Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/jFX_tti1HU_oz0IHJ_i0rMa2rls.roa
File: jFX_tti1HU_oz0IHJ_i0rMa2rls.roa (raw, json)
Hash identifier: p0FjZV3QRciue6J6WPp8bMyOMcdDo2WKSRKFQJyb1E8=
Subject key identifier: 8C:55:FF:B6:D8:B5:1D:4F:E8:CF:42:07:27:F8:B4:AC:C6:B6:AE:5B
Certificate issuer: /CN=d038c338b128f83adec2f69d93c32c5353ca0398
Certificate serial: 018C4471FCBBDB8205E52FABCD9F18B32DEE
Authority key identifier: D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/jFX_tti1HU_oz0IHJ_i0rMa2rls.roa
Signing time: Thu 07 Dec 2023 13:22:50 +0000
ROA not before: Thu 07 Dec 2023 13:22:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 559
IP address blocks: 192.41.132.0/22 maxlen: 22
130.60.0.0/16 maxlen: 16
192.41.136.0/24 maxlen: 24
185.207.116.0/24 maxlen: 24
185.207.118.0/23 maxlen: 24
185.207.117.0/24 maxlen: 24
192.12.247.0/24 maxlen: 24
89.206.64.0/18 maxlen: 18
2001:67c:16dc::/48 maxlen: 48
2a0b:2040::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:71:fc:bb:db:82:05:e5:2f:ab:cd:9f:18:b3:2d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d038c338b128f83adec2f69d93c32c5353ca0398
Validity
Not Before: Dec 7 13:22:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c55ffb6d8b51d4fe8cf420727f8b4acc6b6ae5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5e:73:5d:08:cc:12:d7:e8:cf:13:aa:78:6a:
5d:68:c9:5f:5a:74:1c:bb:8a:04:b6:0a:03:69:c9:
a4:03:fe:a5:fe:fc:8d:4f:57:6f:40:b7:ef:08:b4:
dd:30:62:b4:a7:6a:fb:de:b4:7f:9d:c6:54:44:9d:
b7:53:00:bb:a5:00:e4:5c:13:fd:4f:b0:38:17:cb:
9b:d2:bd:99:9e:2e:16:4e:8d:26:18:d2:d7:aa:5f:
4d:3c:2f:4b:d2:14:9e:96:a7:b6:97:fb:ca:9e:71:
db:28:2e:b2:25:bc:ef:1a:d7:18:60:19:fb:ed:20:
b8:1d:2d:d9:75:87:4a:76:55:32:cf:10:96:78:b7:
99:63:e4:6f:31:9f:a9:11:aa:a7:d8:b3:d2:6a:99:
d6:35:72:7d:b8:86:59:e7:54:0e:4b:47:8e:3f:3a:
9e:5f:56:f4:37:bd:d1:2e:50:d7:bd:d1:cb:13:e2:
a9:1c:be:71:09:20:b5:e1:b1:01:f2:6f:b3:7f:cd:
fc:32:61:0b:fa:ed:2f:04:fd:ab:82:60:3a:37:bd:
3a:39:07:20:0b:29:64:6c:99:70:76:b3:97:f4:64:
00:45:9a:d3:69:a1:da:a4:af:7d:a3:6b:de:e4:c0:
3d:e9:17:a8:d3:cd:cd:a6:8c:8e:27:cc:53:08:fd:
68:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:55:FF:B6:D8:B5:1D:4F:E8:CF:42:07:27:F8:B4:AC:C6:B6:AE:5B
X509v3 Authority Key Identifier:
keyid:D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/jFX_tti1HU_oz0IHJ_i0rMa2rls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.206.64.0/18
130.60.0.0/16
185.207.116.0/22
192.12.247.0/24
192.41.132.0-192.41.136.255
IPv6:
2001:67c:16dc::/48
