Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/jdzNQScNcaBewpGeYe0ZHyn0nFA.roa
File: jdzNQScNcaBewpGeYe0ZHyn0nFA.roa (raw, json)
Hash identifier: NmSd05+tCDT7VcLbKtpKzhMxmgdjuWK27lfSuv94aRU=
Subject key identifier: 8D:DC:CD:41:27:0D:71:A0:5E:C2:91:9E:61:ED:19:1F:29:F4:9C:50
Certificate issuer: /CN=1efa596a3126ace029c6d70d529257e07b38ba06
Certificate serial: 018573160CD785F0E4095E2F7EB6247618FB
Authority key identifier: 1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/jdzNQScNcaBewpGeYe0ZHyn0nFA.roa
Signing time: Mon 02 Jan 2023 15:25:02 +0000
ROA not before: Mon 02 Jan 2023 15:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 378
IP address blocks: 192.117.80.0/20 maxlen: 20
192.115.164.0/22 maxlen: 22
192.115.168.0/21 maxlen: 21
192.114.0.0/21 maxlen: 21
192.114.16.0/21 maxlen: 21
192.115.192.0/21 maxlen: 21
128.139.0.0/16 maxlen: 16
192.114.92.0/22 maxlen: 22
192.114.96.0/20 maxlen: 20
192.114.102.0/24 maxlen: 24
192.114.100.0/24 maxlen: 24
192.114.101.0/24 maxlen: 24
192.114.124.0/22 maxlen: 22
128.139.199.0/24 maxlen: 24
192.114.128.0/20 maxlen: 20
185.115.212.0/22 maxlen: 22
192.114.48.0/21 maxlen: 21
192.114.56.0/22 maxlen: 22
192.114.60.0/23 maxlen: 23
192.114.192.0/18 maxlen: 18
128.139.200.0/24 maxlen: 24
192.115.46.0/24 maxlen: 24
192.115.64.0/22 maxlen: 22
132.78.0.0/16 maxlen: 16
192.115.32.0/20 maxlen: 20
2001:bf8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:16:0c:d7:85:f0:e4:09:5e:2f:7e:b6:24:76:18:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1efa596a3126ace029c6d70d529257e07b38ba06
Validity
Not Before: Jan 2 15:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ddccd41270d71a05ec2919e61ed191f29f49c50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:34:49:7c:fd:f8:65:52:fe:d9:0b:47:da:1d:
3e:6c:7d:bb:4b:6b:33:ab:55:cb:fe:b0:f6:51:04:
74:88:08:18:73:72:de:fa:4b:5b:a5:d3:78:88:f4:
be:a7:ad:d7:06:33:65:b6:21:6d:e2:51:f4:c4:65:
79:e6:59:10:bb:1e:97:7b:1a:63:e8:3c:63:e2:96:
47:02:47:61:07:16:8e:c3:25:c6:15:4a:d2:06:1b:
63:6c:45:85:d7:c9:d7:ee:a5:0d:17:bb:70:9e:3e:
83:8d:48:17:aa:3b:7d:47:a1:0d:ec:b9:8e:4d:e3:
7b:73:cc:7a:bc:fd:d3:c3:e4:79:0f:d4:55:b0:00:
70:df:47:f5:cc:3f:db:3b:3f:6f:db:3c:fa:a4:e7:
8e:38:49:fc:4b:35:ec:2f:34:a2:80:e2:d7:ea:70:
1e:4c:56:13:e0:4a:0d:57:09:e5:fd:45:65:e8:6d:
91:0b:4b:b5:cf:82:c1:59:0f:9f:93:a6:dc:1b:ed:
3d:29:d1:31:31:80:1c:e2:89:bd:22:28:a9:b0:c4:
5f:e7:43:20:d7:70:87:dc:e6:18:ea:bc:05:c6:62:
be:6f:5a:a3:8f:0f:6c:4d:aa:67:aa:46:e5:36:f6:
fb:ed:a1:7f:2d:42:a0:6c:cd:ac:94:29:c7:3e:2c:
f2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:DC:CD:41:27:0D:71:A0:5E:C2:91:9E:61:ED:19:1F:29:F4:9C:50
X509v3 Authority Key Identifier:
keyid:1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/jdzNQScNcaBewpGeYe0ZHyn0nFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.139.0.0/16
132.78.0.0/16
