Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JaU70RDNckU13SWD6luEwECrfSY.roa
File: JaU70RDNckU13SWD6luEwECrfSY.roa (raw, json)
Hash identifier: z+qd6KeIIZoUh/mqOgyPOAG8vDWXj/n8L8YUxXJzzqY=
Subject key identifier: 25:A5:3B:D1:10:CD:72:45:35:DD:25:83:EA:5B:84:C0:40:AB:7D:26
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018C35DBA1016D897EF429FF351406ACB23F
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JaU70RDNckU13SWD6luEwECrfSY.roa
Signing time: Mon 04 Dec 2023 17:23:55 +0000
ROA not before: Mon 04 Dec 2023 17:23:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.255.99.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
45.67.117.0/24 maxlen: 24
185.243.140.0/22 maxlen: 24
94.231.198.0/24 maxlen: 24
194.56.153.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
45.149.160.0/22 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:db:a1:01:6d:89:7e:f4:29:ff:35:14:06:ac:b2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 4 17:23:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25a53bd110cd724535dd2583ea5b84c040ab7d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:c3:58:88:fc:f4:b1:e5:1b:7d:8d:16:a3:a3:
4e:72:e7:34:d2:b8:f4:0b:1b:cd:08:52:22:6f:76:
a3:12:3c:72:9d:bd:c9:a3:83:34:03:a3:f8:5e:40:
ae:72:61:41:a7:1d:21:99:35:fd:2f:9a:5d:18:e9:
38:a6:81:50:3b:fd:62:95:9c:2d:50:71:7f:a9:09:
00:e3:53:fa:c6:6b:c7:e5:7e:42:ab:6e:2f:c1:80:
7b:02:a4:88:eb:10:db:a8:63:0d:71:3a:e4:51:4e:
c1:a1:bb:4a:34:fd:95:69:b0:dc:b2:48:3b:6a:e4:
28:fd:6c:7a:16:56:67:32:9d:17:dc:6c:d2:9a:da:
ee:7a:b4:a2:27:53:bf:f0:79:ff:37:f2:4b:15:23:
bb:b1:81:77:95:3c:ba:e3:eb:39:0a:c1:0b:43:8b:
a1:dc:e7:94:dd:52:a9:ff:ee:c1:f9:b6:b4:bf:08:
28:af:e7:a4:91:60:e3:e6:07:0e:d6:d7:c5:a7:79:
8a:69:01:71:52:b9:97:3b:fa:87:30:cd:8d:10:08:
e3:cf:a4:d7:a0:43:79:f1:a5:d7:5e:e0:d8:f0:12:
82:a9:49:dc:c8:be:cd:7b:50:07:93:c1:40:1a:fc:
c8:df:ec:b6:66:54:70:1a:46:f2:cc:29:f8:d1:c6:
28:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A5:3B:D1:10:CD:72:45:35:DD:25:83:EA:5B:84:C0:40:AB:7D:26
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JaU70RDNckU13SWD6luEwECrfSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
45.149.160.0/22
89.32.126.0/24
91.242.71.0-91.242.73.255
91.242.75.0/24
91.242.103.0/24
92.118.108.0/24
94.231.198.0/24
176.126.223.0/24
185.15.136.0/23
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
185.243.140.0/22
185.255.99.0/24
194.56.153.0/24
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
14:36:29:08:b0:06:4f:8b:7c:23:a3:38:89:2c:1b:1e:1f:ea:
90:ac:fa:84:8b:83:0e:91:7b:52:94:e3:06:91:03:04:9c:eb:
7f:2c:04:69:83:c6:79:86:63:89:f3:ea:db:6d:f2:1c:42:6b:
29:0d:56:c6:63:ea:4c:a3:4d:0e:c3:d9:bb:aa:ee:8c:3c:e5:
22:67:c2:6a:fc:4f:a2:73:d2:c8:f7:50:5e:54:39:f0:ff:4c:
d7:0b:71:84:62:af:57:e4:82:c8:9b:46:11:ea:bf:8b:ec:d0:
63:f6:53:ef:0d:0e:4b:bb:06:9d:68:b1:4f:07:13:ae:5f:a8:
34:9f:4e:13:5f:58:f1:51:f3:0f:db:58:e5:a2:8e:82:e6:07:
68:16:cd:99:29:07:c2:b2:d1:bc:b0:e4:6f:11:83:f8:64:76:
fb:7b:f4:b2:b1:93:f7:aa:ca:5a:66:06:c7:6e:1b:ff:e0:7b:
50:c4:80:9f:85:e9:56:a3:35:27:8d:b4:cc:84:ae:f1:fc:fa:
38:d1:fb:c1:9f:95:8e:b3:78:1d:3e:9e:55:35:7e:44:03:1d:
34:80:fb:c4:7a:d2:08:82:92:1e:19:ca:44:61:10:c7:c7:f3:
2a:16:20:6a:a1:30:2b:2c:9d:93:eb:d0:cc:d3:f4:ac:59:f4:
63:c9:11:50
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYw126EBbYl+9Cn/NRQGrLI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMjA0MTcyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE1M2JkMTEwY2Q3MjQ1MzVkZDI1ODNlYTViODRjMDQwYWI3ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9cNYiPz0seUbfY0Wo6NOcuc00rj0
CxvNCFIib3ajEjxynb3Jo4M0A6P4XkCucmFBpx0hmTX9L5pdGOk4poFQO/1ilZwt
UHF/qQkA41P6xmvH5X5Cq24vwYB7AqSI6xDbqGMNcTrkUU7BobtKNP2VabDcskg7
auQo/Wx6FlZnMp0X3GzSmtruerSiJ1O/8Hn/N/JLFSO7sYF3lTy64+s5CsELQ4uh
3OeU3VKp/+7B+ba0vwgor+ekkWDj5gcO1tfFp3mKaQFxUrmXO/qHMM2NEAjjz6TX
oEN58aXXXuDY8BKCqUncyL7Ne1AHk8FAGvzI3+y2ZlRwGkbyzCn40cYoRwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFCWlO9EQzXJFNd0lg+pbhMBAq30mMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSmFVNzBSRE5ja1UxM1NXRDZsdUV3RUNyZlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAAt
Q3UDBAItlaADBABZIH4wDAMEAFvyRwMEAVvySAMEAFvySwMEAFvyZwMEAFx2bAME
AF7nxgMEALB+3wMEAbkPiAMEALkoaQMEALmt9wMEALnUCwMEArnzjAMEALn/YwME
AMI4mQMEAMK07gMEAMLVCgMEAcLyHAMEAMOVfzANBgkqhkiG9w0BAQsFAAOCAQEA
FDYpCLAGT4t8I6M4iSwbHh/qkKz6hIuDDpF7UpTjBpEDBJzrfywEaYPGeYZjifPq
223yHEJrKQ1WxmPqTKNNDsPZu6rujDzlImfCavxPonPSyPdQXlQ58P9M1wtxhGKv
V+SCyJtGEeq/i+zQY/ZT7w0OS7sGnWixTwcTrl+oNJ9OE19Y8VHzD9tY5aKOguYH
aBbNmSkHwrLRvLDkbxGD+GR2+3v0srGT96rKWmYGx24b/+B7UMSAn4XpVqM1J420
zISu8fz6ONH7wZ+VjrN4HT6eVTV+RAMdNID7xHrSCIKSHhnKRGEQx8fzKhYgaqEw
Kyydk+vQzNP0rFn0Y8kRUA==
-----END CERTIFICATE-----
Generated at Thu Dec 7 16:03:50 2023 by rpki-client on console-fra.rpki-client.org