Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/1JYYfNTGNX4sKbfhDaM_GuL93l8.roa
File: 1JYYfNTGNX4sKbfhDaM_GuL93l8.roa (raw, json)
Hash identifier: gulUWPLUVJ/zq+61dsayMN1RB8yGzgwQD0hkEm+B1M0=
Subject key identifier: D4:96:18:7C:D4:C6:35:7E:2C:29:B7:E1:0D:A3:3F:1A:E2:FD:DE:5F
Certificate issuer: /CN=411c4322082191c79e2d86db4e1bf9d0718e27e9
Certificate serial: 0186E0FBD9A93E8E3E5454F60DCCB0027D61
Authority key identifier: 41:1C:43:22:08:21:91:C7:9E:2D:86:DB:4E:1B:F9:D0:71:8E:27:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QRxDIgghkceeLYbbThv50HGOJ-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/1JYYfNTGNX4sKbfhDaM_GuL93l8.roa
Signing time: Tue 14 Mar 2023 16:37:27 +0000
ROA not before: Tue 14 Mar 2023 16:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202695
IP address blocks: 185.156.244.0/22 maxlen: 22
64.38.104.0/22 maxlen: 22
2a03:5b00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:fb:d9:a9:3e:8e:3e:54:54:f6:0d:cc:b0:02:7d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411c4322082191c79e2d86db4e1bf9d0718e27e9
Validity
Not Before: Mar 14 16:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d496187cd4c6357e2c29b7e10da33f1ae2fdde5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c1:39:08:21:3d:f1:63:b6:97:51:5d:8e:2a:
e0:21:4a:17:de:4c:52:0f:52:13:69:90:07:62:1e:
0d:20:77:06:f4:4d:e2:2a:3f:30:47:c0:a1:36:b0:
ec:c6:14:7c:81:36:70:ad:9c:70:df:33:17:52:a0:
c0:93:81:09:56:59:de:05:42:ff:9b:a0:17:2d:fc:
20:0a:5a:42:1a:cf:fb:83:29:38:76:9b:a1:83:30:
11:cc:a5:4b:3f:e6:7b:8d:06:b3:d3:c3:ca:1a:31:
25:bf:10:51:50:8e:64:4b:11:8d:de:a8:ad:ff:da:
ef:d8:e2:57:fb:aa:00:ea:cc:b5:fc:59:39:36:a4:
e7:52:81:72:91:c6:ed:d5:25:4d:d2:c5:45:e5:e7:
57:a1:57:c8:35:dd:43:16:fc:bd:ea:bb:d4:99:17:
8e:05:1c:38:c5:8d:a0:a8:ad:5a:97:ea:fe:20:d7:
c7:29:14:9b:03:6d:a2:4e:88:6d:2c:9e:f9:c0:1f:
99:38:ae:b7:05:13:f0:69:9f:49:cf:76:21:dc:b7:
ab:52:83:e5:72:2f:45:07:4c:cd:3c:d5:fa:5d:4f:
dc:c8:ae:39:ef:1f:c9:5a:a9:fa:52:1e:a2:21:43:
bc:09:05:fc:ed:ca:97:e7:0f:ed:6f:d6:1a:9b:fb:
b7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:96:18:7C:D4:C6:35:7E:2C:29:B7:E1:0D:A3:3F:1A:E2:FD:DE:5F
X509v3 Authority Key Identifier:
keyid:41:1C:43:22:08:21:91:C7:9E:2D:86:DB:4E:1B:F9:D0:71:8E:27:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRxDIgghkceeLYbbThv50HGOJ-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/1JYYfNTGNX4sKbfhDaM_GuL93l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/QRxDIgghkceeLYbbThv50HGOJ-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.38.104.0/22
185.156.244.0/22
IPv6:
2a03:5b00::/32