185.115.212.0/22
192.114.0.0/21
192.114.16.0/21
192.114.48.0-192.114.61.255
192.114.92.0-192.114.111.255
192.114.124.0-192.114.143.255
192.114.192.0/18
192.115.32.0/20
192.115.64.0/22
192.115.164.0-192.115.175.255
192.115.192.0/21
192.117.80.0/20
IPv6:
2001:bf8::/32
Signature Algorithm: sha256WithRSAEncryption
75:4a:fb:57:4e:22:f1:08:a1:ab:a0:03:d1:c9:77:dd:be:ac:
29:7c:a5:b3:64:ea:23:8e:2f:08:5d:f2:de:91:dc:58:29:4d:
3d:08:d7:00:fd:6d:bb:b5:31:22:ad:59:c7:e4:85:39:1e:db:
9a:09:2a:50:24:1f:ff:4a:3b:ae:4f:c5:22:2f:ab:76:35:10:
0e:21:f6:34:66:0f:ab:28:77:5d:1e:67:88:f9:d1:73:05:c5:
9c:f8:34:a6:f7:9f:2e:41:39:01:83:8d:78:fa:ec:49:4b:86:
c2:3a:62:11:54:a2:59:63:84:a8:10:fa:81:a6:33:e3:22:94:
62:16:08:ac:04:d2:ac:cb:28:42:fc:8e:29:03:4d:a4:92:58:
63:90:21:d7:1d:59:8b:c7:66:3e:6b:4a:7d:18:19:5a:cd:aa:
45:9a:e1:d4:64:48:d4:be:f7:75:6b:62:ed:26:29:53:ce:7c:
bd:51:dc:b3:68:a1:b0:4f:f5:99:e2:20:c8:29:99:4d:0d:01:
5e:7d:e5:25:59:b3:f1:14:ab:22:97:21:b0:d9:da:68:c4:d5:
b0:f1:77:eb:48:b2:23:b9:45:c8:54:f7:e2:50:02:8b:07:95:
4b:c6:77:ee:22:4c:9b:6f:92:d0:80:d1:1a:bc:48:05:77:ea:
3a:05:3d:dc
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYVzFgzXhfDkCV4vfrYkdhj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZmE1OTZhMzEyNmFjZTAyOWM2ZDcwZDUyOTI1N2UwN2Iz
OGJhMDYwHhcNMjMwMTAyMTUyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGRjY2Q0MTI3MGQ3MWEwNWVjMjkxOWU2MWVkMTkxZjI5ZjQ5YzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDRJfP34ZVL+2QtH2h0+bH27S2sz
q1XL/rD2UQR0iAgYc3Le+ktbpdN4iPS+p63XBjNltiFt4lH0xGV55lkQux6Xexpj
6Dxj4pZHAkdhBxaOwyXGFUrSBhtjbEWF18nX7qUNF7twnj6DjUgXqjt9R6EN7LmO
TeN7c8x6vP3Tw+R5D9RVsABw30f1zD/bOz9v2zz6pOeOOEn8SzXsLzSigOLX6nAe
TFYT4EoNVwnl/UVl6G2RC0u1z4LBWQ+fk6bcG+09KdExMYAc4om9IiipsMRf50Mg
13CH3OYY6rwFxmK+b1qjjw9sTapnqkblNvb77aF/LUKgbM2slCnHPizycwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFI3czUEnDXGgXsKRnmHtGR8p9JxQMB8GA1UdIwQY
MBaAFB76WWoxJqzgKcbXDVKSV+B7OLoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODIt
OWQwYzYyMDczNWYxLzEvamR6TlFTY05jYUJld3BHZVllMFpIeW4wbkZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODItOWQwYzYyMDczNWYx
LzEvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwMAgIsD
AwCETgMEArlz1AMEA8ByAAMEA8ByEDAMAwQEwHIwAwQBwHI8MAwDBALAclwDBATA
cmAwDAMEAsByfAMEBMBygAMEBsBywAMEBMBzIAMEAsBzQDAMAwQCwHOkAwQEwHOg
AwQDwHPAAwQEwHVQMA0EAgACMAcDBQAgAQv4MA0GCSqGSIb3DQEBCwUAA4IBAQB1
SvtXTiLxCKGroAPRyXfdvqwpfKWzZOojji8IXfLekdxYKU09CNcA/W27tTEirVnH
5IU5HtuaCSpQJB//SjuuT8UiL6t2NRAOIfY0Zg+rKHddHmeI+dFzBcWc+DSm958u
QTkBg414+uxJS4bCOmIRVKJZY4SoEPqBpjPjIpRiFgisBNKsyyhC/I4pA02kklhj
kCHXHVmLx2Y+a0p9GBlazapFmuHUZEjUvvd1a2LtJilTzny9UdyzaKGwT/WZ4iDI
KZlNDQFefeUlWbPxFKsilyGw2dpoxNWw8XfrSLIjuUXIVPfiUAKLB5VLxnfuIkyb
b5LQgNEavEgFd+o6BT3c
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:43 2023 by rpki-client on console-fra.rpki-client.org