Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/cjcryMienfxpp7yScB1ZdxUHbEk.roa
File: cjcryMienfxpp7yScB1ZdxUHbEk.roa (raw, json)
Hash identifier: /AF64yDqWCo6Ao+tOp2nqieAFeWy+7I7xXgKsaRlfBs=
Subject key identifier: 72:37:2B:C8:C8:9E:9D:FC:69:A7:BC:92:70:1D:59:77:15:07:6C:49
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0191762CF2AD3C2C55E4B67BC307C750A6A5
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/cjcryMienfxpp7yScB1ZdxUHbEk.roa
Signing time: Wed 21 Aug 2024 18:22:22 +0000
ROA not before: Wed 21 Aug 2024 18:22:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 185.94.65.0/24 maxlen: 24
185.94.66.0/24 maxlen: 24
185.198.155.0/24 maxlen: 24
195.64.107.0/24 maxlen: 24
195.64.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 07:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:2c:f2:ad:3c:2c:55:e4:b6:7b:c3:07:c7:50:a6:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Aug 21 18:22:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72372bc8c89e9dfc69a7bc92701d597715076c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a3:5a:10:5c:30:79:95:b1:9b:c8:cb:16:43:
6d:db:a4:ac:c6:1b:f0:bb:ed:dd:4e:92:90:96:a4:
10:b9:27:b4:86:4d:20:2f:7d:f3:38:d4:64:4b:a6:
c3:c2:d9:ca:2b:f1:ec:67:94:81:4c:c2:31:3c:e9:
0c:97:40:6e:7a:a1:c9:f5:bf:28:d6:72:2e:3e:5d:
18:d9:8d:58:b1:3d:9f:36:7e:89:5e:d8:48:84:c1:
c6:26:48:db:79:91:55:a7:a5:a5:bf:08:65:45:4c:
94:37:9d:94:47:91:1f:a4:43:a0:00:40:d1:26:02:
9e:75:af:c6:9d:8a:14:5f:cb:78:10:9d:9b:bf:5c:
cf:9c:fe:b5:25:69:d1:83:ec:57:6f:c9:0a:b7:49:
25:40:09:e9:63:8c:1b:2e:d3:bd:9a:39:8e:12:c6:
66:a9:27:db:12:ab:08:b2:4c:83:30:d5:26:34:42:
f1:34:3c:c7:e4:37:2b:c5:96:ad:5c:a2:9a:f5:71:
de:29:14:26:27:6f:68:53:4d:46:9d:f4:71:7b:a9:
52:e5:7f:1d:7a:3f:60:d9:a4:13:87:65:8f:f7:5b:
44:b9:b2:10:0a:0a:0f:39:c7:48:6c:9e:8e:b4:7a:
8e:b3:3b:3a:d7:88:c7:a7:59:31:47:f8:4b:ca:b0:
44:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:37:2B:C8:C8:9E:9D:FC:69:A7:BC:92:70:1D:59:77:15:07:6C:49
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/cjcryMienfxpp7yScB1ZdxUHbEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.65.0-185.94.66.255
185.198.155.0/24
195.64.107.0/24
195.64.113.0/24
Signature Algorithm: sha256WithRSAEncryption
18:2c:42:94:a5:11:3c:01:f4:15:62:95:62:2b:a0:31:b8:b4:
b2:3e:c2:58:18:dd:11:4b:00:48:77:af:bb:fa:9e:f5:b3:0b:
9b:12:c2:84:61:90:98:39:40:6a:47:cc:93:e1:70:ce:c6:5e:
7d:a8:07:cd:28:1c:eb:0f:e5:2f:73:22:7a:7d:1d:91:c1:a7:
ed:c2:8c:ef:4c:16:87:d1:19:cf:f4:d7:b3:52:cb:7b:11:e7:
6f:bc:02:ff:fd:1f:0c:6e:81:e2:f2:4b:c1:f8:77:62:30:a1:
55:5e:14:79:48:d6:82:f6:f0:b9:87:a5:f3:33:ed:91:1a:6e:
35:f0:b2:f3:34:95:3d:5d:7f:a6:1e:93:e4:5e:d6:d2:64:6d:
a3:d0:80:58:76:9f:e3:de:ac:c5:5b:e8:54:91:c3:e7:27:04:
2f:8c:5f:26:5d:48:df:ed:b9:9d:db:b7:fb:7f:82:c2:de:6e:
3f:86:84:29:84:f4:14:80:bc:87:e4:bd:78:9c:f5:2f:6a:0b:
9d:94:5b:33:b1:41:60:58:b1:85:57:89:42:03:4c:a5:f1:08:
0c:63:ad:74:93:af:c6:ae:d4:4f:b6:86:da:17:d2:8d:0d:9a:
b4:41:40:6a:83:2d:a7:53:8e:a9:66:8b:3b:8a:33:21:9f:fa:
48:4f:0a:5d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZF2LPKtPCxV5LZ7wwfHUKalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwODIxMTgyMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjM3MmJjOGM4OWU5ZGZjNjlhN2JjOTI3MDFkNTk3NzE1MDc2YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaNaEFwweZWxm8jLFkNt26Ssxhvw
u+3dTpKQlqQQuSe0hk0gL33zONRkS6bDwtnKK/HsZ5SBTMIxPOkMl0BueqHJ9b8o
1nIuPl0Y2Y1YsT2fNn6JXthIhMHGJkjbeZFVp6WlvwhlRUyUN52UR5EfpEOgAEDR
JgKeda/GnYoUX8t4EJ2bv1zPnP61JWnRg+xXb8kKt0klQAnpY4wbLtO9mjmOEsZm
qSfbEqsIskyDMNUmNELxNDzH5DcrxZatXKKa9XHeKRQmJ29oU01GnfRxe6lS5X8d
ej9g2aQTh2WP91tEubIQCgoPOcdIbJ6OtHqOszs614jHp1kxR/hLyrBEgwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHI3K8jInp38aae8knAdWXcVB2xJMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvY2pjcnlNaWVuZnhwcDd5U2NCMVpkeFVIYkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAC5XkED
BAC5XkIDBAC5xpsDBADDQGsDBADDQHEwDQYJKoZIhvcNAQELBQADggEBABgsQpSl
ETwB9BVilWIroDG4tLI+wlgY3RFLAEh3r7v6nvWzC5sSwoRhkJg5QGpHzJPhcM7G
Xn2oB80oHOsP5S9zInp9HZHBp+3CjO9MFofRGc/017NSy3sR52+8Av/9HwxugeLy
S8H4d2IwoVVeFHlI1oL28LmHpfMz7ZEabjXwsvM0lT1df6Yek+Re1tJkbaPQgFh2
n+PerMVb6FSRw+cnBC+MXyZdSN/tuZ3bt/t/gsLebj+GhCmE9BSAvIfkvXic9S9q
C52UWzOxQWBYsYVXiUIDTKXxCAxjrXSTr8au1E+2htoX0o0NmrRBQGqDLadTjqlm
izuKMyGf+khPCl0=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:17 2024 by rpki-client on console-fra.rpki-client.org