2a0b:2040::/29
Signature Algorithm: sha256WithRSAEncryption
be:d8:c0:d2:98:99:4d:dd:d4:22:02:10:7f:4a:e8:f8:85:d3:
39:82:d3:fd:00:59:b2:a8:de:8d:f3:08:1a:e9:f4:3c:e6:fc:
50:b6:24:84:0f:06:17:85:1d:4c:16:5a:d1:a9:7a:a5:be:db:
f5:53:f1:92:29:f3:b1:d7:0d:06:f8:64:73:40:84:04:1e:86:
59:c2:50:19:95:82:b4:d1:14:3e:f2:12:c5:ac:e4:b5:95:01:
09:17:ab:35:27:0c:94:49:b3:8a:d5:65:16:27:f5:aa:9e:91:
77:cf:af:a6:68:af:cd:c7:5c:aa:cb:c7:ac:56:34:63:8f:ba:
61:fc:cd:f0:f1:10:bb:5e:16:cd:ac:bc:28:98:dd:2f:c8:83:
3d:6a:c8:0a:86:11:a7:f6:d1:a8:6e:7e:51:8d:6f:73:fb:cb:
17:27:93:23:72:5e:73:ba:79:c8:00:68:e4:46:4b:f2:27:07:
16:86:16:b2:1f:33:3e:1b:4c:0b:80:a1:7e:8e:4b:cb:8c:b1:
7b:fd:cd:b6:1e:76:80:c6:55:50:68:3d:ad:2e:b8:e5:d1:9a:
25:db:13:20:dc:f9:ea:1e:38:da:e9:d2:e0:f8:ef:77:87:88:
b9:b7:00:04:7a:bd:d6:c9:5a:e7:2b:8f:5c:ab:4a:06:40:c0:
02:50:9e:d3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYxEcfy724IF5S+rzZ8Ysy3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzhjMzM4YjEyOGY4M2FkZWMyZjY5ZDkzYzMyYzUzNTNj
YTAzOTgwHhcNMjMxMjA3MTMyMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzU1ZmZiNmQ4YjUxZDRmZThjZjQyMDcyN2Y4YjRhY2M2YjZhZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg15zXQjMEtfozxOqeGpdaMlfWnQc
u4oEtgoDacmkA/6l/vyNT1dvQLfvCLTdMGK0p2r73rR/ncZURJ23UwC7pQDkXBP9
T7A4F8ub0r2Zni4WTo0mGNLXql9NPC9L0hSelqe2l/vKnnHbKC6yJbzvGtcYYBn7
7SC4HS3ZdYdKdlUyzxCWeLeZY+RvMZ+pEaqn2LPSapnWNXJ9uIZZ51QOS0eOPzqe
X1b0N73RLlDXvdHLE+KpHL5xCSC14bEB8m+zf838MmEL+u0vBP2rgmA6N706OQcg
CylkbJlwdrOX9GQARZrTaaHapK99o2ve5MA96Reo083NpoyOJ8xTCP1oxQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFIxV/7bYtR1P6M9CByf4tKzGtq5bMB8GA1UdIwQY
MBaAFNA4wzixKPg63sL2nZPDLFNTygOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDkt
OWJmOGIxZWYyZTk2LzEvakZYX3R0aTFIVV9vejBJSEpfaTByTWEycmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDktOWJmOGIxZWYyZTk2
LzEvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTArBAIAATAlAwQGWc5AAwMA
gjwDBAK5z3QDBADADPcwDAMEAsAphAMEAMApiDAWBAIAAjAQAwcAIAEGfBbcAwUD
KgsgQDANBgkqhkiG9w0BAQsFAAOCAQEAvtjA0piZTd3UIgIQf0ro+IXTOYLT/QBZ
sqjejfMIGun0POb8ULYkhA8GF4UdTBZa0al6pb7b9VPxkinzsdcNBvhkc0CEBB6G
WcJQGZWCtNEUPvISxazktZUBCRerNScMlEmzitVlFif1qp6Rd8+vpmivzcdcqsvH
rFY0Y4+6YfzN8PEQu14Wzay8KJjdL8iDPWrICoYRp/bRqG5+UY1vc/vLFyeTI3Je
c7p5yABo5EZL8icHFoYWsh8zPhtMC4Chfo5Ly4yxe/3Nth52gMZVUGg9rS645dGa
JdsTINz56h442unS4Pjvd4eIubcABHq91sla5yuPXKtKBkDAAlCe0w==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:00 2024 by rpki-client on console-ams.rpki-client.org