Signature Algorithm: sha256WithRSAEncryption
a9:57:ef:f1:15:15:f7:cd:82:6c:a7:84:81:a7:1c:4b:34:ab:
cc:c4:ab:f6:e0:70:bd:0c:92:b1:83:18:cf:a5:e8:10:d0:42:
83:5a:81:c0:d3:a2:5e:a0:5f:97:0d:9e:66:13:ce:7d:b9:23:
0a:90:20:b7:0c:46:d7:c0:0d:16:44:11:62:45:f7:46:b7:3d:
c8:18:7f:53:23:1a:ae:7c:fc:6d:ab:09:d5:97:6b:0a:41:ec:
8c:c9:e7:e6:12:15:4c:30:ff:f3:ca:7a:ed:dc:4b:90:b7:db:
cb:74:1e:bf:c1:c6:09:af:61:b4:e2:2d:ee:3d:d9:65:3a:68:
c2:a8:a0:89:ab:7e:eb:7c:6d:d5:68:d2:f7:9a:c6:a3:16:1d:
f5:78:a4:35:a3:58:07:2a:3c:eb:d3:5d:02:21:4c:35:0a:f8:
e5:72:16:10:39:e8:29:1f:30:82:6a:a2:9b:ea:77:41:7d:0a:
57:46:3a:79:09:39:df:f3:ee:ec:c8:eb:29:e9:52:27:38:2f:
72:80:9c:0a:83:8c:72:c0:1d:8c:4d:89:cf:3c:de:9a:3d:c6:
43:30:1e:5a:88:b8:f5:e7:c9:53:07:28:c1:2b:7e:7c:f8:19:
86:20:2d:26:f6:e1:36:17:7d:67:01:09:87:9e:27:6a:f1:e6:
cf:63:33:6b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbg+9mpPo4+VFT2DcywAn1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWM0MzIyMDgyMTkxYzc5ZTJkODZkYjRlMWJmOWQwNzE4
ZTI3ZTkwHhcNMjMwMzE0MTYzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDk2MTg3Y2Q0YzYzNTdlMmMyOWI3ZTEwZGEzM2YxYWUyZmRkZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ME5CCE98WO2l1FdjirgIUoX3kxS
D1ITaZAHYh4NIHcG9E3iKj8wR8ChNrDsxhR8gTZwrZxw3zMXUqDAk4EJVlneBUL/
m6AXLfwgClpCGs/7gyk4dpuhgzARzKVLP+Z7jQaz08PKGjElvxBRUI5kSxGN3qit
/9rv2OJX+6oA6sy1/Fk5NqTnUoFykcbt1SVN0sVF5edXoVfINd1DFvy96rvUmReO
BRw4xY2gqK1al+r+INfHKRSbA22iTohtLJ75wB+ZOK63BRPwaZ9Jz3Yh3LerUoPl
ci9FB0zNPNX6XU/cyK457x/JWqn6Uh6iIUO8CQX87cqX5w/tb9Yam/u3nQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNSWGHzUxjV+LCm34Q2jPxri/d5fMB8GA1UdIwQY
MBaAFEEcQyIIIZHHni2G204b+dBxjifpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJ4RElnZ2hrY2VlTFliYlRodjUwSEdPSi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hNzkzOGYtN2M5YS00M2M5LTk1ZjMt
ZjM4MTBiZDcwMzc2LzEvMUpZWWZOVEdOWDRzS2JmaERhTV9HdUw5M2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9hNzkzOGYtN2M5YS00M2M5LTk1ZjMtZjM4MTBiZDcwMzc2
LzEvUVJ4RElnZ2hrY2VlTFliYlRodjUwSEdPSi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCQCZoAwQC
uZz0MA0EAgACMAcDBQAqA1sAMA0GCSqGSIb3DQEBCwUAA4IBAQCpV+/xFRX3zYJs
p4SBpxxLNKvMxKv24HC9DJKxgxjPpegQ0EKDWoHA06JeoF+XDZ5mE859uSMKkCC3
DEbXwA0WRBFiRfdGtz3IGH9TIxqufPxtqwnVl2sKQeyMyefmEhVMMP/zynrt3EuQ
t9vLdB6/wcYJr2G04i3uPdllOmjCqKCJq37rfG3VaNL3msajFh31eKQ1o1gHKjzr
010CIUw1CvjlchYQOegpHzCCaqKb6ndBfQpXRjp5CTnf8+7syOsp6VInOC9ygJwK
g4xywB2MTYnPPN6aPcZDMB5aiLj158lTByjBK358+BmGIC0m9uE2F31nAQmHnidq
8ebPYzNr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:33 2024 by rpki-client on console-fra.rpki-client.org