Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/5c5e22-e4f9-4986-a055-0475d13f463c/1/jmh_bacUZ_USwppfQjG2f6be-94.roa
File: jmh_bacUZ_USwppfQjG2f6be-94.roa (raw, json)
Hash identifier: 3oP4rZo7c8lp5yB5RcZDBLhwSgAiOXyUKEswlhaX/s8=
Subject key identifier: 8E:68:7F:6D:A7:14:67:F5:12:C2:9A:5F:42:31:B6:7F:A6:DE:FB:DE
Certificate issuer: /CN=f4f7760940800b86f8086e209edd1a85bac0f5dc
Certificate serial: 0185709517D60FE98D394ACDFABA20994EC0
Authority key identifier: F4:F7:76:09:40:80:0B:86:F8:08:6E:20:9E:DD:1A:85:BA:C0:F5:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Pd2CUCAC4b4CG4gnt0ahbrA9dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/5c5e22-e4f9-4986-a055-0475d13f463c/1/jmh_bacUZ_USwppfQjG2f6be-94.roa
Signing time: Mon 02 Jan 2023 03:44:57 +0000
ROA not before: Mon 02 Jan 2023 03:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9678
IP address blocks: 2.58.240.0/24 maxlen: 24
2.58.243.0/24 maxlen: 24
2.58.242.0/24 maxlen: 24
2.58.241.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:17:d6:0f:e9:8d:39:4a:cd:fa:ba:20:99:4e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f7760940800b86f8086e209edd1a85bac0f5dc
Validity
Not Before: Jan 2 03:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e687f6da71467f512c29a5f4231b67fa6defbde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5e:89:88:17:48:59:d4:98:84:80:77:3b:a8:
28:ba:03:f7:0c:13:15:d9:2f:a5:95:7c:60:1e:94:
6f:90:1d:00:3e:f6:ae:5f:40:a8:6f:95:f4:f4:1b:
c0:86:8a:6a:85:3b:95:35:53:83:04:e9:00:5d:b6:
de:8d:a4:ce:23:c4:b1:c6:df:15:35:1b:a8:fd:b9:
6a:a8:ba:1d:6a:d8:3e:50:44:ac:45:7b:41:e1:d5:
32:42:c5:29:c9:ad:f1:a8:d1:e9:6f:d9:73:d5:6a:
9c:78:c9:b9:66:37:fa:5e:06:fd:85:91:ec:51:7e:
ae:3d:ca:d6:13:46:e4:d6:8a:aa:e4:9b:2f:b8:79:
51:08:15:f2:72:fb:b1:dd:be:09:c4:b8:01:01:26:
aa:ae:bc:ae:fc:8a:b9:4e:67:d0:4d:3d:36:34:c3:
81:2f:04:64:6b:9a:ed:be:97:c7:73:c8:03:49:2d:
37:49:71:a8:95:c8:6b:fe:71:17:93:f9:2a:2a:c1:
8d:4b:f2:fd:fd:ba:eb:5e:08:f5:b1:25:fe:3d:30:
04:d9:c8:8f:30:41:e6:96:e1:65:04:20:17:a7:27:
b0:c2:2d:02:67:d8:13:04:15:7c:75:ff:b8:b0:fe:
f2:13:42:2d:7f:fb:68:63:b6:76:08:fe:13:ec:41:
bc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:68:7F:6D:A7:14:67:F5:12:C2:9A:5F:42:31:B6:7F:A6:DE:FB:DE
X509v3 Authority Key Identifier:
keyid:F4:F7:76:09:40:80:0B:86:F8:08:6E:20:9E:DD:1A:85:BA:C0:F5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Pd2CUCAC4b4CG4gnt0ahbrA9dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/5c5e22-e4f9-4986-a055-0475d13f463c/1/jmh_bacUZ_USwppfQjG2f6be-94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/5c5e22-e4f9-4986-a055-0475d13f463c/1/9Pd2CUCAC4b4CG4gnt0ahbrA9dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.240.0/22
