Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/c0e651-85d1-4b32-8fc7-10c750c6e351/1/fKCQbYKUscsY8EEseTRGk9hs-mc.roa
File: fKCQbYKUscsY8EEseTRGk9hs-mc.roa (raw, json)
Hash identifier: QtBbheW1bvqgxy/3ENUYRnEnjuQjqNorElMldVIHqXE=
Subject key identifier: 7C:A0:90:6D:82:94:B1:CB:18:F0:41:2C:79:34:46:93:D8:6C:FA:67
Certificate issuer: /CN=251f4224ffe893e9b837839aa0a68a00380f54c6
Certificate serial: 018572CCB16198035986651BE90F737AAD5D
Authority key identifier: 25:1F:42:24:FF:E8:93:E9:B8:37:83:9A:A0:A6:8A:00:38:0F:54:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JR9CJP_ok-m4N4OaoKaKADgPVMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/c0e651-85d1-4b32-8fc7-10c750c6e351/1/fKCQbYKUscsY8EEseTRGk9hs-mc.roa
Signing time: Mon 02 Jan 2023 14:04:55 +0000
ROA not before: Mon 02 Jan 2023 14:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204779
IP address blocks: 185.185.168.0/22 maxlen: 22
2a0b:5c80::/29 maxlen: 30
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:b1:61:98:03:59:86:65:1b:e9:0f:73:7a:ad:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=251f4224ffe893e9b837839aa0a68a00380f54c6
Validity
Not Before: Jan 2 14:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ca0906d8294b1cb18f0412c79344693d86cfa67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:83:ab:55:8d:77:cf:37:76:f7:fc:d5:c2:6d:
0e:9b:aa:5f:eb:55:77:d5:23:87:40:4e:a9:cc:fd:
43:b7:8e:7b:de:c0:7f:1e:0c:6f:57:69:4d:e8:25:
cb:d5:24:cc:ce:24:1d:9e:f7:d8:97:5d:a8:e3:41:
a4:b9:de:4a:ab:14:c1:bd:00:25:fa:8a:43:83:80:
71:b4:5c:a6:ae:48:65:2d:4d:aa:9a:75:13:d6:f8:
cc:6b:ef:84:56:6e:0d:8d:fb:d7:40:b1:e3:d4:3b:
a0:71:bf:57:97:40:e0:c5:a7:78:14:f2:eb:42:37:
48:79:85:cd:db:96:84:b5:06:f8:b4:78:ff:76:e0:
f4:3f:2d:4d:b0:28:0f:f2:32:73:4b:26:44:cf:d3:
84:37:03:09:0c:7f:34:16:4c:23:de:85:22:69:c4:
fc:08:59:5f:2c:7b:64:fb:03:ad:f6:f4:59:52:f1:
77:50:db:49:6b:c3:7a:00:99:1a:c8:0c:4a:62:c2:
03:4e:ac:35:34:73:db:b8:11:d8:b6:fe:b6:c2:66:
30:a0:4a:eb:a0:ce:42:aa:36:31:4a:83:28:d5:77:
79:9d:42:8d:15:34:89:53:02:59:bf:61:c6:87:4b:
2f:17:70:c7:36:4f:ee:e5:52:6b:53:79:3c:fc:3e:
76:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A0:90:6D:82:94:B1:CB:18:F0:41:2C:79:34:46:93:D8:6C:FA:67
X509v3 Authority Key Identifier:
keyid:25:1F:42:24:FF:E8:93:E9:B8:37:83:9A:A0:A6:8A:00:38:0F:54:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JR9CJP_ok-m4N4OaoKaKADgPVMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/c0e651-85d1-4b32-8fc7-10c750c6e351/1/fKCQbYKUscsY8EEseTRGk9hs-mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/c0e651-85d1-4b32-8fc7-10c750c6e351/1/JR9CJP_ok-m4N4OaoKaKADgPVMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.168.0/22
