023 16:06:01 +0000
ROA not before: Mon 16 Jan 2023 16:06:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 150.252.224.0/20 maxlen: 24
77.239.128.0/19 maxlen: 24
95.142.176.0/20 maxlen: 24
178.236.160.0/20 maxlen: 24
81.21.16.0/20 maxlen: 24
185.25.72.0/22 maxlen: 24
82.134.192.0/18 maxlen: 18
185.3.108.0/22 maxlen: 24
82.113.192.0/19 maxlen: 24
217.61.160.0/20 maxlen: 24
176.57.112.0/20 maxlen: 24
82.97.224.0/20 maxlen: 24
45.33.224.0/20 maxlen: 24
37.148.224.0/21 maxlen: 24
80.210.96.0/19 maxlen: 24
82.180.32.0/19 maxlen: 24
5.8.96.0/19 maxlen: 24
83.217.176.0/20 maxlen: 20
5.63.168.0/21 maxlen: 24
2a00:7ca0::/32 maxlen: 32
2a02:1630::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bb:54:98:b7:a0:c1:96:3a:77:e3:3d:83:d4:52:e5:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462
Validity
Not Before: Jan 16 16:06:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cb22a78fed59f5f687984a13e0bee011190a935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:09:e5:1c:47:7e:70:4f:24:da:da:a7:b5:85:
20:15:a4:cd:5a:da:3a:04:10:ff:d2:3b:9e:ad:7c:
25:9a:25:33:b0:82:ac:ce:03:21:a6:2b:9b:85:7c:
32:fa:be:de:74:41:ca:c3:19:1a:df:54:66:35:2e:
8f:7a:ff:4d:c5:36:1d:cf:16:8e:51:e8:d3:23:57:
bd:09:1c:db:05:5d:22:17:3b:b7:d9:1f:a5:d1:73:
fe:13:c7:dc:68:66:d3:4c:a2:07:d9:ca:89:dd:8b:
e0:51:cf:0d:c5:16:2a:2b:4f:e5:fd:3c:c0:7f:19:
e7:43:4c:df:db:ca:8e:db:63:c5:31:bd:f9:d0:b9:
26:05:89:cf:4b:6a:2b:a7:53:4d:8d:0c:2c:4c:ce:
a9:93:1d:15:f7:94:14:4d:a6:8c:88:99:13:eb:47:
61:b5:f7:56:13:f5:eb:3d:0d:e9:1b:34:92:9b:d4:
6e:69:b8:48:70:c1:93:11:76:02:f9:ee:56:b2:c9:
43:d0:c9:92:54:9a:22:c9:88:84:36:86:47:65:df:
64:b6:0a:5e:89:1f:5d:69:bc:52:83:bb:50:8d:91:
29:f8:fd:77:9a:0e:e2:a6:a7:38:9b:87:a1:cc:a1:
81:cc:a7:1c:20:2d:75:e2:32:d2:eb:7f:78:47:c1:
31:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B2:2A:78:FE:D5:9F:5F:68:79:84:A1:3E:0B:EE:01:11:90:A9:35
X509v3 Authority Key Identifier:
keyid:42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/jLIqeP7Vn19oeYShPgvuARGQqTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.96.0/19
5.63.168.0/21
37.148.224.0/21
45.33.224.0/20
77.239.128.0/19
80.210.96.0/19
81.21.16.0/20
82.97.224.0/20
82.113.192.0/19
82.134.192.0/18
82.180.32.0/19
83.217.176.0/20
95.142.176.0/20
150.252.224.0/20
176.57.112.0/20
178.236.160.0/20
185.3.108.0/22
185.25.72.0/22
217.61.160.0/20
IPv6:
2a00:7ca0::/32
2a02:1630::/32
Signature Algorithm: sha256WithRSAEncryption
14:62:09:ba:15:7d:ea:01:3c:83:73:15:7c:e4:c2:ac:a5:e8:
a7:73:68:01:a5:73:44:6e:9e:f2:76:c5:66:bd:be:9c:b6:ce:
69:c3:9c:f3:ed:ea:c2:4d:b0:55:c8:b2:2d:19:8d:f2:0c:06:
