Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/Jc8Pmxi5kMQ5X0zANC0U00EpOy8.roa
File: Jc8Pmxi5kMQ5X0zANC0U00EpOy8.roa (raw, json)
Hash identifier: WX+cDLyIyQSLYmlt9A05N8pZIZCjnXjnw8r25j6U/fQ=
Subject key identifier: 25:CF:0F:9B:18:B9:90:C4:39:5F:4C:C0:34:2D:14:D3:41:29:3B:2F
Certificate issuer: /CN=33e278ba28261a2d1e553dbef6df8409a21c1aef
Certificate serial: 018BD73810149C1AC5FE08F13557E0A7C638
Authority key identifier: 33:E2:78:BA:28:26:1A:2D:1E:55:3D:BE:F6:DF:84:09:A2:1C:1A:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-J4uigmGi0eVT2-9t-ECaIcGu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/Jc8Pmxi5kMQ5X0zANC0U00EpOy8.roa
Signing time: Thu 16 Nov 2023 08:20:57 +0000
ROA not before: Thu 16 Nov 2023 08:20:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200342
IP address blocks: 194.39.203.0/24 maxlen: 24
194.39.200.0/24 maxlen: 24
194.39.200.0/22 maxlen: 22
194.39.202.0/24 maxlen: 24
194.39.201.0/24 maxlen: 24
2a0c:f0c0::/31 maxlen: 31
2a0c:f0c2::/31 maxlen: 31
2a0c:f0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:38:10:14:9c:1a:c5:fe:08:f1:35:57:e0:a7:c6:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33e278ba28261a2d1e553dbef6df8409a21c1aef
Validity
Not Before: Nov 16 08:20:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25cf0f9b18b990c4395f4cc0342d14d341293b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:85:cb:63:71:30:08:04:2c:6c:f9:d9:3f:2f:
b9:3e:ca:48:81:a8:20:c9:ed:98:48:34:b9:55:93:
cb:36:6b:92:69:0c:5a:28:1d:3d:05:44:c5:cd:22:
9a:e3:84:80:c7:e2:41:5d:de:77:73:a0:82:bd:fe:
57:f8:d1:d4:16:07:1a:a4:1e:f2:1d:7b:7d:79:fe:
1a:b3:08:ba:6b:a9:7e:db:f9:43:a1:a1:50:a1:56:
a6:e3:c6:44:db:15:b8:58:73:59:ac:0f:34:ee:1d:
22:a8:c2:ee:64:81:e8:d7:fb:25:0f:45:7c:7e:59:
49:77:41:10:9f:1c:7a:9b:b8:3f:7a:cd:4e:88:a8:
fc:e8:f5:57:f5:3b:7f:d8:27:b3:83:a4:3e:cd:45:
b4:55:54:b7:2a:1a:38:14:6c:ae:d1:b3:7e:7e:db:
98:28:ee:2d:b2:44:57:99:9a:de:4c:97:c7:12:eb:
b2:9b:82:c3:80:fe:de:08:20:e1:11:35:a4:2a:5b:
77:e1:9e:e9:29:df:28:e6:10:f0:7e:5a:11:f5:fb:
2f:34:14:87:40:96:0f:ec:7d:17:7a:ee:a3:da:ae:
b5:95:f5:d3:39:5c:37:22:a2:00:e9:4b:7d:8a:49:
c7:6c:1b:b7:e2:e9:71:cf:a9:6e:71:41:be:c4:7c:
d1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CF:0F:9B:18:B9:90:C4:39:5F:4C:C0:34:2D:14:D3:41:29:3B:2F
X509v3 Authority Key Identifier:
keyid:33:E2:78:BA:28:26:1A:2D:1E:55:3D:BE:F6:DF:84:09:A2:1C:1A:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-J4uigmGi0eVT2-9t-ECaIcGu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/Jc8Pmxi5kMQ5X0zANC0U00EpOy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/M-J4uigmGi0eVT2-9t-ECaIcGu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.200.0/22
