Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/jBqCXrQu3fEUVbArcsuUHLIDP_o.roa
File: jBqCXrQu3fEUVbArcsuUHLIDP_o.roa (raw, json)
Hash identifier: 39hjrFQFTJNw0Zdn0sS5B1m0IFB/XPIBrrL8EXYafss=
Subject key identifier: 8C:1A:82:5E:B4:2E:DD:F1:14:55:B0:2B:72:CB:94:1C:B2:03:3F:FA
Certificate issuer: /CN=e97592f1eb41d6c893cd0dd72b63fc34ee553533
Certificate serial: 018CC9BC3615D542EC149640867F43FEA360
Authority key identifier: E9:75:92:F1:EB:41:D6:C8:93:CD:0D:D7:2B:63:FC:34:EE:55:35:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XWS8etB1siTzQ3XK2P8NO5VNTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/jBqCXrQu3fEUVbArcsuUHLIDP_o.roa
Signing time: Tue 02 Jan 2024 10:33:24 +0000
ROA not before: Tue 02 Jan 2024 10:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16083
IP address blocks: 91.106.112.0/21 maxlen: 24
81.16.208.0/22 maxlen: 22
81.16.208.0/23 maxlen: 23
217.73.192.0/20 maxlen: 24
178.209.192.0/19 maxlen: 24
2a00:eb9::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Nov 2024 13:51:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:36:15:d5:42:ec:14:96:40:86:7f:43:fe:a3:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e97592f1eb41d6c893cd0dd72b63fc34ee553533
Validity
Not Before: Jan 2 10:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c1a825eb42eddf11455b02b72cb941cb2033ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9d:03:3b:60:05:78:20:4a:c3:60:c0:c9:16:
4b:40:4f:94:35:4c:11:09:98:80:3a:5e:a8:e2:b3:
ff:5b:19:3b:9e:23:b9:58:49:3d:06:5b:a1:9f:f0:
3e:ba:43:dc:b4:1b:26:bd:4b:26:4d:62:1f:a9:9c:
12:82:6d:8e:11:99:57:51:0e:92:08:47:d3:1b:9b:
fd:c3:8e:e6:70:83:c0:8a:c7:02:33:7c:7c:6d:be:
64:44:3a:71:97:1b:65:95:5c:8e:c6:a5:e9:6e:4e:
40:9d:58:81:80:c3:c6:3c:6f:e5:fd:90:cd:b8:0d:
d5:13:9c:d2:73:a2:47:14:ab:88:04:c6:ef:9f:42:
01:d1:0b:60:ac:8d:d6:e2:80:e8:ba:2c:be:9b:d2:
85:87:55:c0:84:5d:ae:a5:b1:0a:80:58:a9:15:51:
97:ae:d1:55:cf:a0:37:57:7f:fd:32:f2:3c:5e:0a:
51:14:e9:7d:cd:18:66:1e:a9:9a:75:da:88:23:cd:
54:a7:ec:b6:8d:26:e3:cc:17:87:c1:3a:a7:4d:87:
2c:cc:d1:5b:c1:47:b8:8a:8c:2d:13:1d:88:9c:7c:
8e:a0:0f:68:f4:2c:a7:ff:49:11:2c:d1:b5:19:7d:
5f:bb:b6:37:91:6e:8c:33:5e:a5:79:d3:d7:e2:18:
5b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:1A:82:5E:B4:2E:DD:F1:14:55:B0:2B:72:CB:94:1C:B2:03:3F:FA
X509v3 Authority Key Identifier:
keyid:E9:75:92:F1:EB:41:D6:C8:93:CD:0D:D7:2B:63:FC:34:EE:55:35:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XWS8etB1siTzQ3XK2P8NO5VNTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/jBqCXrQu3fEUVbArcsuUHLIDP_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/6XWS8etB1siTzQ3XK2P8NO5VNTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.16.208.0/22