Signature Algorithm: sha256WithRSAEncryption
23:2f:4c:c6:9b:e7:1a:9d:38:8e:4d:03:bf:be:1b:e1:70:4f:
f1:82:82:c7:f4:50:87:22:26:f7:17:6b:b5:07:fa:9b:0f:74:
55:df:01:12:ac:7d:93:7d:75:e0:d6:7e:50:bd:5b:0f:13:ad:
8a:03:11:34:d3:2f:92:06:f0:7a:46:cd:f1:63:43:bd:2e:ae:
e2:d3:a6:f1:15:6d:41:1c:a9:7e:b3:23:bd:c9:20:44:55:3e:
18:35:a8:6a:b0:67:60:59:27:9e:0d:b1:c2:8d:8d:80:bb:72:
8a:e4:ca:ea:e0:ae:bf:ae:e2:19:78:8b:40:62:aa:3b:79:5e:
32:11:ee:23:47:3f:e8:f2:31:23:36:9d:ea:67:3c:6a:f4:25:
64:f9:20:83:13:da:23:c7:f8:a0:11:c2:bd:e0:c4:df:9a:37:
1a:24:f1:bc:60:2a:df:30:b3:4d:97:f1:82:d6:78:6e:61:ec:
dc:30:2c:2a:84:7b:fa:c6:15:0b:d9:bc:ba:fa:43:f2:2a:13:
83:0f:52:4b:00:db:5a:60:4a:40:a6:59:c8:aa:4b:4d:2d:fc:
da:ab:83:6f:51:8b:e7:56:59:f0:ce:b5:35:8c:2d:8b:ad:e5:
32:66:8f:e0:7a:89:4d:bf:b9:d2:80:a2:ff:25:52:ed:b0:25:
ad:dc:a0:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlRfWD+mNOUrN+rogmU7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Zjc3NjA5NDA4MDBiODZmODA4NmUyMDllZGQxYTg1YmFj
MGY1ZGMwHhcNMjMwMTAyMDM0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTY4N2Y2ZGE3MTQ2N2Y1MTJjMjlhNWY0MjMxYjY3ZmE2ZGVmYmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyV6JiBdIWdSYhIB3O6gougP3DBMV
2S+llXxgHpRvkB0APvauX0Cob5X09BvAhopqhTuVNVODBOkAXbbejaTOI8Sxxt8V
NRuo/blqqLodatg+UESsRXtB4dUyQsUpya3xqNHpb9lz1WqceMm5Zjf6Xgb9hZHs
UX6uPcrWE0bk1oqq5JsvuHlRCBXycvux3b4JxLgBASaqrryu/Iq5TmfQTT02NMOB
LwRka5rtvpfHc8gDSS03SXGolchr/nEXk/kqKsGNS/L9/brrXgj1sSX+PTAE2ciP
MEHmluFlBCAXpyewwi0CZ9gTBBV8df+4sP7yE0Itf/toY7Z2CP4T7EG8CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5of22nFGf1EsKaX0Ixtn+m3vveMB8GA1UdIwQY
MBaAFPT3dglAgAuG+AhuIJ7dGoW6wPXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBkMkNVQ0FDNGI0Q0c0Z250MGFoYnJBOWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81YzVlMjItZTRmOS00OTg2LWEwNTUt
MDQ3NWQxM2Y0NjNjLzEvam1oX2JhY1VaX1VTd3BwZlFqRzJmNmJlLTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy81YzVlMjItZTRmOS00OTg2LWEwNTUtMDQ3NWQxM2Y0NjNj
LzEvOVBkMkNVQ0FDNGI0Q0c0Z250MGFoYnJBOWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjrwMA0G
CSqGSIb3DQEBCwUAA4IBAQAjL0zGm+canTiOTQO/vhvhcE/xgoLH9FCHIib3F2u1
B/qbD3RV3wESrH2TfXXg1n5QvVsPE62KAxE00y+SBvB6Rs3xY0O9Lq7i06bxFW1B
HKl+syO9ySBEVT4YNahqsGdgWSeeDbHCjY2Au3KK5Mrq4K6/ruIZeItAYqo7eV4y
Ee4jRz/o8jEjNp3qZzxq9CVk+SCDE9ojx/igEcK94MTfmjcaJPG8YCrfMLNNl/GC
1nhuYezcMCwqhHv6xhUL2by6+kPyKhODD1JLANtaYEpAplnIqktNLfzaq4NvUYvn
VlnwzrU1jC2LreUyZo/geolNv7nSgKL/JVLtsCWt3KCK
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:27 2024 by rpki-client on console-ams.rpki-client.org