Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/RJ553hItpoAjx1fACQyXjgtk1xU.roa
File: RJ553hItpoAjx1fACQyXjgtk1xU.roa (raw, json)
Hash identifier: p5CXcH7Y+AP4xikVXX7Nl4vRS4P19q5K2d6e1k0/UlU=
Subject key identifier: 44:9E:79:DE:12:2D:A6:80:23:C7:57:C0:09:0C:97:8E:0B:64:D7:15
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018AFE750BB20F1CE360C69D859AEC67330A
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/RJ553hItpoAjx1fACQyXjgtk1xU.roa
Signing time: Thu 05 Oct 2023 06:09:58 +0000
ROA not before: Thu 05 Oct 2023 06:09:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 194.50.200.0/23 maxlen: 24
194.50.206.0/23 maxlen: 24
91.242.103.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:75:0b:b2:0f:1c:e3:60:c6:9d:85:9a:ec:67:33:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 5 06:09:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=449e79de122da68023c757c0090c978e0b64d715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:83:28:7b:7d:de:03:f4:f2:b5:df:3b:90:f7:
c6:11:3a:53:c8:90:00:d2:e4:c4:81:76:e2:ff:77:
84:6d:87:de:bb:fc:39:1f:bc:1a:ce:c0:a4:92:fb:
51:35:a2:76:45:1f:e1:c9:23:51:e2:6b:84:29:c8:
2a:84:e6:3c:fe:e7:97:e5:5e:cf:c8:87:ae:31:70:
8c:b3:30:a5:ae:03:b6:fc:f1:ec:46:9b:7c:03:f4:
b7:77:5d:1a:ae:9b:58:63:ae:5d:02:fb:d0:09:fe:
04:d9:1f:1a:03:67:8d:69:7b:f4:6b:c3:4c:28:21:
fb:e1:fc:ec:0d:71:4f:5b:97:29:8f:d1:99:d3:3c:
bf:be:47:ca:24:5f:a9:21:b0:2b:6f:1b:7d:a1:f9:
76:de:6c:89:b7:40:57:ab:33:e4:05:e1:03:b3:3c:
10:e6:55:48:eb:99:79:b2:97:8a:bc:5d:d9:77:8c:
6a:c2:0d:9b:89:b1:60:5c:11:3d:2f:d3:fa:3e:b2:
ad:1f:c4:bf:fc:ad:4a:5e:6c:49:cc:72:9c:d5:4b:
9c:2f:a0:98:6d:3f:76:d7:88:22:a6:06:34:91:b3:
1c:c0:9c:a9:0d:d0:b2:9f:7e:d0:da:c7:5b:e1:e1:
e2:09:eb:26:71:11:1f:fa:ad:89:31:26:da:ef:aa:
fb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9E:79:DE:12:2D:A6:80:23:C7:57:C0:09:0C:97:8E:0B:64:D7:15
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/RJ553hItpoAjx1fACQyXjgtk1xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.242.0/24
91.242.72.0/22
91.242.103.0/24
185.40.105.0/24
194.50.200.0/23
194.50.206.0/23
195.138.108.0/24
195.138.116.0/24
195.138.122.0-195.138.127.255
Signature Algorithm: sha256WithRSAEncryption
30:8a:b8:48:94:93:b3:9e:53:d7:2d:31:aa:d8:11:97:39:1a:
67:4b:53:48:a2:3a:d6:39:aa:39:4c:fe:80:5a:a6:53:5a:90:
5a:2c:c3:ec:dd:b4:5b:55:17:3b:75:08:b1:7d:4a:5b:e9:4b:
83:1f:88:42:b5:f0:d8:8c:55:fc:9e:d9:45:26:da:05:be:a0:
22:e3:87:a2:17:36:25:f2:a6:13:47:5e:79:c8:a0:73:7b:9e:
8b:d0:a2:ae:8b:82:8d:70:a7:06:67:e1:99:3b:5e:6d:9c:07:
b3:e4:c8:79:d5:58:1f:50:fb:f1:bc:82:d1:b2:a6:c4:1d:d3:
6e:44:ca:f1:c5:1c:19:78:c5:6e:a0:86:c9:fa:3b:c0:79:9d:
9e:30:5d:0a:72:a9:1d:91:74:b1:8c:16:47:26:82:e8:ec:11:
86:8e:42:c2:d5:3f:6a:b2:bb:b8:da:c3:5e:0c:b9:a8:b3:1f:
7b:6a:4e:71:31:cd:1a:45:71:a3:f0:5a:98:1a:84:a3:fe:da:
ae:a9:ef:fb:6f:56:2e:94:88:e8:44:ed:12:ee:06:42:8b:71:
61:42:8a:d2:5b:6a:49:07:c0:a7:dc:94:2d:1a:2b:1b:08:21:
5b:d7:85:64:2d:a0:af:70:ae:8f:e7:27:f0:1b:62:f5:3a:04:
4e:b0:2f:86
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYr+dQuyDxzjYMadhZrsZzMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMDA1MDYwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDllNzlkZTEyMmRhNjgwMjNjNzU3YzAwOTBjOTc4ZTBiNjRkNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoMoe33eA/Tytd87kPfGETpTyJAA
0uTEgXbi/3eEbYfeu/w5H7wazsCkkvtRNaJ2RR/hySNR4muEKcgqhOY8/ueX5V7P
yIeuMXCMszClrgO2/PHsRpt8A/S3d10arptYY65dAvvQCf4E2R8aA2eNaXv0a8NM
KCH74fzsDXFPW5cpj9GZ0zy/vkfKJF+pIbArbxt9ofl23myJt0BXqzPkBeEDszwQ
5lVI65l5speKvF3Zd4xqwg2bibFgXBE9L9P6PrKtH8S//K1KXmxJzHKc1UucL6CY
bT9214gipgY0kbMcwJypDdCyn37Q2sdb4eHiCesmcREf+q2JMSba76r7EwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFESeed4SLaaAI8dXwAkMl44LZNcVMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUko1NTNoSXRwb0FqeDFmQUNReVhqZ3RrMXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAWSfyAwQC
W/JIAwQAW/JnAwQAuShpAwQBwjLIAwQBwjLOAwQAw4psAwQAw4p0MAwDBAHDinoD
BAfDigAwDQYJKoZIhvcNAQELBQADggEBADCKuEiUk7OeU9ctMarYEZc5GmdLU0ii
OtY5qjlM/oBaplNakFosw+zdtFtVFzt1CLF9SlvpS4MfiEK18NiMVfye2UUm2gW+
oCLjh6IXNiXyphNHXnnIoHN7novQoq6Lgo1wpwZn4Zk7Xm2cB7PkyHnVWB9Q+/G8
gtGypsQd025EyvHFHBl4xW6ghsn6O8B5nZ4wXQpyqR2RdLGMFkcmgujsEYaOQsLV
P2qyu7jaw14MuaizH3tqTnExzRpFcaPwWpgahKP+2q6p7/tvVi6UiOhE7RLuBkKL
cWFCitJbakkHwKfclC0aKxsIIVvXhWQtoK9wro/nJ/AbYvU6BE6wL4Y=
-----END CERTIFICATE-----
Generated at Fri Oct 6 13:29:05 2023 by rpki-client on console-fra.rpki-client.org