Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/JGWwtKCx9FSzIxfBuKwBqcUJi3k.roa
File: JGWwtKCx9FSzIxfBuKwBqcUJi3k.roa (raw, json)
Hash identifier: PQhjSAjE/udjFkHkf4yXPyagENiuvVj0BtBl/KMCxEE=
Subject key identifier: 24:65:B0:B4:A0:B1:F4:54:B3:23:17:C1:B8:AC:01:A9:C5:09:8B:79
Certificate issuer: /CN=95380935e7e8a21ec32b65a7fc4ed7d468278521
Certificate serial: 0185723A28FFDA3A8B961CBCCDF3CCE359A2
Authority key identifier: 95:38:09:35:E7:E8:A2:1E:C3:2B:65:A7:FC:4E:D7:D4:68:27:85:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lTgJNefooh7DK2Wn_E7X1GgnhSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/JGWwtKCx9FSzIxfBuKwBqcUJi3k.roa
Signing time: Mon 02 Jan 2023 11:24:52 +0000
ROA not before: Mon 02 Jan 2023 11:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 148.200.0.0/21 maxlen: 21
148.200.14.0/24 maxlen: 24
148.200.240.0/21 maxlen: 21
148.200.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:28:ff:da:3a:8b:96:1c:bc:cd:f3:cc:e3:59:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95380935e7e8a21ec32b65a7fc4ed7d468278521
Validity
Not Before: Jan 2 11:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2465b0b4a0b1f454b32317c1b8ac01a9c5098b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:86:8b:9d:f2:3e:60:52:cf:df:29:6f:59:ff:
67:88:5f:da:bd:da:9f:64:9f:ac:cb:31:9d:0c:7b:
b7:2f:2f:ce:13:7f:02:a0:d0:66:03:0a:5b:03:bf:
48:b4:6b:d3:2c:a7:d4:49:6a:98:5a:03:03:5b:36:
e3:00:99:f1:7a:c2:f4:af:65:36:95:a6:ee:78:f8:
e4:46:ca:dd:f1:15:1e:a1:9b:b6:5c:b6:c5:99:9b:
2e:65:7a:ff:22:17:b9:a8:f6:cf:0e:41:5c:ca:6b:
aa:86:59:4b:61:91:ab:3d:4a:fb:88:94:66:c7:c9:
3d:8d:f0:5d:f2:d5:d6:f9:bd:5c:0e:e5:d5:8b:e5:
6c:02:a6:19:cd:0e:a8:e7:57:4a:51:46:eb:4d:ea:
25:72:93:50:15:55:16:e9:81:3c:29:60:86:53:31:
e6:7a:31:4b:bd:4f:1b:70:1f:c0:30:24:9c:b9:84:
9e:ee:02:cd:d7:5f:3e:80:1c:ff:c2:f9:25:16:92:
55:f8:59:bf:06:75:92:93:e9:e5:7f:cc:39:56:7a:
35:2b:d3:d5:91:a1:1b:fd:e2:eb:01:c7:8e:37:af:
a0:98:0a:13:8d:cd:8a:db:c5:a2:ca:e4:65:7c:c9:
2e:99:63:37:f0:0a:d9:3c:97:fd:1d:e1:f0:8e:d5:
7d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:65:B0:B4:A0:B1:F4:54:B3:23:17:C1:B8:AC:01:A9:C5:09:8B:79
X509v3 Authority Key Identifier:
keyid:95:38:09:35:E7:E8:A2:1E:C3:2B:65:A7:FC:4E:D7:D4:68:27:85:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lTgJNefooh7DK2Wn_E7X1GgnhSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/JGWwtKCx9FSzIxfBuKwBqcUJi3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/lTgJNefooh7DK2Wn_E7X1GgnhSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.200.0.0/21
148.200.14.0/24
148.200.140.0/22
148.200.240.0/21
