Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/jk5vVBbYuFnaxeo_pGj0r4Um9TE.roa
File: jk5vVBbYuFnaxeo_pGj0r4Um9TE.roa (raw, json)
Hash identifier: pKX/I0MOxU5H79LjOEg9D58LUMMuAY/es3qnCwb2W0Q=
Subject key identifier: 8E:4E:6F:54:16:D8:B8:59:DA:C5:EA:3F:A4:68:F4:AF:85:26:F5:31
Certificate issuer: /CN=2aa14bff83480d10cd0fbebb80b2cb5091fcf82f
Certificate serial: 0185715E913DE412182925BAD6B9792195F9
Authority key identifier: 2A:A1:4B:FF:83:48:0D:10:CD:0F:BE:BB:80:B2:CB:50:91:FC:F8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/jk5vVBbYuFnaxeo_pGj0r4Um9TE.roa
Signing time: Mon 02 Jan 2023 07:25:01 +0000
ROA not before: Mon 02 Jan 2023 07:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47562
IP address blocks: 94.198.32.0/21 maxlen: 24
62.122.144.0/21 maxlen: 24
185.46.96.0/22 maxlen: 24
93.91.112.0/20 maxlen: 24
46.175.192.0/21 maxlen: 24
2a03:ce80::/32 maxlen: 56
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:91:3d:e4:12:18:29:25:ba:d6:b9:79:21:95:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa14bff83480d10cd0fbebb80b2cb5091fcf82f
Validity
Not Before: Jan 2 07:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e4e6f5416d8b859dac5ea3fa468f4af8526f531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b4:13:ec:cf:93:2f:11:73:16:47:96:53:95:
d9:bb:b7:36:c2:bd:9b:6e:d2:6e:55:76:ad:f0:1f:
d0:e6:7e:db:8b:b6:8a:21:87:58:a1:cd:5b:bb:f8:
ed:02:c3:c0:ab:e6:5b:f3:71:f6:e8:ff:01:f2:6c:
97:04:58:98:a6:3b:34:12:da:66:a9:b8:97:fa:1a:
0d:12:55:57:19:2f:e1:ce:44:b9:51:ac:dc:f3:03:
82:3d:78:6f:88:b2:dc:58:e2:6d:f3:47:d9:ce:75:
55:60:ea:c9:cd:01:14:a2:a1:b4:9f:3c:d0:cc:3c:
9d:b6:61:9b:96:ee:73:0f:8b:66:b1:6f:30:fe:4a:
83:9d:1d:4a:2c:52:44:83:77:e2:29:91:8d:5e:18:
dc:a1:75:42:ba:5c:0c:c8:14:d0:29:7d:89:97:2e:
b3:63:20:57:c9:85:16:f7:c7:5b:d2:12:63:e8:d8:
31:b9:70:27:9c:cc:fe:97:d2:6f:e8:b2:4d:84:41:
7b:ec:3b:4b:be:69:b8:62:a1:5e:0b:2b:a7:6e:a1:
9b:52:57:54:e3:9e:e8:6a:01:66:78:41:b2:c9:c5:
16:96:aa:19:3d:dc:b6:6d:3d:bf:ed:1d:b4:67:95:
3e:1b:d4:c0:a2:8c:23:c1:23:72:1b:f9:03:50:94:
1c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4E:6F:54:16:D8:B8:59:DA:C5:EA:3F:A4:68:F4:AF:85:26:F5:31
X509v3 Authority Key Identifier:
keyid:2A:A1:4B:FF:83:48:0D:10:CD:0F:BE:BB:80:B2:CB:50:91:FC:F8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/jk5vVBbYuFnaxeo_pGj0r4Um9TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/KqFL_4NIDRDND767gLLLUJH8-C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.192.0/21
62.122.144.0/21
93.91.112.0/20
94.198.32.0/21
185.46.96.0/22
IPv6:
2a03:ce80::/32
Signature Algorithm: sha256WithRSAEncryption
