Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/943732-9621-4a42-87da-b2de3ebf3e7e/1/JWwBU5nMM7lxCQPaMVGEwFtaCEY.roa
File: JWwBU5nMM7lxCQPaMVGEwFtaCEY.roa (raw, json)
Hash identifier: MeOyo+SOmRFYAtpCMn+cOoAKDluXtLpPQCtjU3nvkfw=
Subject key identifier: 25:6C:01:53:99:CC:33:B9:71:09:03:DA:31:51:84:C0:5B:5A:08:46
Certificate issuer: /CN=f91a8223002e3124e5bb06e82d4f60a379b93dcd
Certificate serial: 018571309B525C4AF99030216B16C474AB02
Authority key identifier: F9:1A:82:23:00:2E:31:24:E5:BB:06:E8:2D:4F:60:A3:79:B9:3D:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-RqCIwAuMSTluwboLU9go3m5Pc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/943732-9621-4a42-87da-b2de3ebf3e7e/1/JWwBU5nMM7lxCQPaMVGEwFtaCEY.roa
Signing time: Mon 02 Jan 2023 06:34:48 +0000
ROA not before: Mon 02 Jan 2023 06:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211734
IP address blocks: 185.147.137.0/24 maxlen: 24
185.147.136.0/24 maxlen: 24
185.147.136.0/22 maxlen: 22
2a07:3780::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:9b:52:5c:4a:f9:90:30:21:6b:16:c4:74:ab:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f91a8223002e3124e5bb06e82d4f60a379b93dcd
Validity
Not Before: Jan 2 06:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=256c015399cc33b9710903da315184c05b5a0846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b2:27:ac:44:11:e3:6f:a0:4c:2a:8a:a6:ff:
fd:e9:76:f5:51:84:8a:ce:f4:83:c4:0a:b2:40:03:
ed:61:e4:d3:4e:a5:a0:82:a8:d0:c1:29:17:df:e6:
a2:c2:5f:5f:cb:d7:80:da:0d:18:4f:6d:83:0c:72:
9a:e6:29:10:e9:b8:f5:a2:3f:ed:64:b6:ec:e0:2b:
44:23:08:90:13:07:df:69:16:72:9d:41:9b:7c:f7:
d4:e8:29:37:ac:d7:a1:31:1a:72:94:cc:c2:be:cb:
a3:0b:2f:a4:33:4c:9d:a9:0c:7f:8d:15:5f:ca:1f:
8f:3e:44:91:4c:76:1c:28:f9:fd:ad:38:9d:b6:9a:
6e:27:c4:26:df:c9:02:ff:3d:57:17:eb:01:83:86:
c7:b9:a9:bb:74:05:86:ba:d4:0f:33:11:b1:b5:96:
13:46:c7:89:70:a2:f2:29:4e:e9:8d:ae:70:19:a3:
5b:35:a7:0b:c8:6e:bc:33:e7:29:b4:75:e7:f4:e9:
13:68:6f:48:49:09:92:45:16:5b:29:7a:45:f1:d2:
8c:39:f5:54:2b:32:e6:ab:54:9f:1e:cd:43:42:81:
92:c7:2a:09:6f:e4:3f:ac:52:eb:d2:9d:44:a6:a8:
08:9c:51:1d:f4:2a:df:1e:ad:b7:e7:90:bc:b9:cf:
67:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:6C:01:53:99:CC:33:B9:71:09:03:DA:31:51:84:C0:5B:5A:08:46
X509v3 Authority Key Identifier:
keyid:F9:1A:82:23:00:2E:31:24:E5:BB:06:E8:2D:4F:60:A3:79:B9:3D:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-RqCIwAuMSTluwboLU9go3m5Pc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/943732-9621-4a42-87da-b2de3ebf3e7e/1/JWwBU5nMM7lxCQPaMVGEwFtaCEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/943732-9621-4a42-87da-b2de3ebf3e7e/1/1-RqCIwAuMSTluwboLU9go3m5Pc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.136.0/22
