Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JHH_ydHg4eTkMC741xbG_vboCIU.roa
File: JHH_ydHg4eTkMC741xbG_vboCIU.roa (raw, json)
Hash identifier: UYt42K2cboEhvDwiqvKYTds+d5ocvtUHC7D0/PzI8BI=
Subject key identifier: 24:71:FF:C9:D1:E0:E1:E4:E4:30:2E:F8:D7:16:C6:FE:F6:E8:08:85
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01895440126281D23D5F9F3B90EE89A76FA6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JHH_ydHg4eTkMC741xbG_vboCIU.roa
Signing time: Fri 14 Jul 2023 11:53:52 +0000
ROA not before: Fri 14 Jul 2023 11:53:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 195.133.82.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:40:12:62:81:d2:3d:5f:9f:3b:90:ee:89:a7:6f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 14 11:53:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2471ffc9d1e0e1e4e4302ef8d716c6fef6e80885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:81:2a:e1:e2:53:0f:b3:37:fd:06:42:9a:43:
72:3a:d6:d3:dc:f4:cc:7e:dd:9d:d4:27:62:eb:ae:
3a:16:fc:e8:0d:95:78:f1:8a:84:b3:93:23:f8:7a:
2f:41:ba:15:bd:36:28:43:b9:53:78:28:d5:dc:a3:
93:e6:90:8f:49:1b:a6:45:18:17:5b:2a:99:39:93:
06:a5:af:e2:49:95:81:77:cf:49:25:7c:9e:8e:07:
e2:ff:dd:e3:eb:80:2a:d4:45:05:9d:de:9c:d4:2f:
0e:07:4b:c3:5c:0e:b4:2d:f2:13:ed:27:c1:a8:50:
23:9f:91:69:2a:87:f4:44:65:7a:25:f9:bb:bf:50:
0d:63:57:1b:94:1b:6e:7f:90:bd:cb:85:3e:c1:da:
4a:99:fa:43:2c:d4:45:87:69:a1:97:f4:1e:e4:d0:
19:3e:5d:1d:2b:9b:10:98:7c:38:5f:38:5a:74:72:
b2:6f:a3:67:0e:0f:a9:b0:9a:f6:ac:01:9d:9b:6e:
6d:54:f3:54:f0:cf:73:cb:a2:9c:f5:4c:df:61:0a:
68:fd:e2:98:77:d9:99:d7:04:c2:72:6d:5d:ee:cf:
13:3a:70:c5:f7:6a:8f:22:35:87:40:0e:00:e9:34:
b4:fb:aa:f8:13:aa:fc:68:3a:f8:41:c8:a9:3e:1b:
00:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:71:FF:C9:D1:E0:E1:E4:E4:30:2E:F8:D7:16:C6:FE:F6:E8:08:85
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JHH_ydHg4eTkMC741xbG_vboCIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
194.58.58.0/24
194.87.165.0/24
195.133.82.0/24
Signature Algorithm: sha256WithRSAEncryption
05:8d:7f:b8:fd:bf:c1:8f:71:be:87:7c:09:17:b9:52:70:7d:
b2:2c:2f:d4:a1:a6:a1:49:7d:22:fd:85:ed:03:0f:2c:31:e9:
59:88:73:c6:6c:7f:f8:6f:51:3d:aa:86:fc:39:63:46:b8:99:
cb:59:d9:22:f5:df:75:8d:5c:9a:65:1c:b7:8b:af:72:6d:9d:
0f:df:68:ef:e6:c4:b8:f4:88:8f:dc:e1:dc:0a:13:07:9c:0c:
d2:b6:1b:97:ca:36:55:9a:a7:8b:9c:06:0e:8d:d9:0d:0a:54:
f4:c4:ef:1c:13:98:40:a8:a0:4d:4b:79:13:77:50:89:0b:ed:
53:48:9b:98:04:0a:91:12:62:21:65:d3:b0:ad:8c:21:9c:3b:
d3:1a:4a:c7:ad:00:7f:d4:a6:f7:54:a3:8f:e0:bf:4a:af:df:
31:e7:c0:69:80:79:45:cd:96:0a:6b:74:f1:02:47:54:a6:56:
af:e4:2a:2e:4d:67:bf:5e:31:b9:f0:1b:2b:35:cb:80:7a:86:
be:bb:36:11:b8:2f:b2:ff:ba:bb:35:30:f0:2f:92:d2:80:c6:
e2:a9:5a:2e:a5:cf:3b:98:1e:cd:b6:b9:d4:14:91:fc:0a:20:
05:6d:40:ee:fa:c9:40:9e:d6:5b:28:b7:df:19:e9:bc:d1:39:
58:63:0a:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlUQBJigdI9X587kO6Jp2+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzE0MTE1MzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDcxZmZjOWQxZTBlMWU0ZTQzMDJlZjhkNzE2YzZmZWY2ZTgwODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYEq4eJTD7M3/QZCmkNyOtbT3PTM
ft2d1Cdi6646FvzoDZV48YqEs5Mj+HovQboVvTYoQ7lTeCjV3KOT5pCPSRumRRgX
WyqZOZMGpa/iSZWBd89JJXyejgfi/93j64Aq1EUFnd6c1C8OB0vDXA60LfIT7SfB
qFAjn5FpKof0RGV6Jfm7v1ANY1cblBtuf5C9y4U+wdpKmfpDLNRFh2mhl/Qe5NAZ
Pl0dK5sQmHw4XzhadHKyb6NnDg+psJr2rAGdm25tVPNU8M9zy6Kc9UzfYQpo/eKY
d9mZ1wTCcm1d7s8TOnDF92qPIjWHQA4A6TS0+6r4E6r8aDr4QcipPhsAMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCRx/8nR4OHk5DAu+NcWxv726AiFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSkhIX3lkSGc0ZVRrTUM3NDF4YkdfdmJvQ0lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwHy3AwQA
wjo6AwQAwlelAwQAw4VSMA0GCSqGSIb3DQEBCwUAA4IBAQAFjX+4/b/Bj3G+h3wJ
F7lScH2yLC/UoaahSX0i/YXtAw8sMelZiHPGbH/4b1E9qob8OWNGuJnLWdki9d91
jVyaZRy3i69ybZ0P32jv5sS49IiP3OHcChMHnAzSthuXyjZVmqeLnAYOjdkNClT0
xO8cE5hAqKBNS3kTd1CJC+1TSJuYBAqREmIhZdOwrYwhnDvTGkrHrQB/1Kb3VKOP
4L9Kr98x58BpgHlFzZYKa3TxAkdUplav5CouTWe/XjG58BsrNcuAeoa+uzYRuC+y
/7q7NTDwL5LSgMbiqVoupc87mB7NtrnUFJH8CiAFbUDu+slAntZbKLffGem80TlY
YwoT
-----END CERTIFICATE-----
Generated at Thu Jul 27 20:01:58 2023 by rpki-client on console-ams.rpki-client.org