Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/jBjaSWHgRMjctHsEJEeVhmosU5E.roa
File: jBjaSWHgRMjctHsEJEeVhmosU5E.roa (raw, json)
Hash identifier: A6D2xDOl+sYdhkLb0I17SI4hZMJcal1ND2lol3EO5OY=
Subject key identifier: 8C:18:DA:49:61:E0:44:C8:DC:B4:7B:04:24:47:95:86:6A:2C:53:91
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018D398CE53592BFEFEAF62F6CEF7AF151D2
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/jBjaSWHgRMjctHsEJEeVhmosU5E.roa
Signing time: Wed 24 Jan 2024 03:39:11 +0000
ROA not before: Wed 24 Jan 2024 03:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.198.117.0/24 maxlen: 24
185.109.134.0/24 maxlen: 24
185.109.135.0/24 maxlen: 24
185.146.152.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
2a07:4f80:10::/44 maxlen: 44
2a07:4f80:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Jan 2024 05:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:39:8c:e5:35:92:bf:ef:ea:f6:2f:6c:ef:7a:f1:51:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jan 24 03:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c18da4961e044c8dcb47b04244795866a2c5391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:65:e8:49:3c:9e:21:9e:cd:93:de:ac:2b:91:
b0:fc:82:ef:20:a1:72:e2:d9:c4:f0:91:80:08:53:
d4:f0:8d:e7:07:30:21:a6:c3:cc:7a:8c:a5:79:e0:
a3:98:cc:ff:e0:61:c4:cc:7f:5e:61:c2:42:51:37:
f3:73:1a:85:fd:e6:24:b5:de:27:62:bb:92:ce:03:
be:4b:cc:46:a2:4c:c8:dd:a7:eb:6a:95:9d:60:19:
d8:9f:e8:78:c9:7e:06:be:0a:b0:0f:e1:59:e3:b5:
9d:b9:84:12:a7:ae:98:29:2b:27:bd:06:39:eb:04:
1b:ff:57:ef:a2:e0:db:ca:b8:0b:f4:64:3e:04:5c:
cd:6c:72:97:3a:ce:b8:6f:ef:67:44:ce:f2:52:6d:
52:38:31:85:5b:42:81:28:f5:96:a1:7c:87:af:6e:
96:36:75:0a:66:66:f2:20:55:f0:bd:6b:35:35:80:
96:ca:6b:a2:de:19:c4:63:3e:88:03:d0:d8:34:76:
05:d8:4f:06:78:fb:e3:f2:90:81:4a:b5:ed:34:f6:
59:72:26:d8:19:6e:7f:26:58:fe:c4:50:c2:4a:c9:
3e:ea:4c:27:67:65:88:9e:eb:84:20:44:20:85:04:
eb:fe:e6:88:30:ee:d3:4e:8e:33:45:bf:ad:2d:5e:
69:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:18:DA:49:61:E0:44:C8:DC:B4:7B:04:24:47:95:86:6A:2C:53:91
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/jBjaSWHgRMjctHsEJEeVhmosU5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.117.0/24
185.109.134.0/23
185.146.152.0/24
185.146.154.0/23
IPv6:
2a07:4f80::-2a07:4f80:20:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
45:7a:9e:b9:a6:96:56:09:49:7b:2b:38:3c:44:79:20:d5:2d:
8c:1c:ac:0d:bc:8e:ab:4d:87:d2:24:0c:09:1c:fd:3d:0a:72:
75:8e:0d:d1:b6:2e:62:b3:c9:e8:90:0b:b4:53:f9:45:ff:7c:
b9:59:85:4a:b2:90:29:38:63:16:48:a0:40:24:34:cb:42:c5:
94:a2:72:56:cb:78:5f:ff:f8:3c:02:e5:0d:4d:96:c9:d6:2f:
84:5e:c2:26:79:16:b9:7a:4a:9a:fc:e0:ed:fe:4a:81:5a:3e:
7d:af:d0:9e:5f:d8:bd:73:8d:98:37:2a:35:50:1b:85:69:c7:
b6:9f:26:43:a4:c2:e9:98:60:b8:bc:6d:9a:43:d2:82:6f:58:
2e:65:3d:ca:00:1d:16:7b:47:98:54:76:1b:70:d5:b7:7c:0c:
9a:c3:75:62:c7:22:c4:70:5d:8c:3e:af:f2:02:0f:8d:36:72:
3e:61:ef:84:b4:a4:80:2b:41:77:cc:9e:a4:63:8c:16:df:4c:
6b:e5:60:db:63:fd:8f:e5:50:73:49:54:b6:11:85:d1:68:b1:
4c:b9:57:7f:04:7d:5f:8a:06:71:29:de:3e:4e:fd:df:82:ea:
e0:34:40:7e:41:81:37:36:95:f5:ea:6b:33:28:cf:ca:d0:fa:
76:13:c2:cf
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY05jOU1kr/v6vYvbO968VHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjQwMTI0MDMzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzE4ZGE0OTYxZTA0NGM4ZGNiNDdiMDQyNDQ3OTU4NjZhMmM1MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWXoSTyeIZ7Nk96sK5Gw/ILvIKFy
4tnE8JGACFPU8I3nBzAhpsPMeoyleeCjmMz/4GHEzH9eYcJCUTfzcxqF/eYktd4n
YruSzgO+S8xGokzI3afrapWdYBnYn+h4yX4GvgqwD+FZ47WduYQSp66YKSsnvQY5
6wQb/1fvouDbyrgL9GQ+BFzNbHKXOs64b+9nRM7yUm1SODGFW0KBKPWWoXyHr26W
NnUKZmbyIFXwvWs1NYCWymui3hnEYz6IA9DYNHYF2E8GePvj8pCBSrXtNPZZcibY
GW5/Jlj+xFDCSsk+6kwnZ2WInuuEIEQghQTr/uaIMO7TTo4zRb+tLV5pbwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIwY2klh4ETI3LR7BCRHlYZqLFORMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvakJqYVNXSGdSTWpjdEhzRUpFZVZobW9zVTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAW8Z1AwQB
uW2GAwQAuZKYAwQBuZKaMBgEAgACMBIwEAMFByoHT4ADBwAqB0+AACAwDQYJKoZI
hvcNAQELBQADggEBAEV6nrmmllYJSXsrODxEeSDVLYwcrA28jqtNh9IkDAkc/T0K
cnWODdG2LmKzyeiQC7RT+UX/fLlZhUqykCk4YxZIoEAkNMtCxZSiclbLeF//+DwC
5Q1NlsnWL4RewiZ5Frl6Spr84O3+SoFaPn2v0J5f2L1zjZg3KjVQG4Vpx7afJkOk
wumYYLi8bZpD0oJvWC5lPcoAHRZ7R5hUdhtw1bd8DJrDdWLHIsRwXYw+r/ICD402
cj5h74S0pIArQXfMnqRjjBbfTGvlYNtj/Y/lUHNJVLYRhdFosUy5V38EfV+KBnEp
3j5O/d+C6uA0QH5BgTc2lfXqazMoz8rQ+nYTws8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org