Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/JbzYF3hHBpX37naeJaJvuGkPxsA.roa
File: JbzYF3hHBpX37naeJaJvuGkPxsA.roa (raw, json)
Hash identifier: PdcVEnUuRS5NVryyqsVtNftJG6Ydx3RVCRdYK3a7XrY=
Subject key identifier: 25:BC:D8:17:78:47:06:95:F7:EE:76:9E:25:A2:6F:B8:69:0F:C6:C0
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018607E4AD86E38DC3678495D8A6B4617C0A
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/JbzYF3hHBpX37naeJaJvuGkPxsA.roa
Signing time: Tue 31 Jan 2023 12:54:32 +0000
ROA not before: Tue 31 Jan 2023 12:54:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43444
IP address blocks: 5.188.216.0/24 maxlen: 24
5.188.218.0/24 maxlen: 24
5.188.219.0/24 maxlen: 24
37.9.40.0/24 maxlen: 24
37.9.41.0/24 maxlen: 24
37.9.42.0/24 maxlen: 24
37.9.44.0/24 maxlen: 24
37.9.45.0/24 maxlen: 24
37.9.46.0/24 maxlen: 24
37.9.47.0/24 maxlen: 24
146.185.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Feb 2023 13:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:e4:ad:86:e3:8d:c3:67:84:95:d8:a6:b4:61:7c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 31 12:54:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25bcd81778470695f7ee769e25a26fb8690fc6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3b:cb:76:1c:ad:47:10:d6:3b:3c:29:33:d7:
c7:a1:2c:9d:19:67:5c:31:6b:69:13:82:ba:92:29:
44:cb:c3:b0:b2:50:dc:48:48:85:f4:71:76:9c:c1:
5e:96:cb:84:82:0f:7d:e4:e8:6e:a1:01:50:7f:17:
f7:74:fb:09:24:12:82:70:da:9f:50:5a:bd:f4:24:
b7:59:66:4a:ff:64:71:3b:27:42:e8:96:9c:8f:0b:
55:12:1e:dd:6a:88:3d:9c:ca:f4:e2:14:a4:cd:ef:
e7:3d:60:47:df:0a:e4:68:89:41:31:5a:77:42:ff:
15:62:8c:ed:1f:51:49:96:00:d5:9b:e5:17:ff:bc:
41:f6:7e:8d:47:5c:93:e2:7a:95:f4:db:0d:db:de:
43:dc:00:ce:8b:06:71:71:9d:ec:2b:ba:bd:d4:6b:
6f:db:2e:a1:0a:75:74:43:97:53:ea:73:4c:70:fb:
51:25:4c:83:db:fa:02:78:1e:b4:69:1c:b6:95:44:
3f:a8:bb:7c:d4:6f:2e:89:0d:75:6f:24:d8:1b:3c:
7e:2a:c0:b5:fc:e3:13:32:57:d4:bc:c5:d0:10:0e:
5b:b7:b4:ad:08:54:38:7d:94:9f:71:ad:26:ad:49:
3b:03:18:89:b3:63:3e:30:25:50:04:27:37:9e:dc:
e4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BC:D8:17:78:47:06:95:F7:EE:76:9E:25:A2:6F:B8:69:0F:C6:C0
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/JbzYF3hHBpX37naeJaJvuGkPxsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.216.0/24
5.188.218.0/23
37.9.40.0-37.9.42.255
37.9.44.0/22
146.185.207.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:fc:4a:2c:0b:8d:fc:72:ef:c7:7a:97:83:75:87:61:c6:df:
08:7a:bb:07:7a:cc:2e:1a:48:95:84:42:0f:a8:7c:e0:50:ac:
09:d0:ca:a2:b6:9c:34:89:ba:dd:8a:6d:8d:7d:55:0e:50:8e:
e4:05:8b:8c:52:45:27:8b:5e:e9:e0:a5:34:de:98:4a:39:7f:
47:7d:7b:d5:b1:66:86:29:f8:f0:22:91:eb:d7:f3:d3:7e:45:
60:56:9b:1c:20:73:5e:a3:1f:54:f5:6f:b6:88:a6:4b:82:e5:
98:af:c6:49:e7:46:3f:46:ca:0b:b8:f0:b7:28:db:2c:7c:6d:
a2:98:a2:90:82:23:fe:77:62:b0:54:1c:5b:c2:1f:8b:a5:58:
d2:a0:8e:e4:79:12:6d:27:dd:e1:2c:e2:02:5d:d5:03:89:37:
b7:e0:99:51:ca:e5:14:a8:c2:ac:2c:52:89:8a:3c:39:25:f7:
62:b5:26:8b:cc:0d:39:18:be:8f:6e:fe:ab:e4:d2:9c:fb:8a:
2d:dd:75:be:f3:8b:95:e4:2b:2b:55:3a:26:7f:e0:31:03:37:
98:50:38:c8:94:79:c0:a9:97:7e:f0:79:ca:6d:6c:47:f6:0f:
41:38:25:d3:03:e9:b1:1a:07:95:d3:8b:e1:af:e9:c3:1f:44:
90:3b:20:b2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYYH5K2G443DZ4SV2Ka0YXwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTMxMTI1NDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWJjZDgxNzc4NDcwNjk1ZjdlZTc2OWUyNWEyNmZiODY5MGZjNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszvLdhytRxDWOzwpM9fHoSydGWdc
MWtpE4K6kilEy8OwslDcSEiF9HF2nMFelsuEgg995OhuoQFQfxf3dPsJJBKCcNqf
UFq99CS3WWZK/2RxOydC6JacjwtVEh7daog9nMr04hSkze/nPWBH3wrkaIlBMVp3
Qv8VYoztH1FJlgDVm+UX/7xB9n6NR1yT4nqV9NsN295D3ADOiwZxcZ3sK7q91Gtv
2y6hCnV0Q5dT6nNMcPtRJUyD2/oCeB60aRy2lUQ/qLt81G8uiQ11byTYGzx+KsC1
/OMTMlfUvMXQEA5bt7StCFQ4fZSfca0mrUk7AxiJs2M+MCVQBCc3ntzkewIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCW82Bd4RwaV9+52niWib7hpD8bAMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvSmJ6WUYzaEhCcFgzN25hZUphSnZ1R2tQeHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABbzYAwQB
BbzaMAwDBAMlCSgDBAAlCSoDBAIlCSwDBACSuc8wDQYJKoZIhvcNAQELBQADggEB
AKX8SiwLjfxy78d6l4N1h2HG3wh6uwd6zC4aSJWEQg+ofOBQrAnQyqK2nDSJut2K
bY19VQ5QjuQFi4xSRSeLXungpTTemEo5f0d9e9WxZoYp+PAikevX89N+RWBWmxwg
c16jH1T1b7aIpkuC5ZivxknnRj9Gygu48Lco2yx8baKYopCCI/53YrBUHFvCH4ul
WNKgjuR5Em0n3eEs4gJd1QOJN7fgmVHK5RSowqwsUomKPDkl92K1JovMDTkYvo9u
/qvk0pz7ii3ddb7zi5XkKytVOiZ/4DEDN5hQOMiUecCpl37wecptbEf2D0E4JdMD
6bEaB5XTi+Gv6cMfRJA7ILI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:29 2024 by rpki-client on console-fra.rpki-client.org