Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/JK4S_BO7pY_Nl5h8QLYneAzNYS4.roa
File: JK4S_BO7pY_Nl5h8QLYneAzNYS4.roa (raw, json)
Hash identifier: PhQ8G+yRond4qh//0S6oVZQX9tvdlTwfUIRHASGC7XU=
Subject key identifier: 24:AE:12:FC:13:BB:A5:8F:CD:97:98:7C:40:B6:27:78:0C:CD:61:2E
Certificate issuer: /CN=8c77013e488a09c709b632246d9405da458c5538
Certificate serial: 01856E6F8D9AACA38BF4C1C4744B49334D7D
Authority key identifier: 8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/JK4S_BO7pY_Nl5h8QLYneAzNYS4.roa
Signing time: Sun 01 Jan 2023 17:44:42 +0000
ROA not before: Sun 01 Jan 2023 17:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57738
IP address blocks: 185.17.12.0/22 maxlen: 24
185.129.172.0/22 maxlen: 24
185.128.244.0/22 maxlen: 24
2a06:d180::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:8d:9a:ac:a3:8b:f4:c1:c4:74:4b:49:33:4d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c77013e488a09c709b632246d9405da458c5538
Validity
Not Before: Jan 1 17:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24ae12fc13bba58fcd97987c40b627780ccd612e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:b0:30:8d:76:a1:50:4f:92:03:2e:00:06:
d6:2a:6c:73:3a:7c:d7:63:b4:70:ca:36:4c:b4:68:
1a:56:b0:74:96:8a:e8:00:0d:5a:e3:03:d5:81:e3:
0a:2a:47:9b:2b:ae:6d:81:54:d8:73:4a:28:99:83:
39:b5:aa:c4:1a:0a:73:58:bf:c9:d8:f0:91:3f:06:
11:ac:68:d3:05:ee:2c:dd:67:41:14:d8:b8:03:b3:
98:68:2f:be:0f:c6:0d:e3:8d:cb:ff:ed:e5:16:37:
89:eb:dc:08:2c:4f:18:cf:c3:88:b8:c2:97:97:96:
7d:23:d9:75:9b:18:6e:ee:88:ea:b7:69:81:3d:c0:
ab:ab:94:53:f9:65:cd:db:39:9d:68:4a:de:13:5a:
54:ea:c3:d6:85:8f:e7:a1:05:e7:02:04:5c:8b:e2:
5a:d5:23:7f:3f:a8:cd:65:26:a1:3f:a2:ce:aa:c8:
d2:2d:3f:50:f8:1d:9b:25:41:97:93:b9:45:88:ef:
94:54:37:53:3c:5d:d2:ad:f8:74:1f:3b:88:43:a8:
a4:41:24:25:4d:a1:d3:16:ce:31:2d:33:f9:e3:eb:
ff:79:99:f0:39:eb:b0:3d:91:fb:f1:70:be:4c:5e:
71:db:a9:30:37:28:e3:a7:2c:d7:4a:86:13:e5:56:
37:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:AE:12:FC:13:BB:A5:8F:CD:97:98:7C:40:B6:27:78:0C:CD:61:2E
X509v3 Authority Key Identifier:
keyid:8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/JK4S_BO7pY_Nl5h8QLYneAzNYS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.12.0/22
185.128.244.0/22
185.129.172.0/22
IPv6:
2a06:d180::/29
Signature Algorithm: sha256WithRSAEncryption
b2:21:ce:64:80:0c:ec:41:b4:79:17:55:54:45:02:e5:88:7c:
