Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/jtpiKgS7iPB8s68h6j5WMqo4jfQ.roa
File: jtpiKgS7iPB8s68h6j5WMqo4jfQ.roa (raw, json)
Hash identifier: WNdMP64I7Qy8NQM2CQsAnPffjaozbZWIEBxLISfuMWY=
Subject key identifier: 8E:DA:62:2A:04:BB:88:F0:7C:B3:AF:21:EA:3E:56:32:AA:38:8D:F4
Certificate issuer: /CN=e2bd9276a6f78dac1002c3783a18d45ec14b5d43
Certificate serial: 018572A809D0A5D6D4B84C93D01D0CD8F906
Authority key identifier: E2:BD:92:76:A6:F7:8D:AC:10:02:C3:78:3A:18:D4:5E:C1:4B:5D:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4r2Sdqb3jawQAsN4OhjUXsFLXUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/jtpiKgS7iPB8s68h6j5WMqo4jfQ.roa
Signing time: Mon 02 Jan 2023 13:24:53 +0000
ROA not before: Mon 02 Jan 2023 13:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6758
IP address blocks: 185.250.4.0/22 maxlen: 24
88.209.64.0/18 maxlen: 24
80.94.96.0/20 maxlen: 24
195.78.0.0/19 maxlen: 24
87.254.224.0/19 maxlen: 24
82.113.0.0/19 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a8:09:d0:a5:d6:d4:b8:4c:93:d0:1d:0c:d8:f9:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2bd9276a6f78dac1002c3783a18d45ec14b5d43
Validity
Not Before: Jan 2 13:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8eda622a04bb88f07cb3af21ea3e5632aa388df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fb:cc:87:e9:bf:7f:79:c8:63:eb:48:6f:55:
cd:2e:f8:c0:d6:5f:f3:bb:c2:59:54:59:0b:48:2c:
81:6e:e1:a4:c9:b0:e1:4a:14:69:1b:3d:7a:c5:f6:
26:42:e3:f1:02:6f:9b:9b:df:65:dc:29:2b:29:9a:
85:f2:a1:bc:17:0d:0b:9a:7e:06:36:4a:2e:e6:81:
84:9c:ad:1f:72:a6:9a:ba:59:c5:b8:0a:1b:30:1c:
ca:e6:ce:67:a8:8a:e2:47:d6:88:d2:6c:ad:3e:49:
b2:91:73:62:6f:84:4c:11:89:9f:7b:5e:1d:25:e7:
37:be:57:3c:10:fd:ae:e4:35:cf:2a:47:71:ef:3a:
7c:9b:91:ed:ba:d5:61:d0:90:a3:d0:6d:b7:9e:db:
dd:18:63:a0:b3:01:2b:ec:49:fd:5d:5b:58:eb:fe:
1e:01:1e:e6:94:f6:71:94:2b:2c:e0:4c:17:c0:19:
52:5a:8d:06:45:95:25:02:e7:62:01:11:e7:54:7d:
13:9d:25:fb:a7:80:82:49:3e:3b:bc:aa:a2:52:ef:
b4:db:ec:32:c6:06:95:f9:cc:b3:39:db:9e:03:3c:
a1:1c:2d:55:43:4b:47:5c:4f:3e:45:f1:00:5e:bc:
c0:4b:d2:37:9a:84:3a:2c:a8:a6:26:ef:91:55:e8:
c8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:DA:62:2A:04:BB:88:F0:7C:B3:AF:21:EA:3E:56:32:AA:38:8D:F4
X509v3 Authority Key Identifier:
keyid:E2:BD:92:76:A6:F7:8D:AC:10:02:C3:78:3A:18:D4:5E:C1:4B:5D:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4r2Sdqb3jawQAsN4OhjUXsFLXUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/jtpiKgS7iPB8s68h6j5WMqo4jfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/4r2Sdqb3jawQAsN4OhjUXsFLXUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.96.0/20
82.113.0.0/19
87.254.224.0/19
