Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/jnhMxGP-rv2dzAfo9Mznkdt8Jbs.roa
File: jnhMxGP-rv2dzAfo9Mznkdt8Jbs.roa (raw, json)
Hash identifier: G7A7OeFilHnXoCyGbKGN7yTyYW9+MhN5qFSYJXuhdig=
Subject key identifier: 8E:78:4C:C4:63:FE:AE:FD:9D:CC:07:E8:F4:CC:E7:91:DB:7C:25:BB
Certificate issuer: /CN=2f4c9dfe7b1a72a551bba15a999a6c19333fff96
Certificate serial: 018996E91D74378D7B0574EFF16B3702D0C1
Authority key identifier: 2F:4C:9D:FE:7B:1A:72:A5:51:BB:A1:5A:99:9A:6C:19:33:3F:FF:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L0yd_nsacqVRu6FamZpsGTM__5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/jnhMxGP-rv2dzAfo9Mznkdt8Jbs.roa
Signing time: Thu 27 Jul 2023 10:33:27 +0000
ROA not before: Thu 27 Jul 2023 10:33:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202629
IP address blocks: 185.138.183.0/24 maxlen: 24
185.138.180.0/24 maxlen: 24
185.138.180.0/22 maxlen: 24
185.138.182.0/24 maxlen: 24
185.138.181.0/24 maxlen: 24
2a07:b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:e9:1d:74:37:8d:7b:05:74:ef:f1:6b:37:02:d0:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f4c9dfe7b1a72a551bba15a999a6c19333fff96
Validity
Not Before: Jul 27 10:33:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e784cc463feaefd9dcc07e8f4cce791db7c25bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:52:02:79:b3:15:6b:3e:cf:c1:f2:bd:62:79:
10:a4:f7:f4:d6:49:b8:e8:30:c7:5a:31:3d:f6:0d:
1e:0d:31:ac:8d:cc:97:e8:8a:f3:0c:06:83:51:2e:
59:84:d6:aa:f8:da:5e:ab:96:14:a1:46:d2:dd:52:
0d:b5:11:f7:f6:65:75:8d:36:81:63:89:f2:f4:0f:
3a:ac:d5:e4:31:c1:b9:7e:76:88:27:af:7a:8b:81:
e4:44:98:e9:a3:54:72:e4:3d:a6:11:e3:a0:45:ba:
13:6d:e4:51:39:21:89:53:08:55:65:f0:9f:32:88:
af:3e:28:66:b0:ee:df:1a:c6:71:9e:91:c5:a2:3e:
68:be:50:82:b6:c0:7c:8b:7f:f7:50:53:bb:bd:38:
28:2c:b5:d0:b7:de:ce:46:d5:ca:69:41:df:09:f2:
29:bd:0e:87:01:0e:32:f2:fd:d9:c3:e9:0d:64:2e:
13:34:b0:78:fa:f0:c6:cf:b6:5c:30:99:40:a9:fc:
69:ea:96:e0:11:de:72:4b:55:43:46:3a:09:2e:77:
ff:7d:5d:92:8c:3c:b3:12:be:b1:76:de:26:e4:e4:
c5:7c:d9:5f:58:9f:94:4e:f0:2b:dc:a6:b4:00:4b:
0e:a8:0e:19:84:a8:c9:45:bc:92:99:f2:55:c3:1d:
0c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:78:4C:C4:63:FE:AE:FD:9D:CC:07:E8:F4:CC:E7:91:DB:7C:25:BB
X509v3 Authority Key Identifier:
keyid:2F:4C:9D:FE:7B:1A:72:A5:51:BB:A1:5A:99:9A:6C:19:33:3F:FF:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L0yd_nsacqVRu6FamZpsGTM__5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/jnhMxGP-rv2dzAfo9Mznkdt8Jbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/L0yd_nsacqVRu6FamZpsGTM__5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.180.0/22