IPv6:
2a07:3780::/29
Signature Algorithm: sha256WithRSAEncryption
63:4d:d7:6f:e0:ed:f7:37:95:fc:17:e0:57:07:ec:44:8e:11:
65:29:57:89:de:14:5d:1e:a4:00:74:16:30:05:54:21:f8:87:
9a:28:f0:14:4a:6d:eb:fd:5f:c6:b4:93:4e:2a:b4:b5:d0:c8:
f1:c0:6e:e4:7e:48:9d:93:b7:4e:62:1c:64:5d:7e:6b:df:b0:
4e:b4:e8:61:f8:61:5f:43:03:b7:4e:d5:68:ec:6c:34:57:31:
35:7c:5e:dc:fe:19:62:e0:f5:7d:d9:9c:ac:0e:15:8a:50:38:
81:68:01:97:be:19:0d:64:a6:f4:76:4d:03:85:c8:8b:98:4f:
3f:8a:03:c8:8a:7d:57:03:65:38:dd:83:49:9a:e0:cf:04:46:
39:12:7a:bf:04:f2:df:81:7c:94:9e:38:b0:ee:2d:ab:f7:40:
e6:85:f2:dc:e8:71:ff:8c:2a:46:e3:a4:99:1a:69:64:ee:27:
5a:9f:49:46:e5:63:93:68:08:ea:be:83:57:f8:35:d0:d8:80:
a1:2a:ec:63:be:1f:4a:d6:5f:20:f1:7f:44:6b:9f:e7:46:3d:
24:4c:07:66:01:81:83:64:4f:b4:09:ce:c7:68:63:55:2f:7d:
28:3b:bc:5c:60:e7:9d:c8:50:99:b3:79:d4:5a:86:bc:ec:90:
94:ee:fc:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxMJtSXEr5kDAhaxbEdKsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MWE4MjIzMDAyZTMxMjRlNWJiMDZlODJkNGY2MGEzNzli
OTNkY2QwHhcNMjMwMTAyMDYzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTZjMDE1Mzk5Y2MzM2I5NzEwOTAzZGEzMTUxODRjMDViNWEwODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbInrEQR42+gTCqKpv/96Xb1UYSK
zvSDxAqyQAPtYeTTTqWggqjQwSkX3+aiwl9fy9eA2g0YT22DDHKa5ikQ6bj1oj/t
ZLbs4CtEIwiQEwffaRZynUGbfPfU6Ck3rNehMRpylMzCvsujCy+kM0ydqQx/jRVf
yh+PPkSRTHYcKPn9rTidtppuJ8Qm38kC/z1XF+sBg4bHuam7dAWGutQPMxGxtZYT
RseJcKLyKU7pja5wGaNbNacLyG68M+cptHXn9OkTaG9ISQmSRRZbKXpF8dKMOfVU
KzLmq1SfHs1DQoGSxyoJb+Q/rFLr0p1EpqgInFEd9CrfHq2355C8uc9nzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCVsAVOZzDO5cQkD2jFRhMBbWghGMB8GA1UdIwQY
MBaAFPkagiMALjEk5bsG6C1PYKN5uT3NMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ScUNJd0F1TVNUbHV3Ym9MVTlnbzNtNVBjMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvOTQzNzMyLTk2MjEtNGE0Mi04N2Rh
LWIyZGUzZWJmM2U3ZS8xL0pXd0JVNW5NTTdseENRUGFNVkdFd0Z0YUNFWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTgvOTQzNzMyLTk2MjEtNGE0Mi04N2RhLWIyZGUzZWJmM2U3
ZS8xLzEtUnFDSXdBdU1TVGx1d2JvTFU5Z28zbTVQYzAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5k4gw
DQQCAAIwBwMFAyoHN4AwDQYJKoZIhvcNAQELBQADggEBAGNN12/g7fc3lfwX4FcH
7ESOEWUpV4neFF0epAB0FjAFVCH4h5oo8BRKbev9X8a0k04qtLXQyPHAbuR+SJ2T
t05iHGRdfmvfsE606GH4YV9DA7dO1WjsbDRXMTV8Xtz+GWLg9X3ZnKwOFYpQOIFo
AZe+GQ1kpvR2TQOFyIuYTz+KA8iKfVcDZTjdg0ma4M8ERjkSer8E8t+BfJSeOLDu
Lav3QOaF8tzocf+MKkbjpJkaaWTuJ1qfSUblY5NoCOq+g1f4NdDYgKEq7GO+H0rW
XyDxf0Rrn+dGPSRMB2YBgYNkT7QJzsdoY1UvfSg7vFxg553IUJmzedRahrzskJTu
/I4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:12 2024 by rpki-client on console-fra.rpki-client.org