6c:8d:74:b5:09:85:bb:ea:69:32:a1:24:49:3d:e6:09:e0:31:
b3:6b:43:47:82:65:8f:a5:76:c9:e8:0b:65:13:80:73:a5:c1:
84:99:32:b8:81:97:02:13:7c:c4:51:3e:7d:42:ef:45:39:38:
8b:b3:68:68:8b:3b:75:de:63:90:c4:a2:1f:f5:0a:b9:ce:c1:
b0:16:a7:b4:de:e1:96:29:37:d4:b1:4f:62:7c:e8:73:41:60:
63:fa:1a:6f:ef:d5:81:4e:73:e6:a9:75:a4:f1:75:73:40:d8:
d0:e2:f7:5c:7e:5e:8e:60:5d:43:9e:7f:42:49:da:1f:ff:32:
36:be:f8:b1:ff:51:35:1e:bd:2c:84:6b:aa:3e:3b:28:2d:96:
1c:29:bf:c3:84:90:b7:da:5c:38:d9:4a:d0:6d:dd:ee:a0:15:
0f:e8:46:ad:42:09:5f:23:75:de:b6:57:1c:7f:c4:96:fe:14:
b1:55:7f:ef:92:fb:3b:b8:05:53:6f:e8:ab:6e:aa:45:db:71:
01:5b:9e:f5:e1:bc:1b:f1:04:5e:e8:c3:0c:f4:8b:da:71:e1:
00:ac:82:2b:00:2e:53:f3:ba:6b:96:b7:81:b8:a8:ff:33:ad:
86:ba:d2:09:c7:9a:82:70:16:39:a8:c8:b7:78:ec:ae:05:30:
43:d1:34:a9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVxXpE95BIYKSW61rl5IZX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTE0YmZmODM0ODBkMTBjZDBmYmViYjgwYjJjYjUwOTFm
Y2Y4MmYwHhcNMjMwMTAyMDcyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTRlNmY1NDE2ZDhiODU5ZGFjNWVhM2ZhNDY4ZjRhZjg1MjZmNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurQT7M+TLxFzFkeWU5XZu7c2wr2b
btJuVXat8B/Q5n7bi7aKIYdYoc1bu/jtAsPAq+Zb83H26P8B8myXBFiYpjs0Etpm
qbiX+hoNElVXGS/hzkS5Uazc8wOCPXhviLLcWOJt80fZznVVYOrJzQEUoqG0nzzQ
zDydtmGblu5zD4tmsW8w/kqDnR1KLFJEg3fiKZGNXhjcoXVCulwMyBTQKX2Jly6z
YyBXyYUW98db0hJj6NgxuXAnnMz+l9Jv6LJNhEF77DtLvmm4YqFeCyunbqGbUldU
457oagFmeEGyycUWlqoZPdy2bT2/7R20Z5U+G9TAoowjwSNyG/kDUJQciQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFI5Ob1QW2LhZ2sXqP6Ro9K+FJvUxMB8GA1UdIwQY
MBaAFCqhS/+DSA0QzQ++u4Cyy1CR/PgvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FGTF80TklEUkRORDc2N2dMTExVSkg4LUM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMTk4MTEtZmEyMy00N2IwLWI1Nzct
MTc2OThmODhjM2JkLzEvams1dlZCYll1Rm5heGVvX3BHajByNFVtOVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iMTk4MTEtZmEyMy00N2IwLWI1NzctMTc2OThmODhjM2Jk
LzEvS3FGTF80TklEUkRORDc2N2dMTExVSkg4LUM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLq/AAwQD
PnqQAwQEXVtwAwQDXsYgAwQCuS5gMA0EAgACMAcDBQAqA86AMA0GCSqGSIb3DQEB
CwUAA4IBAQBsjXS1CYW76mkyoSRJPeYJ4DGza0NHgmWPpXbJ6AtlE4BzpcGEmTK4
gZcCE3zEUT59Qu9FOTiLs2hoizt13mOQxKIf9Qq5zsGwFqe03uGWKTfUsU9ifOhz
QWBj+hpv79WBTnPmqXWk8XVzQNjQ4vdcfl6OYF1Dnn9CSdof/zI2vvix/1E1Hr0s
hGuqPjsoLZYcKb/DhJC32lw42UrQbd3uoBUP6EatQglfI3Xetlccf8SW/hSxVX/v
kvs7uAVTb+irbqpF23EBW5714bwb8QRe6MMM9IvaceEArIIrAC5T87prlreBuKj/
M62GutIJx5qCcBY5qMi3eOyuBTBD0TSp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:03 2024 by rpki-client on console-ams.rpki-client.org