Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/JrCIq9g8mqW2gnKFJz0Ua5NC3Bw.roa
File: JrCIq9g8mqW2gnKFJz0Ua5NC3Bw.roa (raw, json)
Hash identifier: 7t1W+qt5Ls3LOt/GwpKHkeQPR0dXQgwJ0LhpNTNwvPU=
Subject key identifier: 26:B0:88:AB:D8:3C:9A:A5:B6:82:72:85:27:3D:14:6B:93:42:DC:1C
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018724201ABBDF0629A269CE86EED4860F80
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/JrCIq9g8mqW2gnKFJz0Ua5NC3Bw.roa
Signing time: Mon 27 Mar 2023 17:31:36 +0000
ROA not before: Mon 27 Mar 2023 17:31:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213250
IP address blocks: 78.108.216.0/24 maxlen: 24
193.31.28.0/24 maxlen: 24
193.34.77.0/24 maxlen: 24
185.234.72.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:24:20:1a:bb:df:06:29:a2:69:ce:86:ee:d4:86:0f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Mar 27 17:31:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26b088abd83c9aa5b6827285273d146b9342dc1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6a:43:71:82:3b:ef:da:5a:b7:33:86:ac:b5:
06:48:23:64:df:1f:3d:12:18:6d:6a:13:51:b6:40:
8f:f7:e7:68:db:95:57:5f:a9:02:c1:01:72:bb:2b:
29:e8:e5:84:a2:77:78:2b:07:5c:15:95:4a:ee:19:
2c:e3:6d:ad:79:5c:ed:7b:33:fe:ca:49:0d:a7:a4:
c4:75:34:e3:da:db:0d:d3:b1:b6:59:6a:59:4f:ff:
db:ef:8d:2b:59:a2:3f:79:68:e6:5b:07:8d:74:67:
4d:5d:ee:3f:aa:4f:72:be:0c:c7:85:a5:4b:d8:7d:
a5:08:fa:69:0a:c1:49:a0:cc:cc:ea:ea:db:5e:3a:
b1:f0:0e:7f:ae:5c:d2:cb:a8:f8:89:39:11:1f:3b:
3b:b3:b1:7a:8f:5f:f9:bf:41:d1:be:26:2e:59:cf:
44:3e:6b:93:ab:3d:77:a6:b8:06:14:66:f6:fb:06:
41:c1:15:ee:4b:fb:d1:70:c9:a2:51:5a:35:b4:f3:
9f:b0:69:da:fe:7d:f6:08:4d:5e:a7:da:57:9e:9b:
46:54:f6:83:e9:de:e7:e3:b8:b1:47:b1:b2:7f:0b:
3b:d1:05:da:d0:12:15:bf:65:e4:d6:34:24:ac:a8:
5d:de:2f:56:9b:b4:1b:dd:07:c5:7e:7a:ac:b0:35:
23:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B0:88:AB:D8:3C:9A:A5:B6:82:72:85:27:3D:14:6B:93:42:DC:1C
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/JrCIq9g8mqW2gnKFJz0Ua5NC3Bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.216.0/24
185.234.72.0/24
193.31.28.0/24
193.34.77.0/24
Signature Algorithm: sha256WithRSAEncryption
80:a9:a3:87:5e:bb:9d:df:62:35:a6:04:56:9e:3e:48:18:78:
46:29:4a:4d:c5:30:69:8d:7a:e7:a4:de:33:22:3f:48:6d:a4:
eb:ad:f0:1d:c2:f0:65:9a:3f:88:26:c4:fd:99:a0:e8:8f:3d:
21:27:59:96:b1:e4:c1:bb:39:c0:86:0e:40:91:1d:c9:79:fd:
7b:47:45:dc:35:68:d2:5e:b5:ab:25:0f:cb:57:9c:cf:9b:83:
4a:b4:ae:6e:46:85:d8:67:23:61:01:a8:ff:72:61:ce:a0:d9:
ce:8a:8f:14:66:38:60:67:96:16:74:85:af:1e:d4:5e:ef:08:
5e:97:0d:33:70:70:07:bb:4a:53:0d:7d:c7:16:51:31:2f:b5:
17:1e:55:57:83:1e:a3:75:ec:f3:9f:e4:1e:50:b6:64:75:f4:
a4:4b:68:96:a7:b8:5d:93:8b:0c:0d:ce:3a:32:3f:6f:ef:a4:
27:04:26:a2:d7:09:f7:21:8e:d7:3d:df:37:3d:20:fd:9a:86:
ce:ba:70:b8:3b:ea:af:61:19:c7:2a:7e:e5:b3:76:fc:96:7a:
29:75:c0:8f:ef:17:91:d0:dd:ee:af:e3:3f:6e:74:81:dd:e3:
e6:86:2f:f5:f3:be:80:48:56:56:b6:06:4b:63:6d:12:f5:32:
f3:cb:4c:d4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYckIBq73wYpomnOhu7Uhg+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMzI3MTczMTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmIwODhhYmQ4M2M5YWE1YjY4MjcyODUyNzNkMTQ2YjkzNDJkYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWpDcYI779patzOGrLUGSCNk3x89
EhhtahNRtkCP9+do25VXX6kCwQFyuysp6OWEond4KwdcFZVK7hks422teVztezP+
ykkNp6TEdTTj2tsN07G2WWpZT//b740rWaI/eWjmWweNdGdNXe4/qk9yvgzHhaVL
2H2lCPppCsFJoMzM6urbXjqx8A5/rlzSy6j4iTkRHzs7s7F6j1/5v0HRviYuWc9E
PmuTqz13prgGFGb2+wZBwRXuS/vRcMmiUVo1tPOfsGna/n32CE1ep9pXnptGVPaD
6d7n47ixR7Gyfws70QXa0BIVv2Xk1jQkrKhd3i9Wm7Qb3QfFfnqssDUjWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCawiKvYPJqltoJyhSc9FGuTQtwcMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSnJDSXE5ZzhtcVcyZ25LRkp6MFVhNU5DM0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATmzYAwQA
uepIAwQAwR8cAwQAwSJNMA0GCSqGSIb3DQEBCwUAA4IBAQCAqaOHXrud32I1pgRW
nj5IGHhGKUpNxTBpjXrnpN4zIj9IbaTrrfAdwvBlmj+IJsT9maDojz0hJ1mWseTB
uznAhg5AkR3Jef17R0XcNWjSXrWrJQ/LV5zPm4NKtK5uRoXYZyNhAaj/cmHOoNnO
io8UZjhgZ5YWdIWvHtRe7whelw0zcHAHu0pTDX3HFlExL7UXHlVXgx6jdezzn+Qe
ULZkdfSkS2iWp7hdk4sMDc46Mj9v76QnBCai1wn3IY7XPd83PSD9mobOunC4O+qv
YRnHKn7ls3b8lnopdcCP7xeR0N3ur+M/bnSB3ePmhi/1876ASFZWtgZLY20S9TLz
y0zU
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:20 2024 by rpki-client on console-fra.rpki-client.org