3f:ea:58:09:be:8e:f2:45:10:33:1b:c5:c0:34:56:cb:cb:d1:
fe:8c:34:62:98:a3:cb:91:cb:c3:f2:d3:e5:fa:4b:7d:0d:d1:
b0:01:2c:78:b6:d0:86:75:bf:26:67:a4:c7:a5:f8:2c:e8:88:
7c:5a:22:10:e7:4b:07:1b:33:6e:c5:7a:93:34:36:b2:71:ee:
3a:87:db:6c:23:5b:2c:5a:7a:9f:70:f5:b1:8e:d7:e9:84:03:
28:f1:84:29:2d:04:d4:c3:99:2b:16:43:41:c7:cb:ff:25:11:
93:d5:b2:d4:e5:d8:6b:55:82:01:af:ab:96:77:cc:30:d4:c9:
cc:30:6e:ad:07:ba:07:fc:57:ae:2c:09:bb:16:c6:e1:66:3a:
7c:66:33:d6:5d:03:0e:02:81:87:7a:39:c2:46:10:72:2c:b7:
e9:c1:4c:86:c8:b8:cd:f7:4e:54:6c:74:71:39:71:cb:9a:15:
87:b9:36:13:56:9a:93:84:78:8a:f2:87:7f:e0:e6:75:bb:19:
35:77:f6:69
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYW7VJi3oMGWOnfjPYPUUuUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2RlMzY1ZDdkMmI1ODUwNmU0ZDRhYmYwYzJlZjdjZDVl
M2I0NjIwHhcNMjMwMTE2MTYwNjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2IyMmE3OGZlZDU5ZjVmNjg3OTg0YTEzZTBiZWUwMTExOTBhOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAnlHEd+cE8k2tqntYUgFaTNWto6
BBD/0juerXwlmiUzsIKszgMhpiubhXwy+r7edEHKwxka31RmNS6Pev9NxTYdzxaO
UejTI1e9CRzbBV0iFzu32R+l0XP+E8fcaGbTTKIH2cqJ3YvgUc8NxRYqK0/l/TzA
fxnnQ0zf28qO22PFMb350LkmBYnPS2orp1NNjQwsTM6pkx0V95QUTaaMiJkT60dh
tfdWE/XrPQ3pGzSSm9RuabhIcMGTEXYC+e5WsslD0MmSVJoiyYiENoZHZd9ktgpe
iR9dabxSg7tQjZEp+P13mg7ipqc4m4ehzKGBzKccIC114jLS6394R8ExrwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFIyyKnj+1Z9faHmEoT4L7gERkKk1MB8GA1UdIwQY
MBaAFELN42XX0rWFBuTUq/DC73zV47RiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXMzalpkZlN0WVVHNU5TcjhNTHZmTlhqdEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81NDAxOGMtMDFlOC00MTdmLTg1NmEt
MDJlMWJkNjA1MGU1LzEvakxJcWVQN1ZuMTlvZVlTaFBndnVBUkdRcVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81NDAxOGMtMDFlOC00MTdmLTg1NmEtMDJlMWJkNjA1MGU1
LzEvUXMzalpkZlN0WVVHNU5TcjhNTHZmTlhqdEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB4BAIAATByAwQFBQhg
AwQDBT+oAwQDJZTgAwQELSHgAwQFTe+AAwQFUNJgAwQEURUQAwQEUmHgAwQFUnHA
AwQGUobAAwQFUrQgAwQEU9mwAwQEX46wAwQElvzgAwQEsDlwAwQEsuygAwQCuQNs
AwQCuRlIAwQE2T2gMBQEAgACMA4DBQAqAHygAwUAKgIWMDANBgkqhkiG9w0BAQsF
AAOCAQEAFGIJuhV96gE8g3MVfOTCrKXop3NoAaVzRG6e8nbFZr2+nLbOacOc8+3q
wk2wVciyLRmN8gwGP+pYCb6O8kUQMxvFwDRWy8vR/ow0Ypijy5HLw/LT5fpLfQ3R
sAEseLbQhnW/Jmekx6X4LOiIfFoiEOdLBxszbsV6kzQ2snHuOofbbCNbLFp6n3D1
sY7X6YQDKPGEKS0E1MOZKxZDQcfL/yURk9Wy1OXYa1WCAa+rlnfMMNTJzDBurQe6
B/xXriwJuxbG4WY6fGYz1l0DDgKBh3o5wkYQciy36cFMhsi4zfdOVGx0cTlxy5oV
h7k2E1aak4R4ivKHf+DmdbsZNXf2aQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:46 2023 by rpki-client on console-ams.rpki-client.org