88.209.64.0/18
185.250.4.0/22
195.78.0.0/19
Signature Algorithm: sha256WithRSAEncryption
d3:b3:65:1e:85:78:a9:82:ef:82:2a:a2:85:d6:7d:c5:af:6f:
a0:77:30:d1:88:11:ea:d6:75:30:bc:05:8e:8b:5d:9a:ed:55:
95:27:fb:86:32:62:c7:6d:76:4a:68:74:50:bd:88:d0:ef:52:
38:71:8c:0b:e5:cb:0d:d8:b6:69:27:ec:f8:04:94:48:92:dd:
fc:3b:2c:8c:e7:cf:89:ea:28:16:60:10:d6:81:b5:93:1d:d0:
8f:29:58:57:54:36:73:dd:c7:da:a9:3e:91:c8:f0:97:1a:65:
44:c8:a6:a2:7c:0d:28:34:13:dc:8a:21:cc:74:6b:66:b1:cb:
cc:14:c9:83:52:2e:ef:95:ed:96:f2:56:f9:bc:3d:a8:6f:16:
bc:3c:29:36:51:2f:c6:2c:92:a8:36:2c:44:e6:20:9e:11:b5:
45:fa:57:e1:21:83:08:26:4f:5f:9b:8c:6f:06:62:54:13:31:
a5:30:64:c2:23:44:ee:29:39:ed:c7:e5:f7:b5:e0:fc:0d:8a:
50:8c:df:14:57:28:be:89:b8:5c:7c:2b:cd:dc:0a:83:88:df:
9f:da:b6:b4:6f:a0:fb:59:27:a8:75:10:35:75:7d:5d:0a:02:
4d:5a:08:ff:29:f0:37:7f:c2:48:93:75:d0:d2:6c:f1:9e:ec:
5f:15:4e:30
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVyqAnQpdbUuEyT0B0M2PkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYmQ5Mjc2YTZmNzhkYWMxMDAyYzM3ODNhMThkNDVlYzE0
YjVkNDMwHhcNMjMwMTAyMTMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWRhNjIyYTA0YmI4OGYwN2NiM2FmMjFlYTNlNTYzMmFhMzg4ZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfvMh+m/f3nIY+tIb1XNLvjA1l/z
u8JZVFkLSCyBbuGkybDhShRpGz16xfYmQuPxAm+bm99l3CkrKZqF8qG8Fw0Lmn4G
Nkou5oGEnK0fcqaaulnFuAobMBzK5s5nqIriR9aI0mytPkmykXNib4RMEYmfe14d
Jec3vlc8EP2u5DXPKkdx7zp8m5HtutVh0JCj0G23ntvdGGOgswEr7En9XVtY6/4e
AR7mlPZxlCss4EwXwBlSWo0GRZUlAudiARHnVH0TnSX7p4CCST47vKqiUu+02+wy
xgaV+cyzOdueAzyhHC1VQ0tHXE8+RfEAXrzAS9I3moQ6LKimJu+RVejIrQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI7aYioEu4jwfLOvIeo+VjKqOI30MB8GA1UdIwQY
MBaAFOK9knam942sEALDeDoY1F7BS11DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHIyU2RxYjNqYXdRQXNONE9oalVYc0ZMWFVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9hNTg4MWEtOThlOC00ZTQ1LWJjYjgt
NzFlZWNmODk4ZDQyLzEvanRwaUtnUzdpUEI4czY4aDZqNVdNcW80amZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9hNTg4MWEtOThlOC00ZTQ1LWJjYjgtNzFlZWNmODk4ZDQy
LzEvNHIyU2RxYjNqYXdRQXNONE9oalVYc0ZMWFVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEUF5gAwQF
UnEAAwQFV/7gAwQGWNFAAwQCufoEAwQFw04AMA0GCSqGSIb3DQEBCwUAA4IBAQDT
s2UehXipgu+CKqKF1n3Fr2+gdzDRiBHq1nUwvAWOi12a7VWVJ/uGMmLHbXZKaHRQ
vYjQ71I4cYwL5csN2LZpJ+z4BJRIkt38OyyM58+J6igWYBDWgbWTHdCPKVhXVDZz
3cfaqT6RyPCXGmVEyKaifA0oNBPciiHMdGtmscvMFMmDUi7vle2W8lb5vD2obxa8
PCk2US/GLJKoNixE5iCeEbVF+lfhIYMIJk9fm4xvBmJUEzGlMGTCI0TuKTntx+X3
teD8DYpQjN8UVyi+ibhcfCvN3AqDiN+f2ra0b6D7WSeodRA1dX1dCgJNWgj/KfA3
f8JIk3XQ0mzxnuxfFU4w
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:42 2024 by rpki-client on console-ams.rpki-client.org