Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/jvcKCaKXYwDleHWb57uBEn_rdkU.roa
File: jvcKCaKXYwDleHWb57uBEn_rdkU.roa (raw, json)
Hash identifier: 4BGllOU1tU4GvM8LkFu7qtfv/hXwCUtQStoUbvH8/Xw=
Subject key identifier: 8E:F7:0A:09:A2:97:63:00:E5:78:75:9B:E7:BB:81:12:7F:EB:76:45
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01856DEF7DE395D27EBBD55EF86AA6A580EE
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/jvcKCaKXYwDleHWb57uBEn_rdkU.roa
Signing time: Sun 01 Jan 2023 15:24:49 +0000
ROA not before: Sun 01 Jan 2023 15:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204679
IP address blocks: 195.164.128.0/17 maxlen: 24
193.59.78.0/23 maxlen: 24
2001:a17::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 Feb 2023 07:13:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:7d:e3:95:d2:7e:bb:d5:5e:f8:6a:a6:a5:80:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 1 15:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ef70a09a2976300e578759be7bb81127feb7645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4a:db:9d:2a:b6:15:52:11:7a:3b:9f:13:87:
39:e4:5f:d6:40:39:79:e5:85:08:9a:fa:6b:7e:90:
92:59:af:8d:88:4a:f3:30:82:c8:10:c6:4e:73:30:
5b:ad:b1:a6:0d:aa:7b:bc:fc:4a:22:d8:55:8d:db:
11:b3:66:08:81:b6:91:5d:bf:75:b5:42:46:86:65:
f8:1c:75:13:4e:f1:07:5e:43:bf:82:d1:5f:e6:20:
c0:a7:88:c4:a6:41:36:d5:82:08:d8:1c:89:c4:73:
3f:cd:f4:b7:1a:03:66:c6:bf:9a:95:21:f0:14:47:
b0:36:35:95:e4:e9:33:cc:69:59:66:e3:5e:d5:88:
33:1f:ed:05:7f:ba:bb:f3:cd:51:4b:15:28:04:0c:
42:b8:ec:ea:37:68:5a:0b:64:98:28:83:c8:ed:d2:
32:a4:88:1e:d0:3c:66:3a:1f:48:b0:fa:fb:78:00:
90:1a:5b:0f:44:cc:ef:79:c8:5b:86:30:94:0a:15:
2c:de:34:68:77:bc:4a:79:e0:5e:21:3e:6e:2e:2f:
27:06:c1:aa:16:db:d6:d6:65:66:f4:f0:00:e3:98:
64:1f:3e:d5:60:5f:da:46:47:63:b9:19:1e:f4:f8:
60:86:95:f5:ab:f2:a8:3d:50:78:ab:fc:e0:13:36:
ab:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F7:0A:09:A2:97:63:00:E5:78:75:9B:E7:BB:81:12:7F:EB:76:45
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/jvcKCaKXYwDleHWb57uBEn_rdkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.78.0/23
195.164.128.0/17
IPv6:
2001:a17::/32
Signature Algorithm: sha256WithRSAEncryption
01:11:73:12:fd:4a:4f:b4:6a:67:ae:2b:35:74:97:bc:4f:32:
6d:4c:b3:f6:a4:91:a5:49:5c:c7:f1:39:a6:c8:09:cd:e1:bb:
35:45:85:05:93:23:4d:e6:fb:a4:99:c8:18:33:81:01:ea:04:
84:96:59:36:cb:87:e4:96:94:17:4b:33:a5:69:ab:a7:8b:5b:
42:91:6a:0d:dc:b8:ad:ce:23:d9:d8:a1:a9:c2:94:58:16:fa:
14:b5:02:69:c2:d1:54:ac:94:db:65:56:4c:e1:eb:9e:3d:12:
f6:c2:10:f8:b0:1d:92:3e:67:ab:88:cc:75:4a:c4:af:ba:f9:
6d:3d:02:d2:65:7a:88:4f:88:bc:f3:70:36:ad:d8:a4:c0:ab:
98:ea:45:60:ba:b2:2c:47:bb:60:b7:9e:b2:68:24:c7:38:4d:
3a:b2:12:1e:65:cb:2a:21:c1:46:3e:88:9e:ac:26:d9:3d:25:
ec:9b:5d:c0:87:f4:20:52:87:3a:fc:9b:62:96:22:d8:64:f5:
b9:db:d5:c0:fb:5a:19:a4:ef:19:fb:3f:73:14:bc:3a:e8:8f:
53:ee:74:52:7c:86:24:6b:16:4d:db:8d:89:ae:d2:be:b9:21:
e8:f5:b4:b5:8a:ab:cf:ed:a0:db:a4:32:fa:11:de:ca:1c:36:
0d:4a:5f:d4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVt733jldJ+u9Ve+GqmpYDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjMwMTAxMTUyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWY3MGEwOWEyOTc2MzAwZTU3ODc1OWJlN2JiODExMjdmZWI3NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00rbnSq2FVIRejufE4c55F/WQDl5
5YUImvprfpCSWa+NiErzMILIEMZOczBbrbGmDap7vPxKIthVjdsRs2YIgbaRXb91
tUJGhmX4HHUTTvEHXkO/gtFf5iDAp4jEpkE21YII2ByJxHM/zfS3GgNmxr+alSHw
FEewNjWV5OkzzGlZZuNe1YgzH+0Ff7q7881RSxUoBAxCuOzqN2haC2SYKIPI7dIy
pIge0DxmOh9IsPr7eACQGlsPRMzvechbhjCUChUs3jRod7xKeeBeIT5uLi8nBsGq
FtvW1mVm9PAA45hkHz7VYF/aRkdjuRke9PhghpX1q/KoPVB4q/zgEzargwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI73Cgmil2MA5Xh1m+e7gRJ/63ZFMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvanZjS0NhS1hZd0RsZUhXYjU3dUJFbl9yZGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwTtOAwQH
w6SAMA0EAgACMAcDBQAgAQoXMA0GCSqGSIb3DQEBCwUAA4IBAQABEXMS/UpPtGpn
ris1dJe8TzJtTLP2pJGlSVzH8TmmyAnN4bs1RYUFkyNN5vukmcgYM4EB6gSEllk2
y4fklpQXSzOlaauni1tCkWoN3LitziPZ2KGpwpRYFvoUtQJpwtFUrJTbZVZM4eue
PRL2whD4sB2SPmeriMx1SsSvuvltPQLSZXqIT4i883A2rdikwKuY6kVgurIsR7tg
t56yaCTHOE06shIeZcsqIcFGPoierCbZPSXsm13Ah/QgUoc6/JtiliLYZPW529XA
+1oZpO8Z+z9zFLw66I9T7nRSfIYkaxZN242JrtK+uSHo9bS1iqvP7aDbpDL6Ed7K
HDYNSl/U
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:05 2024 by rpki-client on console-ams.rpki-client.org