Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Jgq4nvoUgHrdzBbi67wbnQuVIw0.roa
File: Jgq4nvoUgHrdzBbi67wbnQuVIw0.roa (raw, json)
Hash identifier: 6qv0D1PQdkRaqpKmTGSdYiEPY8XVLk6SHwN6Gw5cuVc=
Subject key identifier: 26:0A:B8:9E:FA:14:80:7A:DD:CC:16:E2:EB:BC:1B:9D:0B:95:23:0D
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 01891D31CD9F2F587A0E6E6D1623E6111AD8
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Jgq4nvoUgHrdzBbi67wbnQuVIw0.roa
Signing time: Mon 03 Jul 2023 19:19:10 +0000
ROA not before: Mon 03 Jul 2023 19:19:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35758
IP address blocks: 45.94.138.0/24 maxlen: 24
5.253.186.0/24 maxlen: 24
185.219.162.0/24 maxlen: 24
185.114.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1d:31:cd:9f:2f:58:7a:0e:6e:6d:16:23:e6:11:1a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jul 3 19:19:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=260ab89efa14807addcc16e2ebbc1b9d0b95230d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f0:93:4a:11:32:e3:da:a2:a9:40:1c:8b:fb:
f7:05:0e:d4:cb:75:b8:06:48:75:3d:e7:27:c2:6b:
67:15:10:94:f0:f0:81:1d:80:87:1a:95:cf:33:d7:
fc:cd:0e:ff:1e:64:e9:29:db:0b:5c:a6:c4:e0:89:
eb:4b:2d:a4:8f:f9:37:eb:75:25:05:2f:64:1c:3d:
24:7a:e8:59:11:7e:8d:91:f0:2b:a9:a5:60:32:92:
f1:c9:9a:d2:e5:bb:30:2a:59:ac:bf:f4:b7:76:54:
42:f2:8c:a5:23:02:19:6f:87:dc:41:cf:44:18:ec:
10:1c:54:fb:d4:27:6f:96:aa:be:b4:cb:a4:00:1f:
3b:d1:43:42:2d:81:56:45:2d:89:06:57:93:c2:12:
de:bf:12:68:51:59:8f:d3:2d:7f:5e:e3:39:90:0a:
e6:d0:17:5d:57:6f:65:24:77:1a:db:17:38:e7:d0:
5b:3e:8a:02:e4:8f:f1:f2:6f:02:a6:07:2a:f2:9b:
7b:ae:96:72:61:3e:39:f8:67:94:9a:0e:67:d6:9c:
04:a5:fe:d0:21:ea:44:67:ce:4a:fb:3b:ee:43:6e:
32:90:3a:49:e4:f7:44:dd:bb:fa:d3:77:70:39:c1:
c4:a1:c6:c6:c3:9f:2b:1a:5f:6d:49:c7:2d:9e:93:
9b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:0A:B8:9E:FA:14:80:7A:DD:CC:16:E2:EB:BC:1B:9D:0B:95:23:0D
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Jgq4nvoUgHrdzBbi67wbnQuVIw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.186.0/24
45.94.138.0/24
185.114.205.0/24
185.219.162.0/24
Signature Algorithm: sha256WithRSAEncryption
79:65:17:a2:e8:57:f0:04:60:4a:d5:9f:4b:6c:2e:f1:2d:31:
2d:7e:e5:0b:5c:64:62:e1:ce:39:77:dc:62:f0:c5:9f:bc:43:
68:32:96:b3:e4:b6:a9:96:0e:01:48:58:12:2b:72:0a:43:2f:
d4:ef:4b:a0:62:44:21:d6:73:66:7d:2d:2e:5c:a4:ae:0e:f4:
b1:cc:c9:a5:33:8d:d2:12:45:76:93:df:03:27:64:b6:ec:52:
1e:e8:83:cc:79:24:27:98:60:b2:d5:3f:1e:cb:62:36:8d:40:
40:11:60:ad:b1:4f:4c:4d:c6:e5:35:76:21:3b:27:a3:9f:1e:
99:85:3b:ec:7d:72:1e:b5:9b:e9:86:32:6c:d0:9e:e8:e9:69:
1a:9f:3d:4d:f0:79:d5:1c:a8:cb:f4:5b:3e:13:36:da:41:05:
76:b9:c8:08:06:a8:55:72:0d:a5:89:80:f1:a9:47:9a:85:c8:
79:a0:a1:ea:3d:f8:dd:f7:4c:41:95:7b:23:89:be:f1:e1:76:
9d:c2:64:2e:e8:8c:e0:c5:b2:1f:f9:07:1c:95:13:d5:88:45:
b6:ed:e0:ce:71:e5:72:7a:d9:7b:37:13:6f:8c:a8:f0:3c:81:
40:ff:06:8d:33:ef:32:52:86:aa:8d:99:b9:30:84:e5:b1:d8:
3d:9a:44:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkdMc2fL1h6Dm5tFiPmERrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMwNzAzMTkxOTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjBhYjg5ZWZhMTQ4MDdhZGRjYzE2ZTJlYmJjMWI5ZDBiOTUyMzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfCTShEy49qiqUAci/v3BQ7Uy3W4
Bkh1PecnwmtnFRCU8PCBHYCHGpXPM9f8zQ7/HmTpKdsLXKbE4InrSy2kj/k363Ul
BS9kHD0keuhZEX6NkfArqaVgMpLxyZrS5bswKlmsv/S3dlRC8oylIwIZb4fcQc9E
GOwQHFT71Cdvlqq+tMukAB870UNCLYFWRS2JBleTwhLevxJoUVmP0y1/XuM5kArm
0BddV29lJHca2xc459BbPooC5I/x8m8Cpgcq8pt7rpZyYT45+GeUmg5n1pwEpf7Q
IepEZ85K+zvuQ24ykDpJ5PdE3bv603dwOcHEocbGw58rGl9tScctnpObFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCYKuJ76FIB63cwW4uu8G50LlSMNMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvSmdxNG52b1VnSHJkekJiaTY3d2JuUXVWSXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABf26AwQA
LV6KAwQAuXLNAwQAuduiMA0GCSqGSIb3DQEBCwUAA4IBAQB5ZRei6FfwBGBK1Z9L
bC7xLTEtfuULXGRi4c45d9xi8MWfvENoMpaz5Laplg4BSFgSK3IKQy/U70ugYkQh
1nNmfS0uXKSuDvSxzMmlM43SEkV2k98DJ2S27FIe6IPMeSQnmGCy1T8ey2I2jUBA
EWCtsU9MTcblNXYhOyejnx6ZhTvsfXIetZvphjJs0J7o6Wkanz1N8HnVHKjL9Fs+
EzbaQQV2ucgIBqhVcg2liYDxqUeahch5oKHqPfjd90xBlXsjib7x4XadwmQu6Izg
xbIf+QcclRPViEW27eDOceVyetl7NxNvjKjwPIFA/waNM+8yUoaqjZm5MITlsdg9
mkTO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:16 2024 by rpki-client on console-fra.rpki-client.org