Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/jdg_9y-QX5AZBYgK1AP4u5zxmcg.roa
File: jdg_9y-QX5AZBYgK1AP4u5zxmcg.roa (raw, json)
Hash identifier: A3o4HUqDyUxkgpFr1G0ou0hu4L9kPexiT9JQsCDf/No=
Subject key identifier: 8D:D8:3F:F7:2F:90:5F:90:19:05:88:0A:D4:03:F8:BB:9C:F1:99:C8
Certificate issuer: /CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Certificate serial: 018ADFE8A3FAC2851209EAD1DA52D454A9CB
Authority key identifier: 65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/jdg_9y-QX5AZBYgK1AP4u5zxmcg.roa
Signing time: Fri 29 Sep 2023 07:47:59 +0000
ROA not before: Fri 29 Sep 2023 07:47:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205614
IP address blocks: 185.171.44.0/22 maxlen: 24
193.22.251.0/24 maxlen: 24
45.135.124.0/22 maxlen: 22
45.89.160.0/23 maxlen: 23
45.89.162.0/24 maxlen: 24
2a0e:8b40::/29 maxlen: 29
2a0d:1f80::/32 maxlen: 36
2a0b:e880::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:e8:a3:fa:c2:85:12:09:ea:d1:da:52:d4:54:a9:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Validity
Not Before: Sep 29 07:47:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8dd83ff72f905f901905880ad403f8bb9cf199c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:69:1a:83:5d:03:63:1f:90:8d:1b:d3:45:b3:
f0:85:d1:5a:a6:c1:ab:c6:18:8b:7c:7e:bd:40:9f:
75:cb:84:8c:3a:00:d0:d3:b3:a0:aa:4c:a5:ae:1f:
1a:22:2d:9a:09:89:72:f3:05:72:0e:05:8f:12:34:
13:12:4c:cf:cf:5f:e2:3c:ad:8b:7b:0e:7a:04:2a:
a4:2b:fa:c2:49:af:9d:6e:0c:cc:73:23:9c:db:74:
f7:d5:a3:f6:98:d9:d2:09:7d:1d:cc:35:cb:1f:9e:
ca:e8:41:61:b9:4a:05:33:20:71:ba:48:a9:ee:37:
a5:67:b5:aa:ab:96:b6:ef:a0:34:76:83:53:a8:fb:
c7:15:62:3e:df:fa:fc:9a:65:97:53:e4:98:e8:9c:
2b:59:e3:ce:eb:1e:9c:3a:fe:2b:9d:6a:9b:c8:9e:
d3:11:e3:e9:9f:3f:c5:a1:56:c2:43:4e:00:00:fd:
7b:15:cd:e3:2a:f3:78:8f:0b:c5:55:d1:6c:a4:b7:
ef:b1:6f:67:dc:53:6c:48:08:49:6e:e3:d2:b9:40:
b3:8f:04:ef:92:80:6b:bf:ef:44:ed:52:59:16:76:
71:9a:5d:bc:10:f7:34:24:8d:4a:c4:11:26:aa:b4:
36:35:88:1e:97:41:a3:37:c7:14:dc:38:eb:5a:81:
a2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D8:3F:F7:2F:90:5F:90:19:05:88:0A:D4:03:F8:BB:9C:F1:99:C8
X509v3 Authority Key Identifier:
keyid:65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/jdg_9y-QX5AZBYgK1AP4u5zxmcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.160.0-45.89.162.255
45.135.124.0/22
185.171.44.0/22
193.22.251.0/24
IPv6:
2a0b:e880::/29
2a0d:1f80::/32
2a0e:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