91.106.112.0/21
178.209.192.0/19
217.73.192.0/20
IPv6:
2a00:eb9::/32
Signature Algorithm: sha256WithRSAEncryption
2c:6e:7a:c3:bf:a4:ad:52:24:f1:d1:c0:8f:98:16:fe:8c:6e:
78:d3:c5:9f:11:50:9d:1f:5d:fa:17:d5:1b:f8:9c:ab:a6:d5:
b7:9d:b5:5c:d3:d9:a6:14:51:6d:e8:e5:4e:72:a4:b3:d5:7a:
f0:3d:2c:37:5a:db:06:eb:cd:43:26:81:e8:6f:2a:1c:04:a6:
ce:5b:2c:7e:8e:c3:bb:70:84:3e:ad:43:3d:65:10:eb:0a:44:
92:34:e0:ae:f2:2f:40:27:a5:29:6b:99:1b:86:c7:8c:31:02:
5f:cc:9a:79:e9:8f:61:ec:2d:2a:35:13:84:a5:3a:e8:49:63:
5a:7f:83:3c:42:b3:ff:8d:f1:b4:bc:39:b1:55:df:be:6f:ed:
c9:89:6d:c2:d8:d8:20:b1:67:71:d9:dd:c7:36:b4:e3:f8:61:
c7:08:b7:0d:c8:2b:85:ce:e0:a6:8d:45:49:d8:30:7f:d9:5d:
ac:fd:c4:6a:59:78:f4:f9:52:09:ee:cb:94:ba:b0:94:67:a0:
9d:12:08:ed:a2:72:33:7c:04:1f:25:21:c4:56:c5:27:b6:87:
3b:05:01:1e:fc:07:f6:d8:35:64:37:2e:c0:08:3a:89:ca:ef:
a2:1f:9b:ee:0e:81:b5:27:72:89:11:cc:0f:74:a0:85:d9:f3:
50:85:e0:fb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJvDYV1ULsFJZAhn9D/qNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzU5MmYxZWI0MWQ2Yzg5M2NkMGRkNzJiNjNmYzM0ZWU1
NTM1MzMwHhcNMjQwMTAyMTAzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzFhODI1ZWI0MmVkZGYxMTQ1NWIwMmI3MmNiOTQxY2IyMDMzZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ0DO2AFeCBKw2DAyRZLQE+UNUwR
CZiAOl6o4rP/Wxk7niO5WEk9Bluhn/A+ukPctBsmvUsmTWIfqZwSgm2OEZlXUQ6S
CEfTG5v9w47mcIPAiscCM3x8bb5kRDpxlxtllVyOxqXpbk5AnViBgMPGPG/l/ZDN
uA3VE5zSc6JHFKuIBMbvn0IB0QtgrI3W4oDouiy+m9KFh1XAhF2upbEKgFipFVGX
rtFVz6A3V3/9MvI8XgpRFOl9zRhmHqmaddqII81Up+y2jSbjzBeHwTqnTYcszNFb
wUe4iowtEx2InHyOoA9o9Cyn/0kRLNG1GX1fu7Y3kW6MM16ledPX4hhbkQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIwagl60Lt3xFFWwK3LLlByyAz/6MB8GA1UdIwQY
MBaAFOl1kvHrQdbIk80N1ytj/DTuVTUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhXUzhldEIxc2lUelEzWEsyUDhOTzVWTlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80MjIxN2UtZWFkMC00NmJlLThhZDAt
MDVmOTBhZDI0ZjNlLzEvakJxQ1hyUXUzZkVVVmJBcmNzdVVITElEUF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80MjIxN2UtZWFkMC00NmJlLThhZDAtMDVmOTBhZDI0ZjNl
LzEvNlhXUzhldEIxc2lUelEzWEsyUDhOTzVWTlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCURDQAwQD
W2pwAwQFstHAAwQE2UnAMA0EAgACMAcDBQAqAA65MA0GCSqGSIb3DQEBCwUAA4IB
AQAsbnrDv6StUiTx0cCPmBb+jG5408WfEVCdH136F9Ub+JyrptW3nbVc09mmFFFt
6OVOcqSz1XrwPSw3WtsG681DJoHobyocBKbOWyx+jsO7cIQ+rUM9ZRDrCkSSNOCu
8i9AJ6Upa5kbhseMMQJfzJp56Y9h7C0qNROEpTroSWNaf4M8QrP/jfG0vDmxVd++
b+3JiW3C2NggsWdx2d3HNrTj+GHHCLcNyCuFzuCmjUVJ2DB/2V2s/cRqWXj0+VIJ
7suUurCUZ6CdEgjtonIzfAQfJSHEVsUntoc7BQEe/Af22DVkNy7ACDqJyu+iH5vu
DoG1J3KJEcwPdKCF2fNQheD7
-----END CERTIFICATE-----
Generated at Tue Nov 26 16:05:56 2024 by rpki-client on console-fra.rpki-client.org