IPv6:
2a07:b40::/29
Signature Algorithm: sha256WithRSAEncryption
25:ac:24:6f:60:f5:d0:ec:90:58:aa:45:98:bd:fb:f4:80:fb:
88:71:ab:99:ee:8d:c6:dd:0c:de:62:9a:21:10:75:ac:b0:3d:
04:6b:fc:a4:3f:62:ce:c0:ff:40:4e:98:1d:f0:90:d9:3b:a5:
44:d6:06:e5:aa:45:c4:8a:c1:7d:30:31:75:ce:9a:73:ca:04:
47:b1:c0:0f:e2:79:3c:72:9e:b8:3f:09:5e:45:21:bc:5e:b0:
6a:9e:3e:59:35:a7:b1:84:b6:8c:17:c3:3a:61:5c:53:5d:87:
8f:33:07:f8:6b:8b:d0:77:ed:3c:83:9d:b7:25:68:9c:7b:6b:
58:24:06:16:b0:7e:5e:dc:e2:71:61:b8:c7:91:a2:66:e5:d5:
ba:1d:be:4a:d8:98:5e:90:e2:3e:a9:ae:09:46:e3:f0:85:bc:
18:b9:8f:8f:82:02:b5:9b:26:34:b4:f9:e9:25:23:17:09:e1:
88:76:c5:79:3b:94:46:25:d5:d8:ef:a3:cc:ec:9b:35:d2:7c:
ed:9c:ea:66:3b:65:27:cc:f8:e0:b9:5e:a0:05:3f:f2:2a:93:
28:ac:08:83:33:0e:bf:08:31:fc:31:d8:2f:ab:12:c1:31:7f:
2c:0a:26:d6:ba:6f:bb:b4:dd:7c:7f:32:f9:bc:67:53:74:5c:
f0:34:62:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYmW6R10N417BXTv8Ws3AtDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNGM5ZGZlN2IxYTcyYTU1MWJiYTE1YTk5OWE2YzE5MzMz
ZmZmOTYwHhcNMjMwNzI3MTAzMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTc4NGNjNDYzZmVhZWZkOWRjYzA3ZThmNGNjZTc5MWRiN2MyNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1ICebMVaz7PwfK9YnkQpPf01km4
6DDHWjE99g0eDTGsjcyX6IrzDAaDUS5ZhNaq+Npeq5YUoUbS3VINtRH39mV1jTaB
Y4ny9A86rNXkMcG5fnaIJ696i4HkRJjpo1Ry5D2mEeOgRboTbeRROSGJUwhVZfCf
MoivPihmsO7fGsZxnpHFoj5ovlCCtsB8i3/3UFO7vTgoLLXQt97ORtXKaUHfCfIp
vQ6HAQ4y8v3Zw+kNZC4TNLB4+vDGz7ZcMJlAqfxp6pbgEd5yS1VDRjoJLnf/fV2S
jDyzEr6xdt4m5OTFfNlfWJ+UTvAr3Ka0AEsOqA4ZhKjJRbySmfJVwx0MuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI54TMRj/q79ncwH6PTM55HbfCW7MB8GA1UdIwQY
MBaAFC9Mnf57GnKlUbuhWpmabBkzP/+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDB5ZF9uc2FjcVZSdTZGYW1acHNHVE1fXzVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lZmEwMDItMDBiNS00NzZiLTg1Y2Yt
ZTllMzg4ODEyNzUyLzEvam5oTXhHUC1ydjJkekFmbzlNem5rZHQ4SmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lZmEwMDItMDBiNS00NzZiLTg1Y2YtZTllMzg4ODEyNzUy
LzEvTDB5ZF9uc2FjcVZSdTZGYW1acHNHVE1fXzVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYq0MA0E
AgACMAcDBQMqBwtAMA0GCSqGSIb3DQEBCwUAA4IBAQAlrCRvYPXQ7JBYqkWYvfv0
gPuIcauZ7o3G3QzeYpohEHWssD0Ea/ykP2LOwP9ATpgd8JDZO6VE1gblqkXEisF9
MDF1zppzygRHscAP4nk8cp64PwleRSG8XrBqnj5ZNaexhLaMF8M6YVxTXYePMwf4
a4vQd+08g523JWice2tYJAYWsH5e3OJxYbjHkaJm5dW6Hb5K2JhekOI+qa4JRuPw
hbwYuY+PggK1myY0tPnpJSMXCeGIdsV5O5RGJdXY76PM7Js10nztnOpmO2UnzPjg
uV6gBT/yKpMorAiDMw6/CDH8MdgvqxLBMX8sCibWum+7tN18fzL5vGdTdFzwNGIX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:22 2024 by rpki-client on console-ams.rpki-client.org