Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/JcLlwRt85Xq5GIlUl9PtfKcDn9I.roa
File: JcLlwRt85Xq5GIlUl9PtfKcDn9I.roa (raw, json)
Hash identifier: D8uEb/wps8msTK9dVF38NkhXKNdEewzqOyIhLleKfos=
Subject key identifier: 25:C2:E5:C1:1B:7C:E5:7A:B9:18:89:54:97:D3:ED:7C:A7:03:9F:D2
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018A1C17549C2AF6ECBD0CF02D32514F95E7
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/JcLlwRt85Xq5GIlUl9PtfKcDn9I.roa
Signing time: Tue 22 Aug 2023 07:13:25 +0000
ROA not before: Tue 22 Aug 2023 07:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209813
IP address blocks: 5.8.66.0/24 maxlen: 24
5.8.67.0/24 maxlen: 24
5.188.50.0/24 maxlen: 24
5.188.195.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:17:54:9c:2a:f6:ec:bd:0c:f0:2d:32:51:4f:95:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Aug 22 07:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25c2e5c11b7ce57ab918895497d3ed7ca7039fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e2:45:9e:19:a2:46:94:b0:23:77:37:94:af:
a8:59:aa:01:d6:88:19:21:30:2e:d6:49:4d:ec:43:
e9:d6:4e:fd:36:ce:1c:af:89:3c:43:79:8f:ef:03:
fc:6a:ef:6a:15:e3:c2:aa:14:89:1d:63:d4:34:b5:
8d:38:f0:16:3c:c8:68:e8:c2:66:76:df:f9:1e:79:
b7:db:e5:20:3e:1a:48:12:0b:4d:30:e8:95:2f:5c:
32:8d:81:4d:9b:fa:fb:4a:26:0e:7c:13:9c:2e:34:
d9:e3:13:7a:c8:51:f7:09:51:16:ce:0a:ee:ce:5b:
8c:06:a7:db:56:43:48:c7:95:d4:91:91:d7:99:33:
b7:c8:0e:46:a0:25:47:9d:e7:8e:6e:48:59:f5:f1:
14:7e:f5:30:94:de:f8:19:1a:e2:27:63:aa:4d:5a:
2d:35:40:98:74:ea:42:aa:ca:d1:98:24:9a:9f:d3:
a9:05:80:4f:3f:44:74:03:3a:3b:e1:5c:b7:12:a3:
30:8c:57:fc:f5:2f:2e:dd:75:3b:d6:6b:d5:15:f6:
22:a2:ce:af:ea:b7:e3:72:6e:11:fc:a0:96:43:f3:
1b:b9:66:e9:2c:14:f9:a8:f0:3d:a4:48:d3:01:ba:
1c:17:b3:82:6e:54:15:44:33:5b:09:1e:b4:9c:e3:
25:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C2:E5:C1:1B:7C:E5:7A:B9:18:89:54:97:D3:ED:7C:A7:03:9F:D2
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/JcLlwRt85Xq5GIlUl9PtfKcDn9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.66.0/23
5.188.50.0/24
5.188.195.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:42:db:27:8b:47:d5:8f:c0:a8:f0:a0:d1:29:2b:b2:76:e4:
5a:c9:44:fb:96:1d:55:12:05:85:fe:c9:15:13:8c:8f:80:f1:
4b:22:9e:ab:8d:2b:58:bf:d4:f6:c5:ba:34:f7:02:e4:ac:96:
25:94:30:09:79:7d:7e:6d:02:f4:51:a0:b0:bd:3a:6c:36:77:
86:90:a8:36:b6:4f:f0:49:45:3c:75:7b:78:5a:0b:75:0e:73:
9f:21:a2:2b:4a:71:0c:ef:72:39:1b:6c:dc:85:3f:ef:6b:7f:
6e:27:79:3b:1f:6a:57:21:75:57:fe:3f:f3:6c:8a:0b:d4:81:
d1:31:b0:86:26:a0:b8:69:c5:cb:c0:d9:5f:0f:fa:60:c2:22:
5e:76:0b:dc:d1:b5:0f:fa:e2:66:f9:61:ba:dc:99:96:92:cb:
40:76:d3:a4:e1:ee:dd:61:5c:56:cd:30:8e:a9:15:aa:5e:be:
09:c1:89:4a:ad:f5:0f:b2:b4:a9:7e:8b:14:c1:64:12:0b:bc:
66:ff:57:75:08:b4:f8:3f:a6:8a:c0:81:d9:35:09:e8:94:88:
d0:66:17:55:3b:64:43:a4:34:b9:cf:2d:73:78:29:60:c0:be:
d9:1d:03:e0:e3:d7:42:71:e9:a7:9d:f0:2e:69:c3:7e:aa:47:
2c:c3:9f:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYocF1ScKvbsvQzwLTJRT5XnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwODIyMDcxMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWMyZTVjMTFiN2NlNTdhYjkxODg5NTQ5N2QzZWQ3Y2E3MDM5ZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOJFnhmiRpSwI3c3lK+oWaoB1ogZ
ITAu1klN7EPp1k79Ns4cr4k8Q3mP7wP8au9qFePCqhSJHWPUNLWNOPAWPMho6MJm
dt/5Hnm32+UgPhpIEgtNMOiVL1wyjYFNm/r7SiYOfBOcLjTZ4xN6yFH3CVEWzgru
zluMBqfbVkNIx5XUkZHXmTO3yA5GoCVHneeObkhZ9fEUfvUwlN74GRriJ2OqTVot
NUCYdOpCqsrRmCSan9OpBYBPP0R0Azo74Vy3EqMwjFf89S8u3XU71mvVFfYios6v
6rfjcm4R/KCWQ/MbuWbpLBT5qPA9pEjTAbocF7OCblQVRDNbCR60nOMlcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCXC5cEbfOV6uRiJVJfT7XynA5/SMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvSmNMbHdSdDg1WHE1R0lsVWw5UHRmS2NEbjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBQhCAwQA
BbwyAwQABbzDMA0GCSqGSIb3DQEBCwUAA4IBAQAdQtsni0fVj8Co8KDRKSuyduRa
yUT7lh1VEgWF/skVE4yPgPFLIp6rjStYv9T2xbo09wLkrJYllDAJeX1+bQL0UaCw
vTpsNneGkKg2tk/wSUU8dXt4Wgt1DnOfIaIrSnEM73I5G2zchT/va39uJ3k7H2pX
IXVX/j/zbIoL1IHRMbCGJqC4acXLwNlfD/pgwiJedgvc0bUP+uJm+WG63JmWkstA
dtOk4e7dYVxWzTCOqRWqXr4JwYlKrfUPsrSpfosUwWQSC7xm/1d1CLT4P6aKwIHZ
NQnolIjQZhdVO2RDpDS5zy1zeClgwL7ZHQPg49dCcemnnfAuacN+qkcsw5+g
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:47 2024 by rpki-client on console-ams.rpki-client.org