Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/JR-dW3jT2ex4F6QpglHHT8cJqj4.roa
File: JR-dW3jT2ex4F6QpglHHT8cJqj4.roa (raw, json)
Hash identifier: YS/R1ffs+T9Lq9g5ABUfvBt5Cki7pmyAs4oqBJ2SOuI=
Subject key identifier: 25:1F:9D:5B:78:D3:D9:EC:78:17:A4:29:82:51:C7:4F:C7:09:AA:3E
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 018BA9689B69E96FFED898F2C7BA23D17E21
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/JR-dW3jT2ex4F6QpglHHT8cJqj4.roa
Signing time: Tue 07 Nov 2023 10:51:26 +0000
ROA not before: Tue 07 Nov 2023 10:51:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60150
IP address blocks: 185.96.56.0/22 maxlen: 24
194.38.48.0/22 maxlen: 24
193.168.200.0/22 maxlen: 24
193.160.220.0/22 maxlen: 24
185.136.16.0/22 maxlen: 24
147.185.196.0/23 maxlen: 24
147.185.206.0/23 maxlen: 24
207.244.196.0/22 maxlen: 24
43.240.148.0/22 maxlen: 24
207.244.208.0/22 maxlen: 24
45.12.100.0/22 maxlen: 24
2a07:5b40::/29 maxlen: 48
2a05:ff00::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:68:9b:69:e9:6f:fe:d8:98:f2:c7:ba:23:d1:7e:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Nov 7 10:51:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=251f9d5b78d3d9ec7817a4298251c74fc709aa3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a4:fc:83:40:98:df:fd:40:fc:d0:7d:41:b4:
c8:dd:fc:fa:03:41:a6:2e:65:64:be:d2:77:74:34:
24:cc:6d:b7:c7:25:47:a6:3e:27:cc:cf:07:3a:aa:
06:f4:f0:54:09:47:ca:43:b6:d4:72:45:2f:3b:fc:
3b:ac:71:80:5d:a1:ba:a4:40:76:ac:14:fe:28:0a:
34:bd:44:da:21:8d:29:9a:95:b4:8e:ef:9a:7a:eb:
32:70:4b:1b:f8:43:0f:45:10:36:f4:11:50:e9:33:
9b:49:33:26:7a:62:3c:7f:95:13:d5:44:12:f8:a5:
94:51:44:eb:fb:e9:f4:0a:44:4f:f6:30:49:93:5b:
99:cd:61:bf:0b:3c:8a:16:a0:c6:06:a6:3a:48:72:
3e:50:fd:76:c6:d7:f7:8f:7d:a2:25:56:3b:c1:58:
37:d3:a5:ea:d1:23:ee:ea:26:da:6e:f8:c9:8a:a2:
53:c6:79:15:3a:a1:d7:d4:12:dc:45:eb:ae:2b:9a:
e8:aa:30:8d:70:a0:0c:73:5e:8e:30:0d:ac:90:a2:
87:5f:4c:46:9f:8f:3c:d2:51:71:4a:c6:19:33:43:
3b:fc:c4:fc:c0:44:a9:95:6c:93:8d:8c:51:40:fa:
e7:d6:a8:6a:61:55:83:81:77:8d:7e:49:04:03:35:
53:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:1F:9D:5B:78:D3:D9:EC:78:17:A4:29:82:51:C7:4F:C7:09:AA:3E
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/JR-dW3jT2ex4F6QpglHHT8cJqj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.148.0/22
45.12.100.0/22
147.185.196.0/23
147.185.206.0/23
185.96.56.0/22
185.136.16.0/22
193.160.220.0/22