Signature Algorithm: sha256WithRSAEncryption
51:ec:0f:55:9c:7e:ca:a9:7a:0d:d0:d9:d8:4e:15:47:97:4c:
48:9f:9f:9d:3b:bd:fc:d2:57:59:b9:59:37:35:70:4b:e5:19:
74:49:8f:a7:a2:91:3d:db:95:3a:58:52:9c:95:26:e4:7c:49:
34:1e:ef:1b:d9:d7:34:44:fe:e1:48:29:dd:42:7a:0a:b3:44:
71:8d:29:0c:96:62:32:6d:2d:6d:aa:66:5d:31:de:35:f2:d8:
ee:05:d6:b3:e6:73:23:b9:35:a8:4c:6c:40:02:cb:82:18:70:
cc:4b:2e:0f:29:59:79:e0:de:b3:d0:41:10:1c:0f:74:05:83:
3f:cf:d2:7b:6c:4f:8d:71:4c:28:bc:53:3e:5d:a0:3c:30:82:
f9:78:9e:32:86:dd:52:22:bc:75:97:81:c5:98:4f:20:62:0a:
4e:9f:fc:2d:54:56:f6:ac:4a:91:bd:02:4b:ac:23:54:e5:a2:
07:75:c6:9e:f1:72:3d:c0:42:2a:d8:f1:db:d9:ae:18:b4:4b:
74:ec:31:d0:d9:3f:77:c3:e4:8f:c4:54:58:50:26:a2:69:77:
45:4e:b4:52:46:f2:14:36:7c:46:c7:cb:24:a0:8a:8f:7a:c9:
70:c0:7b:62:4b:e3:fb:5c:49:67:d9:14:4b:2b:aa:98:60:e3:
3d:e9:9d:81
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyOij/2jqLlhy8zfPM41miMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MzgwOTM1ZTdlOGEyMWVjMzJiNjVhN2ZjNGVkN2Q0Njgy
Nzg1MjEwHhcNMjMwMTAyMTEyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDY1YjBiNGEwYjFmNDU0YjMyMzE3YzFiOGFjMDFhOWM1MDk4Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIaLnfI+YFLP3ylvWf9niF/avdqf
ZJ+syzGdDHu3Ly/OE38CoNBmAwpbA79ItGvTLKfUSWqYWgMDWzbjAJnxesL0r2U2
labuePjkRsrd8RUeoZu2XLbFmZsuZXr/Ihe5qPbPDkFcymuqhllLYZGrPUr7iJRm
x8k9jfBd8tXW+b1cDuXVi+VsAqYZzQ6o51dKUUbrTeolcpNQFVUW6YE8KWCGUzHm
ejFLvU8bcB/AMCScuYSe7gLN118+gBz/wvklFpJV+Fm/BnWSk+nlf8w5Vno1K9PV
kaEb/eLrAceON6+gmAoTjc2K28WiyuRlfMkumWM38ArZPJf9HeHwjtV9rwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCRlsLSgsfRUsyMXwbisAanFCYt5MB8GA1UdIwQY
MBaAFJU4CTXn6KIewytlp/xO19RoJ4UhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFRnSk5lZm9vaDdESzJXbl9FN1gxR2duaFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MjYzMWItZmRmMy00MTNmLThmMjIt
ZWNlMDg4ZjAxODI3LzEvSkdXd3RLQ3g5RlN6SXhmQnVLd0JxY1VKaTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MjYzMWItZmRmMy00MTNmLThmMjItZWNlMDg4ZjAxODI3
LzEvbFRnSk5lZm9vaDdESzJXbl9FN1gxR2duaFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDlMgAAwQA
lMgOAwQClMiMAwQDlMjwMA0GCSqGSIb3DQEBCwUAA4IBAQBR7A9VnH7KqXoN0NnY
ThVHl0xIn5+dO7380ldZuVk3NXBL5Rl0SY+nopE925U6WFKclSbkfEk0Hu8b2dc0
RP7hSCndQnoKs0RxjSkMlmIybS1tqmZdMd418tjuBdaz5nMjuTWoTGxAAsuCGHDM
Sy4PKVl54N6z0EEQHA90BYM/z9J7bE+NcUwovFM+XaA8MIL5eJ4yht1SIrx1l4HF
mE8gYgpOn/wtVFb2rEqRvQJLrCNU5aIHdcae8XI9wEIq2PHb2a4YtEt07DHQ2T93
w+SPxFRYUCaiaXdFTrRSRvIUNnxGx8skoIqPeslwwHtiS+P7XEln2RRLK6qYYOM9
6Z2B
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:24 2024 by rpki-client on console-ams.rpki-client.org