61:fc:c5:b3:dc:74:d7:11:c7:dd:e3:2d:32:58:18:ef:4d:10:
70:f9:a7:8d:4b:7c:ab:ab:d2:12:8d:09:52:12:fb:81:39:34:
4d:03:b5:81:46:60:15:48:09:2c:d6:11:e4:f2:b7:2f:d9:50:
a0:cd:0f:59:8c:63:0e:e5:d7:a0:ed:30:ba:59:0e:cc:c5:ea:
c7:b5:ee:88:fe:0e:47:a7:69:d4:be:c5:38:f4:27:c1:84:79:
9d:d7:7d:04:89:02:03:b4:33:a5:f5:63:81:77:e0:5d:92:26:
e8:a1:41:9b:9c:5a:99:66:95:a5:bf:cc:82:dd:9e:de:93:c5:
bb:44:54:83:be:89:45:d6:68:9a:2c:99:4c:17:63:97:3a:37:
8d:7d:e6:14:43:b2:dc:17:fe:81:e7:94:99:ff:38:ab:c2:29:
03:61:91:55:2a:84:7a:26:3c:c6:f8:e3:60:a0:6e:51:a0:a5:
c8:70:6d:93:ff:ed:81:9f:9b:a6:88:e8:f5:eb:a1:7f:1c:af:
3b:45:3f:bd:76:3f:b4:39:2f:94:28:8d:88:ea:96:26:d0:a2:
a3:6c:65:b1:05:f5:61:10:90:98:96:64:c3:9e:a9:81:35:45:
f4:74:57:be:68:ca:9a:71:a9:8a:f3:be:fb:23:53:9a:62:8a:
1a:38:20:a5
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYrf6KP6woUSCerR2lLUVKnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDYwOTY2OTVmN2U2NjEwYjE5YjA4ZTFkN2ZkOWM0ZDkx
NGE0ZjAwHhcNMjMwOTI5MDc0NzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQ4M2ZmNzJmOTA1ZjkwMTkwNTg4MGFkNDAzZjhiYjljZjE5OWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2kag10DYx+QjRvTRbPwhdFapsGr
xhiLfH69QJ91y4SMOgDQ07Ogqkylrh8aIi2aCYly8wVyDgWPEjQTEkzPz1/iPK2L
ew56BCqkK/rCSa+dbgzMcyOc23T31aP2mNnSCX0dzDXLH57K6EFhuUoFMyBxukip
7jelZ7Wqq5a276A0doNTqPvHFWI+3/r8mmWXU+SY6JwrWePO6x6cOv4rnWqbyJ7T
EePpnz/FoVbCQ04AAP17Fc3jKvN4jwvFVdFspLfvsW9n3FNsSAhJbuPSuUCzjwTv
koBrv+9E7VJZFnZxml28EPc0JI1KxBEmqrQ2NYgel0GjN8cU3DjrWoGiLwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFI3YP/cvkF+QGQWICtQD+Luc8ZnIMB8GA1UdIwQY
MBaAFGUGCWaV9+ZhCxmwjh1/2cTZFKTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgt
YTQxNTI1NThkMThjLzEvamRnXzl5LVFYNUFaQllnSzFBUDR1NXp4bWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgtYTQxNTI1NThkMThj
LzEvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAmBAIAATAgMAwDBAUtWaAD
BAAtWaIDBAIth3wDBAK5qywDBADBFvswGwQCAAIwFQMFAyoL6IADBQAqDR+AAwUD
Kg6LQDANBgkqhkiG9w0BAQsFAAOCAQEAYfzFs9x01xHH3eMtMlgY700QcPmnjUt8
q6vSEo0JUhL7gTk0TQO1gUZgFUgJLNYR5PK3L9lQoM0PWYxjDuXXoO0wulkOzMXq
x7XuiP4OR6dp1L7FOPQnwYR5ndd9BIkCA7QzpfVjgXfgXZIm6KFBm5xamWaVpb/M
gt2e3pPFu0RUg76JRdZomiyZTBdjlzo3jX3mFEOy3Bf+geeUmf84q8IpA2GRVSqE
eiY8xvjjYKBuUaClyHBtk//tgZ+bpojo9euhfxyvO0U/vXY/tDkvlCiNiOqWJtCi
o2xlsQX1YRCQmJZkw56pgTVF9HRXvmjKmnGpivO++yNTmmKKGjggpQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:49 2024 by rpki-client on console-ams.rpki-client.org