Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JKix9CUkeElqN4cynEEcAVr3mZU.roa
File: JKix9CUkeElqN4cynEEcAVr3mZU.roa (raw, json)
Hash identifier: kpb7L4x+AeGMoFoX3GstsTnpemyOupONfzQKrdFB4R4=
Subject key identifier: 24:A8:B1:F4:25:24:78:49:6A:37:87:32:9C:41:1C:01:5A:F7:99:95
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018DA8A7BDF98FB23D682DD70668CE73C334
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JKix9CUkeElqN4cynEEcAVr3mZU.roa
Signing time: Wed 14 Feb 2024 17:26:21 +0000
ROA not before: Wed 14 Feb 2024 17:26:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 45.86.16.0/21 maxlen: 24
194.180.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 08:12:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:a7:bd:f9:8f:b2:3d:68:2d:d7:06:68:ce:73:c3:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Feb 14 17:26:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24a8b1f4252478496a3787329c411c015af79995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a1:bd:ef:47:f5:6a:3a:de:0b:21:93:16:3d:
0c:79:38:91:ab:3d:96:7c:1a:c8:bd:39:04:fa:88:
a4:ec:fe:6e:aa:e6:58:e3:d0:cb:d7:d6:dd:81:7c:
2e:b7:4d:6a:8b:0d:ec:78:b3:8d:45:00:c9:b3:dc:
d5:34:3a:e1:38:73:7e:a2:55:57:b2:30:2c:7c:41:
28:0b:c9:9b:30:92:70:10:cf:38:de:a8:b5:9d:4a:
c8:78:77:ca:b5:f0:f0:bf:bd:55:88:1a:27:07:62:
1c:80:26:90:6a:be:3e:81:e4:c7:da:1a:68:43:94:
a2:ac:11:67:38:cd:47:dd:a2:45:27:f2:4e:c6:13:
89:45:a2:73:c0:97:0b:69:c0:b4:2a:a7:49:0b:c8:
92:9f:8c:2d:cb:a2:24:20:c9:f1:f3:bf:66:68:c0:
d6:a2:60:98:58:84:fc:9e:2f:69:19:c3:8f:e3:85:
8d:02:4c:f9:b9:8a:a4:89:aa:05:75:c6:e3:ba:5c:
e5:be:19:33:fb:3a:54:7e:7b:21:64:65:27:30:39:
f3:1f:79:44:45:2e:39:cf:6a:c0:5e:e7:2d:85:06:
95:ad:5a:49:94:4e:ab:f6:ae:41:52:b9:41:52:a3:
f8:af:58:50:af:eb:6e:c6:12:30:5e:6e:db:aa:96:
9f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A8:B1:F4:25:24:78:49:6A:37:87:32:9C:41:1C:01:5A:F7:99:95
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JKix9CUkeElqN4cynEEcAVr3mZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.16.0/21
194.180.238.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:53:c9:e8:b0:67:ba:bb:f9:f1:7c:b5:cf:e7:55:48:86:ab:
14:58:82:1e:0c:c8:a4:da:d4:a7:e1:e5:09:8d:00:43:6f:56:
4d:d7:b7:de:0d:00:b3:65:de:9a:81:c5:cb:ec:5b:73:39:3e:
66:c8:c9:a6:50:a7:24:64:64:dc:6f:6a:c6:c2:e1:0d:57:49:
93:2c:5f:86:b1:01:57:23:68:c8:80:4d:08:44:1f:09:e2:04:
85:dd:96:b6:93:4a:55:65:8f:bf:46:32:fa:f9:0d:22:2f:3c:
aa:6f:76:81:48:5b:8f:a9:29:48:c4:e5:2d:9d:e6:c5:ba:f2:
3d:cc:2b:a0:92:c2:99:9a:28:16:30:5b:ca:c7:a9:aa:63:93:
10:d6:66:c4:78:8f:75:d3:44:39:62:c1:e3:9e:f6:b3:9c:a4:
e9:2d:6a:10:51:6b:c0:b0:0f:73:85:39:60:bf:d2:0d:a5:24:
9f:ab:ba:05:12:41:56:37:d5:96:05:32:d3:bb:14:14:c7:9d:
89:be:c0:e6:74:19:d5:ce:0f:d9:29:50:63:d5:e5:59:91:f3:
4f:8d:4e:9d:a9:86:2c:e1:86:9c:c3:db:95:22:16:9e:1a:d1:
de:28:d0:ef:36:d9:88:ed:b5:05:dc:d9:0e:37:3f:44:0a:f0:
c5:cc:ce:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2op735j7I9aC3XBmjOc8M0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMjE0MTcyNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGE4YjFmNDI1MjQ3ODQ5NmEzNzg3MzI5YzQxMWMwMTVhZjc5OTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaG970f1ajreCyGTFj0MeTiRqz2W
fBrIvTkE+oik7P5uquZY49DL19bdgXwut01qiw3seLONRQDJs9zVNDrhOHN+olVX
sjAsfEEoC8mbMJJwEM843qi1nUrIeHfKtfDwv71ViBonB2IcgCaQar4+geTH2hpo
Q5SirBFnOM1H3aJFJ/JOxhOJRaJzwJcLacC0KqdJC8iSn4wty6IkIMnx879maMDW
omCYWIT8ni9pGcOP44WNAkz5uYqkiaoFdcbjulzlvhkz+zpUfnshZGUnMDnzH3lE
RS45z2rAXucthQaVrVpJlE6r9q5BUrlBUqP4r1hQr+tuxhIwXm7bqpafRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCSosfQlJHhJajeHMpxBHAFa95mVMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSktpeDlDVWtlRWxxTjRjeW5FRWNBVnIzbVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLVYQAwQA
wrTuMA0GCSqGSIb3DQEBCwUAA4IBAQBqU8nosGe6u/nxfLXP51VIhqsUWIIeDMik
2tSn4eUJjQBDb1ZN17feDQCzZd6agcXL7FtzOT5myMmmUKckZGTcb2rGwuENV0mT
LF+GsQFXI2jIgE0IRB8J4gSF3Za2k0pVZY+/RjL6+Q0iLzyqb3aBSFuPqSlIxOUt
nebFuvI9zCugksKZmigWMFvKx6mqY5MQ1mbEeI9100Q5YsHjnvaznKTpLWoQUWvA
sA9zhTlgv9INpSSfq7oFEkFWN9WWBTLTuxQUx52JvsDmdBnVzg/ZKVBj1eVZkfNP
jU6dqYYs4Yacw9uVIhaeGtHeKNDvNtmI7bUF3NkONz9ECvDFzM4T
-----END CERTIFICATE-----
Generated at Thu Apr 18 11:24:57 2024 by rpki-client on console-fra.rpki-client.org