IPv6:
2a0b:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
2d:43:33:0a:bb:71:c8:fa:3a:a7:b2:1a:55:b1:da:eb:a3:17:
bf:11:78:5b:e8:1c:45:78:dc:78:f0:4a:53:a5:a2:e9:27:cd:
79:2f:bc:2f:54:aa:4f:eb:bf:cf:a2:33:21:75:ab:f2:40:69:
de:49:e4:94:ba:dd:15:73:73:c4:15:a5:d8:d5:f7:a4:1f:68:
53:36:63:5a:72:c2:fe:f5:92:02:a2:5b:32:37:86:72:d0:2d:
0c:24:80:8d:a0:ff:6b:80:bf:10:4e:cc:14:34:69:7b:af:d5:
2b:07:1e:73:fc:c0:9a:51:13:67:c8:a0:de:f3:15:00:d2:c7:
fc:f6:c3:93:3f:8d:3f:d3:c7:79:54:12:20:a5:3d:f7:cd:4d:
7b:28:40:95:ff:67:5a:04:bf:eb:91:fb:a2:84:f6:ee:84:c8:
1e:21:29:44:b7:0d:9d:26:a4:83:a8:99:70:a8:34:51:a1:9f:
9e:8d:1d:82:f6:3b:47:d8:89:40:f4:33:9e:1a:12:3a:c4:77:
85:ac:b1:08:57:8c:61:91:e4:07:96:34:bb:bc:97:3e:44:a4:
b8:bc:30:2e:41:44:7a:7e:88:fe:22:c5:89:a0:f3:d9:a9:af:
72:56:bc:44:4f:29:a6:bc:a3:da:bb:16:d6:1f:cd:3d:26:42:
60:46:85:40
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyzLFhmANZhmUb6Q9zeq1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MWY0MjI0ZmZlODkzZTliODM3ODM5YWEwYTY4YTAwMzgw
ZjU0YzYwHhcNMjMwMTAyMTQwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2EwOTA2ZDgyOTRiMWNiMThmMDQxMmM3OTM0NDY5M2Q4NmNmYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4OrVY13zzd29/zVwm0Om6pf61V3
1SOHQE6pzP1Dt4573sB/HgxvV2lN6CXL1STMziQdnvfYl12o40Gkud5KqxTBvQAl
+opDg4BxtFymrkhlLU2qmnUT1vjMa++EVm4NjfvXQLHj1Dugcb9Xl0Dgxad4FPLr
QjdIeYXN25aEtQb4tHj/duD0Py1NsCgP8jJzSyZEz9OENwMJDH80Fkwj3oUiacT8
CFlfLHtk+wOt9vRZUvF3UNtJa8N6AJkayAxKYsIDTqw1NHPbuBHYtv62wmYwoErr
oM5CqjYxSoMo1Xd5nUKNFTSJUwJZv2HGh0svF3DHNk/u5VJrU3k8/D52CQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHygkG2ClLHLGPBBLHk0RpPYbPpnMB8GA1UdIwQY
MBaAFCUfQiT/6JPpuDeDmqCmigA4D1TGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlI5Q0pQX29rLW00TjRPYW9LYUtBRGdQVk1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jMGU2NTEtODVkMS00YjMyLThmYzct
MTBjNzUwYzZlMzUxLzEvZktDUWJZS1VzY3NZOEVFc2VUUkdrOWhzLW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9jMGU2NTEtODVkMS00YjMyLThmYzctMTBjNzUwYzZlMzUx
LzEvSlI5Q0pQX29rLW00TjRPYW9LYUtBRGdQVk1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubmoMA0E
AgACMAcDBQMqC1yAMA0GCSqGSIb3DQEBCwUAA4IBAQAtQzMKu3HI+jqnshpVsdrr
oxe/EXhb6BxFeNx48EpTpaLpJ815L7wvVKpP67/PojMhdavyQGneSeSUut0Vc3PE
FaXY1fekH2hTNmNacsL+9ZIColsyN4Zy0C0MJICNoP9rgL8QTswUNGl7r9UrBx5z
/MCaURNnyKDe8xUA0sf89sOTP40/08d5VBIgpT33zU17KECV/2daBL/rkfuihPbu
hMgeISlEtw2dJqSDqJlwqDRRoZ+ejR2C9jtH2IlA9DOeGhI6xHeFrLEIV4xhkeQH
ljS7vJc+RKS4vDAuQUR6foj+IsWJoPPZqa9yVrxETymmvKPauxbWH809JkJgRoVA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:24 2024 by rpki-client on console-fra.rpki-client.org