193.168.200.0/22
194.38.48.0/22
207.244.196.0/22
207.244.208.0/22
IPv6:
2a05:ff00::/29
2a07:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
89:4a:d7:58:08:2b:5c:66:f9:3c:7b:2c:1b:9e:27:1f:e0:35:
70:1b:bc:c2:23:31:72:cf:d0:d0:c4:27:2d:e7:a9:c1:a3:3e:
3a:0f:19:a8:f0:a0:78:61:bf:83:f6:c1:61:fd:b5:7a:95:e8:
13:1b:d4:93:82:7a:46:ce:e2:5f:c7:d1:fd:0b:d0:21:a7:06:
12:b9:d1:45:4b:5e:b4:c5:cc:cf:7e:54:2e:bc:0a:f5:d8:96:
9f:38:91:2b:73:cb:18:c2:e2:7b:d9:9e:e8:9a:94:6d:0d:84:
d9:20:f9:1c:b7:89:38:6b:d2:47:bc:84:87:b7:b3:dd:00:2f:
88:23:f4:fd:ac:21:c1:ad:5a:9a:56:2a:ed:15:c7:c9:d3:b8:
6c:bb:8a:af:ea:10:a2:8c:d4:f7:65:c3:c0:42:61:88:06:49:
a9:e5:eb:d3:b4:92:95:d2:c5:59:dc:3d:ed:b3:3c:c6:84:06:
ca:a0:78:c3:d9:fb:eb:fa:ec:7b:9f:8c:e8:7b:43:5c:1c:ad:
85:43:55:d7:0e:7a:19:f7:4c:22:c2:65:41:07:6c:e2:96:99:
6f:72:a1:01:fb:63:62:b2:a6:49:a0:a4:ab:18:fc:58:ea:9d:
5c:f7:c0:66:e1:2e:42:80:a3:cb:54:11:ec:6d:43:90:dc:98:
15:51:35:8e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYupaJtp6W/+2Jjyx7oj0X4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjMxMTA3MTA1MTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTFmOWQ1Yjc4ZDNkOWVjNzgxN2E0Mjk4MjUxYzc0ZmM3MDlhYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaT8g0CY3/1A/NB9QbTI3fz6A0Gm
LmVkvtJ3dDQkzG23xyVHpj4nzM8HOqoG9PBUCUfKQ7bUckUvO/w7rHGAXaG6pEB2
rBT+KAo0vUTaIY0pmpW0ju+aeusycEsb+EMPRRA29BFQ6TObSTMmemI8f5UT1UQS
+KWUUUTr++n0CkRP9jBJk1uZzWG/CzyKFqDGBqY6SHI+UP12xtf3j32iJVY7wVg3
06Xq0SPu6ibabvjJiqJTxnkVOqHX1BLcReuuK5roqjCNcKAMc16OMA2skKKHX0xG
n4880lFxSsYZM0M7/MT8wESplWyTjYxRQPrn1qhqYVWDgXeNfkkEAzVTZwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFCUfnVt409nseBekKYJRx0/HCao+MB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvSlItZFczalQyZXg0RjZRcGdsSEhUOGNKcWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQCK/CUAwQC
LQxkAwQBk7nEAwQBk7nOAwQCuWA4AwQCuYgQAwQCwaDcAwQCwajIAwQCwiYwAwQC
z/TEAwQCz/TQMBQEAgACMA4DBQMqBf8AAwUDKgdbQDANBgkqhkiG9w0BAQsFAAOC
AQEAiUrXWAgrXGb5PHssG54nH+A1cBu8wiMxcs/Q0MQnLeepwaM+Og8ZqPCgeGG/
g/bBYf21epXoExvUk4J6Rs7iX8fR/QvQIacGErnRRUtetMXMz35ULrwK9diWnziR
K3PLGMLie9me6JqUbQ2E2SD5HLeJOGvSR7yEh7ez3QAviCP0/awhwa1amlYq7RXH
ydO4bLuKr+oQoozU92XDwEJhiAZJqeXr07SSldLFWdw97bM8xoQGyqB4w9n76/rs
e5+M6HtDXBythUNV1w56GfdMIsJlQQds4paZb3KhAftjYrKmSaCkqxj8WOqdXPfA
ZuEuQoCjy1QR7G1DkNyYFVE1jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:07 2024 by rpki-client on console-fra.rpki-client.org