Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/JYiaS3xH0vk2PhwLJoHZbFzxK8M.roa
File: JYiaS3xH0vk2PhwLJoHZbFzxK8M.roa (raw, json)
Hash identifier: 9aEqgZuDVZPMXxdBWTZN8+uUfFm1Ap1w+Pp6Rz7Xh0k=
Subject key identifier: 25:88:9A:4B:7C:47:D2:F9:36:3E:1C:0B:26:81:D9:6C:5C:F1:2B:C3
Certificate issuer: /CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Certificate serial: 018CC5DC81E49DFDE3F3C96C480D71151495
Authority key identifier: B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/JYiaS3xH0vk2PhwLJoHZbFzxK8M.roa
Signing time: Mon 01 Jan 2024 16:30:11 +0000
ROA not before: Mon 01 Jan 2024 16:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42184
IP address blocks: 185.64.168.0/22 maxlen: 24
45.82.124.0/22 maxlen: 24
185.143.168.0/22 maxlen: 24
178.251.8.0/21 maxlen: 24
188.64.248.0/21 maxlen: 24
91.190.224.0/21 maxlen: 24
2a02:f08::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Feb 2024 10:37:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:81:e4:9d:fd:e3:f3:c9:6c:48:0d:71:15:14:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Validity
Not Before: Jan 1 16:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25889a4b7c47d2f9363e1c0b2681d96c5cf12bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:09:7e:96:53:69:a3:c5:e2:41:9d:26:1b:49:
c1:61:24:7d:2e:a6:6b:60:1c:1d:a9:18:d4:84:4f:
63:77:ea:c6:02:53:43:6f:ed:e4:7b:6a:9a:2e:67:
14:af:7c:61:49:63:70:54:47:a3:56:4b:93:76:ec:
da:6c:13:9d:60:d5:cc:50:8d:d9:54:f2:dc:79:df:
17:b5:2c:df:de:0d:2b:08:3c:b5:b1:08:31:36:31:
49:ce:b9:f0:cc:80:0e:91:8d:77:bd:1b:53:0e:07:
de:58:cb:a0:4e:96:6c:33:6a:14:79:6a:9e:2e:4a:
ad:59:45:a0:d3:76:a5:df:62:1c:70:54:9b:30:da:
2c:b9:e4:ea:a6:ea:25:93:4e:75:b7:2b:4e:22:bf:
8d:b8:4b:f1:7d:80:93:87:4f:14:31:ad:fd:00:92:
9a:7e:13:a6:9b:00:8d:da:49:6d:80:7c:7b:e1:69:
8e:c6:0e:e7:f6:66:2a:5a:7a:d7:3a:21:77:7b:81:
fc:e0:3b:16:e9:40:25:15:f4:f8:88:22:70:a0:e1:
50:bd:ec:d5:03:8d:57:fd:61:f5:36:ca:09:aa:2a:
72:22:92:d4:d3:f1:c9:f5:1b:0b:2d:27:89:96:08:
e7:5c:db:20:ce:50:2c:75:37:9f:ba:16:51:a7:16:
68:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:88:9A:4B:7C:47:D2:F9:36:3E:1C:0B:26:81:D9:6C:5C:F1:2B:C3
X509v3 Authority Key Identifier:
keyid:B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/JYiaS3xH0vk2PhwLJoHZbFzxK8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.124.0/22
91.190.224.0/21
178.251.8.0/21
185.64.168.0/22
185.143.168.0/22
188.64.248.0/21
IPv6:
2a02:f08::/32
Signature Algorithm: sha256WithRSAEncryption
71:67:b5:44:3b:a6:1f:94:ee:ac:d2:08:83:00:01:e9:1f:2f:
