Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/jj_q8ug6Vh1Q5M486Ce0gw7PFNU.roa
File: jj_q8ug6Vh1Q5M486Ce0gw7PFNU.roa (raw, json)
Hash identifier: Lan81RCNZxGjKkHPusqBMcJONzIFKjmPMUiewFRI3CA=
Subject key identifier: 8E:3F:EA:F2:E8:3A:56:1D:50:E4:CE:3C:E8:27:B4:83:0E:CF:14:D5
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 018CC9BA70C810E400FE05E471763F12B6BF
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/jj_q8ug6Vh1Q5M486Ce0gw7PFNU.roa
Signing time: Tue 02 Jan 2024 10:31:28 +0000
ROA not before: Tue 02 Jan 2024 10:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15755
IP address blocks: 185.96.171.0/24 maxlen: 24
94.103.40.0/24 maxlen: 24
185.35.21.0/24 maxlen: 24
185.203.34.0/24 maxlen: 24
185.203.32.0/24 maxlen: 24
2a0a:e0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 28 Feb 2024 07:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:70:c8:10:e4:00:fe:05:e4:71:76:3f:12:b6:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 2 10:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e3feaf2e83a561d50e4ce3ce827b4830ecf14d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5a:ca:70:43:b3:aa:bb:72:88:39:65:f2:b3:
5b:b5:22:f0:0b:4b:39:a8:38:d0:28:4d:e3:d2:31:
a4:eb:13:43:3e:5f:97:2a:0d:97:e7:fc:46:8c:58:
cc:29:ba:00:4c:44:57:73:30:b4:1a:03:31:4e:30:
2c:74:8c:7d:97:ef:30:66:62:c1:b7:bc:a6:2d:d0:
a8:ed:77:75:1c:c5:32:8a:15:27:f9:1f:97:29:35:
d7:1c:27:4d:4a:a3:aa:99:32:a3:0d:ba:5e:b5:d9:
a0:79:e9:d3:12:70:3a:b2:3d:40:fa:db:1d:18:f6:
38:da:05:39:f9:ea:37:81:16:9f:09:2e:75:68:99:
4a:5e:d7:ef:9d:19:68:93:4c:3a:3c:9e:a2:bc:9b:
25:3f:1b:bc:27:de:e2:2d:bb:aa:7a:04:2d:d0:31:
90:44:6b:39:45:79:0d:92:aa:60:6a:87:a0:6d:dc:
ff:4d:34:d9:7a:2e:6f:48:eb:c4:48:c6:88:93:e0:
42:70:7b:63:e2:f3:97:e2:b3:5e:c1:bd:2f:34:c4:
c8:ad:13:e6:db:c8:4c:d0:1f:29:62:31:8e:eb:53:
5d:40:d7:31:54:77:76:7a:f7:ef:28:df:d1:68:e7:
ea:ed:b4:e3:ff:84:1d:a2:93:17:6e:af:2b:d9:21:
7a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:3F:EA:F2:E8:3A:56:1D:50:E4:CE:3C:E8:27:B4:83:0E:CF:14:D5
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/jj_q8ug6Vh1Q5M486Ce0gw7PFNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.40.0/24
185.35.21.0/24
185.96.171.0/24
185.203.32.0/24
185.203.34.0/24
IPv6:
2a0a:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
bc:db:ea:42:95:c4:ca:90:5b:a3:78:f0:89:de:d1:75:2d:6d:
6c:c5:fc:cc:26:7c:44:fb:b4:3b:f1:30:d0:3e:7c:a1:d1:85:
79:43:30:b2:d3:c4:0b:c3:53:cb:00:de:cc:29:c9:d3:34:79:
62:b0:09:a6:ae:4e:2d:2c:fc:cc:c2:d4:0e:fa:24:9e:d0:cc:
33:34:d7:0d:9d:c5:95:82:27:13:4c:be:1f:85:c0:f0:41:70:
68:ad:35:66:8e:d3:19:a6:3a:d4:ce:c0:08:77:a9:ac:a6:cf:
86:bd:78:d0:46:59:d8:00:1b:24:96:c1:25:2b:c4:7e:b6:73:
db:8e:de:78:8f:a9:52:f5:9d:1d:5c:bb:b7:a4:94:39:2c:5b:
9a:7a:e8:5b:f4:89:6e:69:3f:9a:37:db:f3:62:c0:77:10:f2:
9d:0d:0c:7a:d9:7e:27:46:8e:a1:c5:6f:92:ed:8d:a7:11:40:
44:2e:41:98:bc:ae:d6:15:19:49:d4:d2:f8:b6:67:c0:10:ce:
59:ec:51:14:2d:8d:c1:1d:8a:b6:bb:2e:53:9e:23:97:5e:0d:
cb:95:eb:0b:74:06:cd:92:14:4e:d5:3a:23:b0:07:c8:b1:36:
d8:3f:e1:60:32:1b:78:83:ad:b8:a3:77:8e:2c:61:7f:bd:04:
0f:e0:2e:59
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzJunDIEOQA/gXkcXY/Era/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjQwMTAyMTAzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTNmZWFmMmU4M2E1NjFkNTBlNGNlM2NlODI3YjQ4MzBlY2YxNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1rKcEOzqrtyiDll8rNbtSLwC0s5
qDjQKE3j0jGk6xNDPl+XKg2X5/xGjFjMKboATERXczC0GgMxTjAsdIx9l+8wZmLB
t7ymLdCo7Xd1HMUyihUn+R+XKTXXHCdNSqOqmTKjDbpetdmgeenTEnA6sj1A+tsd
GPY42gU5+eo3gRafCS51aJlKXtfvnRlok0w6PJ6ivJslPxu8J97iLbuqegQt0DGQ
RGs5RXkNkqpgaoegbdz/TTTZei5vSOvESMaIk+BCcHtj4vOX4rNewb0vNMTIrRPm
28hM0B8pYjGO61NdQNcxVHd2evfvKN/RaOfq7bTj/4QdopMXbq8r2SF6FwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFI4/6vLoOlYdUOTOPOgntIMOzxTVMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvampfcTh1ZzZWaDFRNU00ODZDZTBndzdQRk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAXmcoAwQA
uSMVAwQAuWCrAwQAucsgAwQAucsiMA0EAgACMAcDBQMqCuDAMA0GCSqGSIb3DQEB
CwUAA4IBAQC82+pClcTKkFujePCJ3tF1LW1sxfzMJnxE+7Q78TDQPnyh0YV5QzCy
08QLw1PLAN7MKcnTNHlisAmmrk4tLPzMwtQO+iSe0MwzNNcNncWVgicTTL4fhcDw
QXBorTVmjtMZpjrUzsAId6msps+GvXjQRlnYABsklsElK8R+tnPbjt54j6lS9Z0d
XLu3pJQ5LFuaeuhb9IluaT+aN9vzYsB3EPKdDQx62X4nRo6hxW+S7Y2nEUBELkGY
vK7WFRlJ1NL4tmfAEM5Z7FEULY3BHYq2uy5TniOXXg3LlesLdAbNkhRO1TojsAfI
sTbYP+FgMht4g624o3eOLGF/vQQP4C5Z
-----END CERTIFICATE-----
Generated at Wed Feb 28 11:28:43 2024 by rpki-client on console-ams.rpki-client.org