Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/J1OYSePp0H27gVi9_B0RQZ8_iMI.roa
File: J1OYSePp0H27gVi9_B0RQZ8_iMI.roa (raw, json)
Hash identifier: zDfiFsP+XdDub97ld+W8r01rEgUl0FpVDakhXdCpUkk=
Subject key identifier: 27:53:98:49:E3:E9:D0:7D:BB:81:58:BD:FC:1D:11:41:9F:3F:88:C2
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018AD41826CFD13590BA19D0EA0B2AB3CA1C
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/J1OYSePp0H27gVi9_B0RQZ8_iMI.roa
Signing time: Wed 27 Sep 2023 00:44:27 +0000
ROA not before: Wed 27 Sep 2023 00:44:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.94.136.0/24 maxlen: 24
45.94.139.0/24 maxlen: 24
5.253.184.0/23 maxlen: 23
185.114.204.0/24 maxlen: 24
5.253.187.0/24 maxlen: 24
193.135.220.0/22 maxlen: 22
88.214.0.0/24 maxlen: 24
88.214.1.0/24 maxlen: 24
88.214.2.0/24 maxlen: 24
88.214.3.0/24 maxlen: 24
88.218.196.0/22 maxlen: 22
185.219.160.0/24 maxlen: 24
185.219.163.0/24 maxlen: 24
45.81.161.0/24 maxlen: 24
45.81.162.0/24 maxlen: 24
45.81.163.0/24 maxlen: 24
45.130.33.0/24 maxlen: 24
45.130.34.0/23 maxlen: 23
193.111.184.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d4:18:26:cf:d1:35:90:ba:19:d0:ea:0b:2a:b3:ca:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Sep 27 00:44:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27539849e3e9d07dbb8158bdfc1d11419f3f88c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0a:9c:a2:8b:82:6e:81:e5:69:f3:60:ba:f9:
9c:06:e8:82:e4:3e:82:57:bb:d5:d5:63:9d:cd:9b:
bd:e6:03:51:be:70:d7:5e:9e:74:b0:c4:a2:4d:2f:
d0:62:39:d8:17:09:38:14:fe:c1:90:b0:1a:49:c7:
25:0b:55:af:ee:c3:d8:99:74:2f:4c:67:f2:15:4e:
fa:02:ef:40:f8:28:b4:54:b2:48:92:62:5c:31:1f:
9a:57:f1:4f:5c:da:00:4c:37:5d:f0:49:01:f3:f7:
a0:91:5b:a6:c0:61:bc:c8:eb:b4:23:58:a4:4c:1d:
04:53:85:a9:18:59:82:4d:32:dc:fb:f6:cf:0d:8d:
d9:26:16:5e:7d:0e:64:14:88:50:21:bc:bc:d3:9f:
ed:a5:cf:3d:e6:55:b7:8c:36:06:92:90:9b:56:d2:
67:8c:62:e3:6c:6a:77:f1:be:6a:7f:9f:09:50:24:
c7:f7:ad:63:99:d8:ab:2d:d1:63:f9:3e:49:8f:b6:
9b:41:3a:43:2e:98:de:17:3c:35:5d:da:53:b5:2f:
36:73:49:f5:33:2c:5e:07:cf:19:ab:76:24:9f:02:
83:1c:e0:e2:95:51:55:59:b2:b4:65:e9:a0:62:6d:
db:a5:2b:47:7a:73:c1:a3:34:02:2f:c1:a3:79:4b:
56:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:53:98:49:E3:E9:D0:7D:BB:81:58:BD:FC:1D:11:41:9F:3F:88:C2
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/J1OYSePp0H27gVi9_B0RQZ8_iMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.184.0/23
5.253.187.0/24
45.81.161.0-45.81.163.255
