Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/j3kUs6sGCPbYLWCus2q-ZM6gTVg.roa
File: j3kUs6sGCPbYLWCus2q-ZM6gTVg.roa (raw, json)
Hash identifier: U/XO7/5boPZ9TLLVsfenV+Piclq9mGU6WQDH2Va1/rA=
Subject key identifier: 8F:79:14:B3:AB:06:08:F6:D8:2D:60:AE:B3:6A:BE:64:CE:A0:4D:58
Certificate issuer: /CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Certificate serial: 0185706739D7CF4D612D6EBD830EE67C7A28
Authority key identifier: AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/j3kUs6sGCPbYLWCus2q-ZM6gTVg.roa
Signing time: Mon 02 Jan 2023 02:54:51 +0000
ROA not before: Mon 02 Jan 2023 02:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39790
IP address blocks: 81.91.80.0/20 maxlen: 20
185.14.224.0/22 maxlen: 22
2001:1568::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 18 Jan 2023 09:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:39:d7:cf:4d:61:2d:6e:bd:83:0e:e6:7c:7a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Validity
Not Before: Jan 2 02:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f7914b3ab0608f6d82d60aeb36abe64cea04d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c1:48:dc:35:85:bb:51:60:af:1e:41:a0:b5:
46:58:61:95:83:c4:8f:b0:f7:40:88:1a:b9:d4:16:
b2:ec:35:25:23:4d:3e:c1:4f:a6:2d:3d:7d:0a:4a:
21:8e:31:ad:8c:5f:fb:c6:35:68:fe:07:57:74:27:
bc:5a:31:12:31:0b:42:77:3b:d2:de:91:f8:61:59:
58:5f:0e:7a:84:d1:14:21:e3:b2:b8:16:3b:0a:24:
49:d7:a6:22:0f:1b:ee:e0:c8:ff:ab:ef:f3:b7:20:
6a:49:57:2c:b9:f9:ee:8e:1d:cc:d6:b6:41:c0:4a:
f7:22:2c:28:45:cc:1c:50:bb:f0:5a:25:16:4b:e8:
b4:d4:8c:b8:59:41:f3:77:2b:a8:6b:9b:b1:39:68:
02:55:dc:78:9a:05:ef:0b:e0:57:a4:8d:e1:07:37:
34:77:82:71:f6:df:80:2b:18:b9:53:d5:f2:33:59:
6c:4c:05:6d:97:52:98:69:37:f0:70:c2:72:79:4d:
0a:58:42:e3:7b:4a:b9:66:a4:f4:04:cc:34:10:b9:
81:72:c8:84:eb:ba:62:d9:33:32:7a:cc:9e:20:c8:
60:ee:fb:ac:1d:36:21:45:d4:7a:96:eb:a2:54:46:
02:a4:d1:db:53:7d:7c:b0:68:ec:51:a2:a9:ce:6a:
c9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:79:14:B3:AB:06:08:F6:D8:2D:60:AE:B3:6A:BE:64:CE:A0:4D:58
X509v3 Authority Key Identifier:
keyid:AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/j3kUs6sGCPbYLWCus2q-ZM6gTVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.80.0/20
185.14.224.0/22
IPv6:
2001:1568::/32
Signature Algorithm: sha256WithRSAEncryption
42:50:46:35:fd:31:fe:ba:7c:d3:81:09:ed:3b:c6:b7:32:a0:
84:fb:f0:39:9c:ef:48:56:8b:10:d5:02:eb:21:34:69:e3:76:
90:51:24:cd:00:5f:38:79:01:c5:d7:fd:a4:4d:22:a8:58:89:
77:ae:e7:c7:7b:73:27:bc:04:6b:b5:c1:52:ca:46:25:45:60:
a2:11:fd:01:88:62:ac:96:3e:35:cd:9d:17:fa:a9:09:ba:7d:
c3:b8:cf:92:66:be:6f:21:68:82:d0:be:59:6a:3f:38:5f:af:
f2:98:8e:f3:4d:b7:22:04:a0:98:93:b9:a7:26:43:ac:3d:72:
9c:67:c2:4f:77:5e:b5:78:2e:e7:b8:75:e4:4d:08:b4:70:0c:
1b:85:8a:bb:37:61:90:7d:23:10:ff:d1:85:8d:36:9c:f4:bb:
dd:24:24:23:bf:c0:d2:4c:08:3d:4b:2a:8e:40:4e:d5:07:e7:
8c:e5:c6:74:6b:64:a9:cb:e5:d2:fe:27:e7:06:85:9d:07:2d:
f3:38:78:8c:33:ff:08:e3:a8:c3:56:e0:80:a6:03:41:a2:cd:
24:4a:43:e8:75:3b:50:ab:e1:db:86:f7:3c:db:72:62:e6:ea:
c0:26:55:24:fe:b3:9e:be:33:3b:11:db:68:b4:0c:96:3f:99:
71:ba:fc:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwZznXz01hLW69gw7mfHooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMjExOTE3OGJmZDkyM2E0YjVlYzQwNmQ5ZmUxNDUyYjI3
NzZlZmEwHhcNMjMwMTAyMDI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc5MTRiM2FiMDYwOGY2ZDgyZDYwYWViMzZhYmU2NGNlYTA0ZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsFI3DWFu1Fgrx5BoLVGWGGVg8SP
sPdAiBq51Bay7DUlI00+wU+mLT19CkohjjGtjF/7xjVo/gdXdCe8WjESMQtCdzvS
3pH4YVlYXw56hNEUIeOyuBY7CiRJ16YiDxvu4Mj/q+/ztyBqSVcsufnujh3M1rZB
wEr3IiwoRcwcULvwWiUWS+i01Iy4WUHzdyuoa5uxOWgCVdx4mgXvC+BXpI3hBzc0
d4Jx9t+AKxi5U9XyM1lsTAVtl1KYaTfwcMJyeU0KWELje0q5ZqT0BMw0ELmBcsiE
67pi2TMyesyeIMhg7vusHTYhRdR6luuiVEYCpNHbU318sGjsUaKpzmrJOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI95FLOrBgj22C1grrNqvmTOoE1YMB8GA1UdIwQY
MBaAFKwhGReL/ZI6S17EBtn+FFKyd276MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgt
ZjYwMGQwZmQwM2NlLzEvajNrVXM2c0dDUGJZTFdDdXMycS1aTTZnVFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgtZjYwMGQwZmQwM2Nl
LzEvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVtQAwQC
uQ7gMA0EAgACMAcDBQAgARVoMA0GCSqGSIb3DQEBCwUAA4IBAQBCUEY1/TH+unzT
gQntO8a3MqCE+/A5nO9IVosQ1QLrITRp43aQUSTNAF84eQHF1/2kTSKoWIl3rufH
e3MnvARrtcFSykYlRWCiEf0BiGKslj41zZ0X+qkJun3DuM+SZr5vIWiC0L5Zaj84
X6/ymI7zTbciBKCYk7mnJkOsPXKcZ8JPd161eC7nuHXkTQi0cAwbhYq7N2GQfSMQ
/9GFjTac9LvdJCQjv8DSTAg9SyqOQE7VB+eM5cZ0a2Spy+XS/ifnBoWdBy3zOHiM
M/8I46jDVuCApgNBos0kSkPodTtQq+Hbhvc823Ji5urAJlUk/rOevjM7EdtotAyW
P5lxuvxV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:21 2024 by rpki-client on console-ams.rpki-client.org