IPv6:
2a0c:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:7e:41:3c:e3:8d:02:e8:e1:6a:ae:3e:56:ff:1a:7a:a7:61:
35:54:7a:aa:b4:73:91:2f:b4:5d:69:3c:24:ca:04:b8:c1:63:
1c:13:ba:8b:d2:f1:ca:31:d1:de:d6:1a:80:f5:a7:e5:c1:a9:
8b:e9:9c:80:c3:ac:1a:fb:5b:9d:7c:e7:fd:ab:c5:9d:e8:06:
0e:5d:44:61:94:5e:f2:c8:3d:95:dd:b7:d5:d3:70:b7:b9:17:
ca:87:d0:2f:d5:92:ad:55:32:d4:23:83:1c:85:c3:99:ab:a0:
96:29:1c:f5:7c:34:88:1a:d9:1f:47:e3:27:85:2c:be:cf:df:
ad:5e:cf:16:07:0d:1a:27:df:88:bf:03:12:ca:b8:3e:b4:98:
e2:5d:ed:af:ff:3e:20:0c:30:8d:23:3e:df:15:40:08:f6:ff:
03:20:a8:d5:8e:99:2c:1d:29:0c:24:0e:c0:9c:28:4b:f6:07:
55:74:ac:d2:65:6a:f4:48:ea:e8:0d:f2:2b:52:e8:cb:ee:9b:
3b:5a:0d:8d:8b:23:9e:0d:30:e6:55:2e:29:01:7e:65:51:da:
53:56:7e:ca:53:dd:35:cb:c9:ea:d0:cb:3a:6c:7d:6e:b6:6f:
dc:f0:26:17:1c:e8:c3:15:ca:72:3a:e0:46:21:77:ed:de:78:
0d:5c:e1:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYvXOBAUnBrF/gjxNVfgp8Y4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZTI3OGJhMjgyNjFhMmQxZTU1M2RiZWY2ZGY4NDA5YTIx
YzFhZWYwHhcNMjMxMTE2MDgyMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWNmMGY5YjE4Yjk5MGM0Mzk1ZjRjYzAzNDJkMTRkMzQxMjkzYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIXLY3EwCAQsbPnZPy+5PspIgagg
ye2YSDS5VZPLNmuSaQxaKB09BUTFzSKa44SAx+JBXd53c6CCvf5X+NHUFgcapB7y
HXt9ef4aswi6a6l+2/lDoaFQoVam48ZE2xW4WHNZrA807h0iqMLuZIHo1/slD0V8
fllJd0EQnxx6m7g/es1OiKj86PVX9Tt/2Cezg6Q+zUW0VVS3Kho4FGyu0bN+ftuY
KO4tskRXmZreTJfHEuuym4LDgP7eCCDhETWkKlt34Z7pKd8o5hDwfloR9fsvNBSH
QJYP7H0Xeu6j2q61lfXTOVw3IqIA6Ut9iknHbBu34ulxz6lucUG+xHzRPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCXPD5sYuZDEOV9MwDQtFNNBKTsvMB8GA1UdIwQY
MBaAFDPieLooJhotHlU9vvbfhAmiHBrvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1KNHVpZ21HaTBlVlQyLTl0LUVDYUljR3U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yYzVmYjktYzliMy00ZTU2LWJkZjEt
MjJlYTNhZDVkZTVjLzEvSmM4UG14aTVrTVE1WDB6QU5DMFUwMEVwT3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yYzVmYjktYzliMy00ZTU2LWJkZjEtMjJlYTNhZDVkZTVj
LzEvTS1KNHVpZ21HaTBlVlQyLTl0LUVDYUljR3U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwifIMA0E
AgACMAcDBQMqDPDAMA0GCSqGSIb3DQEBCwUAA4IBAQBCfkE8440C6OFqrj5W/xp6
p2E1VHqqtHORL7RdaTwkygS4wWMcE7qL0vHKMdHe1hqA9aflwamL6ZyAw6wa+1ud
fOf9q8Wd6AYOXURhlF7yyD2V3bfV03C3uRfKh9Av1ZKtVTLUI4MchcOZq6CWKRz1
fDSIGtkfR+MnhSy+z9+tXs8WBw0aJ9+IvwMSyrg+tJjiXe2v/z4gDDCNIz7fFUAI
9v8DIKjVjpksHSkMJA7AnChL9gdVdKzSZWr0SOroDfIrUujL7ps7Wg2NiyOeDTDm
VS4pAX5lUdpTVn7KU901y8nq0Ms6bH1utm/c8CYXHOjDFcpyOuBGIXft3ngNXOEq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:18 2024 by rpki-client on console-ams.rpki-client.org