55:ed:82:d3:5c:21:bd:b0:56:d6:9b:1a:fb:e4:80:c9:66:fb:
ee:44:3e:46:73:97:53:36:b4:5b:08:14:a7:ed:96:27:eb:8f:
7f:e8:34:1f:67:b1:47:cc:d8:eb:63:ef:0a:f6:3d:7e:6b:83:
80:e2:cf:7e:d4:ca:cc:5a:3b:51:31:f9:3a:6c:a6:94:71:6e:
94:ef:b1:01:82:c2:3d:d9:52:40:86:7d:58:7b:73:97:1f:64:
42:7e:12:07:89:a1:90:5f:8a:29:02:89:3b:b7:7b:a1:c9:ae:
06:be:53:8f:ea:cc:02:27:6d:6b:e0:ac:83:23:13:3f:bd:64:
56:4c:4a:94:be:4d:55:be:77:2f:40:b2:5b:e5:52:36:65:05:
42:2e:6f:1a:f4:0f:72:f1:a1:b5:df:22:2e:d5:3e:02:53:7d:
56:dd:53:1f:52:ed:0b:fe:93:be:c3:27:4e:f3:f2:ff:39:6a:
5c:1e:64:4a:d6:ce:06:0e:61:dd:3f:2b:02:d1:da:cb:00:bf:
e9:15:62:83:71:4f:cb:04:90:5e:71:8f:25:8b:bd:01:67:ad:
b1:d1:fa:a7:85:a2:04:22:16:2d:91:70:f3:15:c5:f0:c6:82:
9d:6e:f8:8e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzF3IHknf3j88lsSA1xFRSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjZmNTRlYTliMTVhOGJkNGYzMzgyNTM4NmNiMjc3YjAz
NDM5ZGQwHhcNMjQwMTAxMTYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTg4OWE0YjdjNDdkMmY5MzYzZTFjMGIyNjgxZDk2YzVjZjEyYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwl+llNpo8XiQZ0mG0nBYSR9LqZr
YBwdqRjUhE9jd+rGAlNDb+3ke2qaLmcUr3xhSWNwVEejVkuTduzabBOdYNXMUI3Z
VPLced8XtSzf3g0rCDy1sQgxNjFJzrnwzIAOkY13vRtTDgfeWMugTpZsM2oUeWqe
LkqtWUWg03al32IccFSbMNosueTqpuolk051tytOIr+NuEvxfYCTh08UMa39AJKa
fhOmmwCN2kltgHx74WmOxg7n9mYqWnrXOiF3e4H84DsW6UAlFfT4iCJwoOFQvezV
A41X/WH1NsoJqipyIpLU0/HJ9RsLLSeJlgjnXNsgzlAsdTefuhZRpxZoQQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCWImkt8R9L5Nj4cCyaB2Wxc8SvDMB8GA1UdIwQY
MBaAFLO29U6psVqL1PM4JThssnewNDndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdiMVRxbXhXb3ZVOHpnbE9HeXlkN0EwT2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84ZGU0YTMtOGQ1YS00NmIxLWE3MzUt
MmY0NmU5MzE3Y2M2LzEvSllpYVMzeEgwdmsyUGh3TEpvSFpiRnp4SzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84ZGU0YTMtOGQ1YS00NmIxLWE3MzUtMmY0NmU5MzE3Y2M2
LzEvczdiMVRxbXhXb3ZVOHpnbE9HeXlkN0EwT2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLVJ8AwQD
W77gAwQDsvsIAwQCuUCoAwQCuY+oAwQDvED4MA0EAgACMAcDBQAqAg8IMA0GCSqG
SIb3DQEBCwUAA4IBAQBxZ7VEO6YflO6s0giDAAHpHy9V7YLTXCG9sFbWmxr75IDJ
ZvvuRD5Gc5dTNrRbCBSn7ZYn649/6DQfZ7FHzNjrY+8K9j1+a4OA4s9+1MrMWjtR
Mfk6bKaUcW6U77EBgsI92VJAhn1Ye3OXH2RCfhIHiaGQX4opAok7t3uhya4GvlOP
6swCJ21r4KyDIxM/vWRWTEqUvk1VvncvQLJb5VI2ZQVCLm8a9A9y8aG13yIu1T4C
U31W3VMfUu0L/pO+wydO8/L/OWpcHmRK1s4GDmHdPysC0drLAL/pFWKDcU/LBJBe
cY8li70BZ62x0fqnhaIEIhYtkXDzFcXwxoKdbviO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:43 2024 by rpki-client on console-fra.rpki-client.org