73:ac:a7:ea:8d:f1:98:a8:87:93:ad:b7:68:a3:d3:6e:0d:00:
22:7e:ca:f9:65:8a:00:d3:0b:96:5f:de:d3:28:9f:98:08:32:
3b:61:e1:2b:1e:f2:c1:f0:5d:1f:6d:27:19:bd:a9:6b:02:d8:
34:eb:d6:cd:c7:08:03:d8:f0:37:8e:be:ad:b1:e4:67:5a:13:
59:d1:12:7e:0c:a5:f6:6a:ad:80:72:be:6d:68:ac:d1:1c:41:
b6:06:8c:01:19:7a:b9:87:e5:d1:03:6d:39:fb:75:a8:d1:35:
0f:93:7c:d2:6f:2c:99:90:1c:e2:80:28:ae:61:ff:c2:07:4b:
b6:ef:f8:71:d0:0f:49:4d:d4:17:4b:bb:8c:2c:23:82:f0:a9:
c4:d9:b3:be:c1:91:03:1e:c9:05:97:29:64:01:fb:4a:e4:b5:
52:a7:b2:36:f6:c4:7d:43:3f:da:37:1b:fd:84:49:d1:f8:cc:
c9:8e:8c:a9:8d:c8:cc:51:15:5e:88:a3:82:71:59:a7:3e:23:
37:0f:99:2d:f7:88:78:a7:ec:2b:91:3c:32:e8:a5:de:65:8c:
8f:e7:d9:c5:cd:7a:07:00:a3:9b:7f:24:c0:0b:df:51:6e:46:
ba:7c:49:d5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVub42arKOL9MHEdEtJM019MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzcwMTNlNDg4YTA5YzcwOWI2MzIyNDZkOTQwNWRhNDU4
YzU1MzgwHhcNMjMwMTAxMTc0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGFlMTJmYzEzYmJhNThmY2Q5Nzk4N2M0MGI2Mjc3ODBjY2Q2MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWCwMI12oVBPkgMuAAbWKmxzOnzX
Y7RwyjZMtGgaVrB0loroAA1a4wPVgeMKKkebK65tgVTYc0oomYM5tarEGgpzWL/J
2PCRPwYRrGjTBe4s3WdBFNi4A7OYaC++D8YN443L/+3lFjeJ69wILE8Yz8OIuMKX
l5Z9I9l1mxhu7ojqt2mBPcCrq5RT+WXN2zmdaEreE1pU6sPWhY/noQXnAgRci+Ja
1SN/P6jNZSahP6LOqsjSLT9Q+B2bJUGXk7lFiO+UVDdTPF3Srfh0HzuIQ6ikQSQl
TaHTFs4xLTP54+v/eZnwOeuwPZH78XC+TF5x26kwNyjjpyzXSoYT5VY3owIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCSuEvwTu6WPzZeYfEC2J3gMzWEuMB8GA1UdIwQY
MBaAFIx3AT5IignHCbYyJG2UBdpFjFU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgt
MDIxMjk1MzNhMzNkLzEvSks0U19CTzdwWV9ObDVoOFFMWW5lQXpOWVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgtMDIxMjk1MzNhMzNk
LzEvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuREMAwQC
uYD0AwQCuYGsMA0EAgACMAcDBQMqBtGAMA0GCSqGSIb3DQEBCwUAA4IBAQCyIc5k
gAzsQbR5F1VURQLliHxzrKfqjfGYqIeTrbdoo9NuDQAifsr5ZYoA0wuWX97TKJ+Y
CDI7YeErHvLB8F0fbScZvalrAtg069bNxwgD2PA3jr6tseRnWhNZ0RJ+DKX2aq2A
cr5taKzRHEG2BowBGXq5h+XRA205+3Wo0TUPk3zSbyyZkBzigCiuYf/CB0u27/hx
0A9JTdQXS7uMLCOC8KnE2bO+wZEDHskFlylkAftK5LVSp7I29sR9Qz/aNxv9hEnR
+MzJjoypjcjMURVeiKOCcVmnPiM3D5kt94h4p+wrkTwy6KXeZYyP59nFzXoHAKOb
fyTAC99Rbka6fEnV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:59 2024 by rpki-client on console-ams.rpki-client.org