Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/jpKUW_w7lC2YtzI3e-GcuSzUnFk.roa
File: jpKUW_w7lC2YtzI3e-GcuSzUnFk.roa (raw, json)
Hash identifier: 6Ia1KJnlVFeXNwiuL7esTAOCt/CX8MYZ/0k15Sw+3/g=
Subject key identifier: 8E:92:94:5B:FC:3B:94:2D:98:B7:32:37:7B:E1:9C:B9:2C:D4:9C:59
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01874AD6F69EA5C5FAA04420FD6B8F981333
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/jpKUW_w7lC2YtzI3e-GcuSzUnFk.roa
Signing time: Tue 04 Apr 2023 05:56:54 +0000
ROA not before: Tue 04 Apr 2023 05:56:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 194.102.168.0/24 maxlen: 24
194.102.169.0/24 maxlen: 24
194.102.171.0/24 maxlen: 24
217.156.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 09:53:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4a:d6:f6:9e:a5:c5:fa:a0:44:20:fd:6b:8f:98:13:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Apr 4 05:56:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e92945bfc3b942d98b732377be19cb92cd49c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1c:5e:2e:17:0a:19:24:db:1d:17:b3:4b:94:
aa:31:57:b8:01:63:77:08:0c:2d:2d:d9:75:6a:f9:
a0:1f:d6:eb:9e:d4:fe:cd:38:fa:9e:79:a4:b3:31:
92:1a:1d:a7:95:b4:45:eb:a5:b9:51:59:a7:e0:4f:
16:83:b9:9e:95:28:c4:36:52:72:b5:c0:79:23:cf:
b8:f7:9e:06:fb:21:a0:a4:2b:90:f7:c3:41:c8:55:
63:97:06:ef:7d:fc:13:0e:ca:52:37:6b:00:2b:5f:
5c:2c:16:52:94:b6:94:0c:c5:5b:10:b2:61:4d:75:
36:30:e3:f2:9d:40:8a:14:32:45:26:55:b4:93:df:
d1:f7:08:18:87:ee:61:9d:13:10:e9:fa:b7:f6:87:
12:81:b5:13:95:b7:8b:6c:73:78:55:16:62:44:c4:
1d:b0:bf:0b:f5:51:69:45:de:45:de:06:b7:b0:fe:
e5:75:eb:dd:55:57:06:56:fb:75:04:81:30:bd:c8:
3c:c4:6c:f4:9b:47:2c:b4:8a:8e:03:be:84:d4:24:
c0:ba:18:8d:d3:45:f2:c4:a5:63:eb:a3:3d:0c:10:
7b:3b:79:bd:bc:50:b6:19:0f:67:31:a7:cb:99:77:
e3:18:9d:e0:28:a1:08:be:9f:22:8a:1e:8c:1c:3d:
08:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:92:94:5B:FC:3B:94:2D:98:B7:32:37:7B:E1:9C:B9:2C:D4:9C:59
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/jpKUW_w7lC2YtzI3e-GcuSzUnFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.102.168.0/23
194.102.171.0/24
217.156.96.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:88:de:eb:7c:98:29:dc:e7:e9:95:62:1a:f5:ab:1e:83:f5:
4d:c5:7d:14:af:49:93:7c:83:a2:50:82:a7:21:22:01:e2:2f:
7c:a8:6a:d2:86:f8:ef:bb:ff:1e:09:62:42:aa:94:61:55:e3:
30:57:8d:42:bb:0b:24:0b:4f:88:37:44:02:66:1a:27:ba:7c:
f1:ca:52:3a:d4:30:47:4c:49:c7:7b:b3:fe:25:bc:b1:ca:75:
1b:29:a0:78:98:3d:3b:0d:1e:38:bf:da:2e:1f:81:c0:28:3f:
63:d5:a7:89:f0:ca:f0:1d:66:65:a8:56:58:b7:5a:f0:93:34:
f0:77:3e:8e:10:c7:fd:5a:48:a9:af:57:aa:ad:8c:38:f0:ee:
a6:cf:8f:13:b7:c0:ce:31:2b:7d:14:1b:67:e4:21:f5:b8:28:
e6:07:32:3a:79:67:8c:c7:14:6f:7e:58:f3:f4:4f:cf:31:ff:
3e:9f:8d:94:a6:47:2a:6f:95:ec:94:4d:6b:47:4d:bb:ba:ad:
22:0e:2d:0b:f1:77:d4:b9:ff:ec:66:5b:66:a5:25:c7:1e:c4:
9c:2c:72:4b:6f:73:cb:fe:be:c1:45:9c:72:3d:b8:eb:80:0c:
9a:be:6e:19:d4:3d:9c:c8:68:ba:93:c0:80:1d:ca:5d:5c:8a:
29:43:7b:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdK1vaepcX6oEQg/WuPmBMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwNDA0MDU1NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTkyOTQ1YmZjM2I5NDJkOThiNzMyMzc3YmUxOWNiOTJjZDQ5YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxxeLhcKGSTbHRezS5SqMVe4AWN3
CAwtLdl1avmgH9brntT+zTj6nnmkszGSGh2nlbRF66W5UVmn4E8Wg7melSjENlJy
tcB5I8+4954G+yGgpCuQ98NByFVjlwbvffwTDspSN2sAK19cLBZSlLaUDMVbELJh
TXU2MOPynUCKFDJFJlW0k9/R9wgYh+5hnRMQ6fq39ocSgbUTlbeLbHN4VRZiRMQd
sL8L9VFpRd5F3ga3sP7ldevdVVcGVvt1BIEwvcg8xGz0m0cstIqOA76E1CTAuhiN
00XyxKVj66M9DBB7O3m9vFC2GQ9nMafLmXfjGJ3gKKEIvp8iih6MHD0I1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI6SlFv8O5QtmLcyN3vhnLks1JxZMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvanBLVVdfdzdsQzJZdHpJM2UtR2N1U3pVbkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwmaoAwQA
wmarAwQA2ZxgMA0GCSqGSIb3DQEBCwUAA4IBAQBfiN7rfJgp3OfplWIa9aseg/VN
xX0Ur0mTfIOiUIKnISIB4i98qGrShvjvu/8eCWJCqpRhVeMwV41CuwskC0+IN0QC
ZhonunzxylI61DBHTEnHe7P+JbyxynUbKaB4mD07DR44v9ouH4HAKD9j1aeJ8Mrw
HWZlqFZYt1rwkzTwdz6OEMf9Wkipr1eqrYw48O6mz48Tt8DOMSt9FBtn5CH1uCjm
BzI6eWeMxxRvfljz9E/PMf8+n42Upkcqb5XslE1rR027uq0iDi0L8XfUuf/sZltm
pSXHHsScLHJLb3PL/r7BRZxyPbjrgAyavm4Z1D2cyGi6k8CAHcpdXIopQ3tu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:05 2024 by rpki-client on console-ams.rpki-client.org