45.94.136.0/24
45.94.139.0/24
45.130.33.0-45.130.35.255
88.214.0.0/22
88.218.196.0/22
185.114.204.0/24
185.219.160.0/24
185.219.163.0/24
193.111.184.0/22
193.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:fa:f6:43:c6:b5:dc:d9:40:62:76:f5:c7:c5:c7:19:ba:52:
d3:b2:5d:0d:7c:10:3a:f5:8a:f1:fb:c8:be:8e:c8:92:a8:20:
b0:21:5f:e0:d2:38:c5:b7:69:7f:a3:b1:02:3c:88:cc:b8:ef:
57:37:01:55:77:4c:18:f2:98:5f:97:02:bc:6a:ac:af:68:b9:
a7:91:9e:2d:81:1c:00:35:8e:ff:d0:71:b3:55:34:95:6c:cc:
02:40:b3:7a:3c:9f:68:65:c7:51:25:2c:9d:27:13:aa:64:1c:
31:8b:c4:f5:27:00:bc:2e:0c:a4:22:19:95:5f:66:43:61:83:
38:b1:5b:3a:75:fa:2f:a5:6e:17:60:78:23:21:da:34:cc:d6:
5d:40:c9:17:71:e0:cc:23:6d:c4:51:f9:87:80:e5:0d:d4:de:
1c:f9:b4:0e:39:a5:c4:99:50:42:77:4b:71:01:f5:10:83:a1:
12:4e:f9:bc:19:2b:46:55:c1:9e:92:62:58:99:05:7f:2d:89:
15:a5:74:3a:5c:cb:62:23:85:f4:9c:3e:50:bd:c7:4d:d8:62:
c5:c5:20:83:0b:ab:93:d2:cd:e2:73:c1:0b:6e:25:9f:38:21:
b9:ca:ce:ad:30:7a:fc:ce:41:81:63:c9:51:16:8f:fa:9a:4b:
ce:84:ec:4d
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYrUGCbP0TWQuhnQ6gsqs8ocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMwOTI3MDA0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzUzOTg0OWUzZTlkMDdkYmI4MTU4YmRmYzFkMTE0MTlmM2Y4OGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQqcoouCboHlafNguvmcBuiC5D6C
V7vV1WOdzZu95gNRvnDXXp50sMSiTS/QYjnYFwk4FP7BkLAaScclC1Wv7sPYmXQv
TGfyFU76Au9A+Ci0VLJIkmJcMR+aV/FPXNoATDdd8EkB8/egkVumwGG8yOu0I1ik
TB0EU4WpGFmCTTLc+/bPDY3ZJhZefQ5kFIhQIby805/tpc895lW3jDYGkpCbVtJn
jGLjbGp38b5qf58JUCTH961jmdirLdFj+T5Jj7abQTpDLpjeFzw1XdpTtS82c0n1
MyxeB88Zq3YknwKDHODilVFVWbK0ZemgYm3bpStHenPBozQCL8GjeUtWMwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFCdTmEnj6dB9u4FYvfwdEUGfP4jCMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvSjFPWVNlUHAwSDI3Z1ZpOV9CMFJRWjhfaU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQBBf24AwQA
Bf27MAwDBAAtUaEDBAItUaADBAAtXogDBAAtXoswDAMEAC2CIQMEAi2CIAMEAljW
AAMEAljaxAMEALlyzAMEALnboAMEALnbowMEAsFvuAMEAsGH3DANBgkqhkiG9w0B
AQsFAAOCAQEAe/r2Q8a13NlAYnb1x8XHGbpS07JdDXwQOvWK8fvIvo7IkqggsCFf
4NI4xbdpf6OxAjyIzLjvVzcBVXdMGPKYX5cCvGqsr2i5p5GeLYEcADWO/9Bxs1U0
lWzMAkCzejyfaGXHUSUsnScTqmQcMYvE9ScAvC4MpCIZlV9mQ2GDOLFbOnX6L6Vu
F2B4IyHaNMzWXUDJF3HgzCNtxFH5h4DlDdTeHPm0DjmlxJlQQndLcQH1EIOhEk75
vBkrRlXBnpJiWJkFfy2JFaV0OlzLYiOF9Jw+UL3HTdhixcUggwurk9LN4nPBC24l
nzghucrOrTB6/M5BgWPJURaP+ppLzoTsTQ==
-----END CERTIFICATE-----
Generated at Mon Oct 2 12:21:42 2023 by rpki-client on console-ams.rpki-client.org