Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/jtftJp_n7C5iU_gt-Qb2iBfABV0.roa
File: jtftJp_n7C5iU_gt-Qb2iBfABV0.roa (raw, json)
Hash identifier: LDAHObQwVzt+nvs5vXKw1a0igxnsOFGo1270SK0N4vA=
Subject key identifier: 8E:D7:ED:26:9F:E7:EC:2E:62:53:F8:2D:F9:06:F6:88:17:C0:05:5D
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DCC65069CE0F64BC543585CC4F35ABE12
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/jtftJp_n7C5iU_gt-Qb2iBfABV0.roa
Signing time: Wed 21 Feb 2024 15:59:49 +0000
ROA not before: Wed 21 Feb 2024 15:59:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207027
IP address blocks: 2.59.176.0/22 maxlen: 22
45.147.168.0/22 maxlen: 22
193.36.228.0/24 maxlen: 24
193.37.34.0/24 maxlen: 24
193.193.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 18:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:65:06:9c:e0:f6:4b:c5:43:58:5c:c4:f3:5a:be:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 21 15:59:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ed7ed269fe7ec2e6253f82df906f68817c0055d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:25:b2:70:f2:2b:26:f4:6d:38:c5:67:53:8a:
53:2b:7f:86:67:e4:9b:b2:37:f4:c4:b3:ec:dc:d5:
d9:15:ce:54:29:40:32:a6:06:80:fb:77:89:22:01:
f1:58:69:af:a3:63:20:00:94:a9:61:f7:5a:06:7e:
56:59:80:a3:7c:b4:06:77:4a:8d:2d:17:db:14:b8:
b6:81:0a:7c:31:0e:bb:b9:37:2f:a0:87:1e:3c:fe:
85:ef:94:1d:06:25:d8:25:a1:90:07:3c:6f:77:a9:
09:63:c0:a2:51:f9:3a:c9:52:0c:dd:7e:b7:7b:50:
29:a0:46:d2:49:e0:5a:69:08:b8:22:ee:e8:a1:c0:
a0:0c:83:e4:fa:6f:f9:57:96:e7:97:5a:cf:77:46:
c3:e0:7c:f2:f6:11:99:93:fd:31:a1:47:47:f1:66:
20:79:9d:11:cb:bd:67:52:de:42:fa:83:b5:14:0b:
e5:5b:08:72:23:8c:87:34:ec:13:02:70:21:87:4c:
cd:02:2e:bd:48:21:3e:a7:b6:05:c7:e3:b3:60:45:
a0:f6:07:5f:83:6b:3c:bd:fe:07:fa:91:27:4d:b4:
a7:c4:14:82:02:4e:88:4c:52:dd:24:72:23:94:7e:
52:1b:2b:e1:7c:73:70:ec:5a:77:a7:a9:cd:15:b5:
e6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D7:ED:26:9F:E7:EC:2E:62:53:F8:2D:F9:06:F6:88:17:C0:05:5D
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/jtftJp_n7C5iU_gt-Qb2iBfABV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.176.0/22
45.147.168.0/22
193.36.228.0/24
193.37.34.0/24
193.193.160.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:58:33:8b:61:b9:71:bc:4e:90:43:03:cf:45:69:6f:2b:40:
c9:f6:35:c9:c7:ea:a6:b1:27:a6:a1:1b:8a:4d:02:bd:8c:d7:
e6:06:c1:61:13:03:42:e6:64:5e:f2:a0:e2:08:fc:cd:ac:80:
0b:a6:2f:71:28:91:27:4e:06:af:26:0f:13:8b:1c:a8:ef:ff:
bb:07:aa:f8:2f:60:c7:bd:b3:da:ea:7c:9c:09:4c:40:f7:0e:
db:52:34:07:e7:8c:59:2d:1c:e7:b3:f1:3a:09:ec:c7:c4:55:
1c:f8:0e:bd:20:e2:9e:45:03:4f:9a:28:82:e0:2b:2c:22:e5:
84:f9:af:83:1e:1a:ec:cd:8e:19:81:3c:ff:2c:a3:4c:af:5a:
eb:12:bf:f2:eb:3e:37:b6:66:0b:ca:35:02:15:bb:a4:06:21:
cd:46:ed:51:4e:23:59:35:7b:a4:75:65:19:a8:dc:14:c8:b8:
bf:9d:38:c4:b2:78:57:2c:2c:7e:fd:13:3a:dc:1e:85:25:99:
0a:b5:f7:6e:f3:21:5d:e9:47:b6:95:c3:de:9b:16:a9:6b:0a:
73:2c:44:c0:73:be:df:02:9f:b6:02:b3:c3:ab:a6:fe:a6:a1:
ce:b4:06:82:e9:42:3e:f1:4c:84:0b:e4:04:57:24:05:23:90:
af:a5:b8:77
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3MZQac4PZLxUNYXMTzWr4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIxMTU1OTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWQ3ZWQyNjlmZTdlYzJlNjI1M2Y4MmRmOTA2ZjY4ODE3YzAwNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyWycPIrJvRtOMVnU4pTK3+GZ+Sb
sjf0xLPs3NXZFc5UKUAypgaA+3eJIgHxWGmvo2MgAJSpYfdaBn5WWYCjfLQGd0qN
LRfbFLi2gQp8MQ67uTcvoIcePP6F75QdBiXYJaGQBzxvd6kJY8CiUfk6yVIM3X63
e1ApoEbSSeBaaQi4Iu7oocCgDIPk+m/5V5bnl1rPd0bD4Hzy9hGZk/0xoUdH8WYg
eZ0Ry71nUt5C+oO1FAvlWwhyI4yHNOwTAnAhh0zNAi69SCE+p7YFx+OzYEWg9gdf
g2s8vf4H+pEnTbSnxBSCAk6ITFLdJHIjlH5SGyvhfHNw7Fp3p6nNFbXmnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI7X7Saf5+wuYlP4LfkG9ogXwAVdMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvanRmdEpwX243QzVpVV9ndC1RYjJpQmZBQlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjuwAwQC
LZOoAwQAwSTkAwQAwSUiAwQAwcGgMA0GCSqGSIb3DQEBCwUAA4IBAQBqWDOLYblx
vE6QQwPPRWlvK0DJ9jXJx+qmsSemoRuKTQK9jNfmBsFhEwNC5mRe8qDiCPzNrIAL
pi9xKJEnTgavJg8Tixyo7/+7B6r4L2DHvbPa6nycCUxA9w7bUjQH54xZLRzns/E6
CezHxFUc+A69IOKeRQNPmiiC4CssIuWE+a+DHhrszY4ZgTz/LKNMr1rrEr/y6z43
tmYLyjUCFbukBiHNRu1RTiNZNXukdWUZqNwUyLi/nTjEsnhXLCx+/RM63B6FJZkK
tfdu8yFd6Ue2lcPemxapawpzLETAc77fAp+2ArPDq6b+pqHOtAaC6UI+8UyEC+QE
VyQFI5Cvpbh3
-----END CERTIFICATE-----
Generated at Tue Feb 27 21:14:25 2024 by rpki-client on console-fra.rpki-client.org