Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/35a6e5-3364-4a74-964c-3d4b283f322d/1/JZ30L2wxw8hXQNYrPieOXt-oaB8.roa
File: JZ30L2wxw8hXQNYrPieOXt-oaB8.roa (raw, json)
Hash identifier: GqMzpuohrQbPzO84lizPnvu42wwJDZ9RPI2C53Pv+PU=
Subject key identifier: 25:9D:F4:2F:6C:31:C3:C8:57:40:D6:2B:3E:27:8E:5E:DF:A8:68:1F
Certificate issuer: /CN=dc0dea4ea2546d7a019a4ef8243b5eb63565c847
Certificate serial: 018571832134A2B8E6999919E92A96297F3E
Authority key identifier: DC:0D:EA:4E:A2:54:6D:7A:01:9A:4E:F8:24:3B:5E:B6:35:65:C8:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3A3qTqJUbXoBmk74JDtetjVlyEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/35a6e5-3364-4a74-964c-3d4b283f322d/1/JZ30L2wxw8hXQNYrPieOXt-oaB8.roa
Signing time: Mon 02 Jan 2023 08:04:57 +0000
ROA not before: Mon 02 Jan 2023 08:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 139.20.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:21:34:a2:b8:e6:99:99:19:e9:2a:96:29:7f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc0dea4ea2546d7a019a4ef8243b5eb63565c847
Validity
Not Before: Jan 2 08:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=259df42f6c31c3c85740d62b3e278e5edfa8681f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ca:fb:c3:00:ec:88:ad:52:ed:d9:d2:f1:48:
ee:d6:f4:ec:2e:71:46:eb:e2:0d:9a:a3:88:75:53:
f8:2f:6c:70:3e:05:84:47:6f:e9:32:ef:48:3a:e9:
09:d7:33:6e:c7:0b:d9:98:25:b0:e0:15:c8:1b:a5:
27:c2:35:2f:b8:76:1e:27:aa:ed:81:6f:c9:10:29:
b6:6c:da:7d:d7:99:87:88:50:0d:be:4d:a1:6a:44:
21:b1:85:e7:7f:0c:95:d3:64:fe:a4:18:c2:82:23:
ca:50:4b:4b:76:d5:86:0e:0e:9a:ed:22:ed:bf:2a:
5b:a7:8e:2f:0b:50:73:cd:22:6b:7d:96:af:25:12:
fd:8f:00:5a:1b:91:55:07:d4:95:cd:e1:72:31:26:
80:0b:b2:7c:7f:45:0d:94:1c:28:e4:95:de:3a:28:
00:f8:7d:5a:52:c3:64:37:1c:a4:79:9b:91:35:80:
55:a1:d9:8c:a7:37:b8:c2:62:8c:27:6c:d1:ed:ca:
eb:18:e1:28:04:d1:4c:0b:9a:b9:d3:75:51:e9:6d:
38:54:db:7c:61:91:d8:63:c6:df:77:28:3d:4f:9e:
12:ff:92:bd:af:4e:b6:a1:56:1a:6e:02:a4:43:3d:
1a:57:48:c2:72:ff:1e:e7:db:33:2d:b1:4b:c0:be:
54:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:9D:F4:2F:6C:31:C3:C8:57:40:D6:2B:3E:27:8E:5E:DF:A8:68:1F
X509v3 Authority Key Identifier:
keyid:DC:0D:EA:4E:A2:54:6D:7A:01:9A:4E:F8:24:3B:5E:B6:35:65:C8:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3A3qTqJUbXoBmk74JDtetjVlyEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/35a6e5-3364-4a74-964c-3d4b283f322d/1/JZ30L2wxw8hXQNYrPieOXt-oaB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/35a6e5-3364-4a74-964c-3d4b283f322d/1/3A3qTqJUbXoBmk74JDtetjVlyEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:7c:6e:98:bf:0d:1f:42:d0:88:6d:4c:c2:fd:f7:26:11:3e:
e2:68:df:11:cf:b8:af:a4:a1:4f:51:8a:2a:e2:f7:74:93:39:
20:7d:e1:5a:a4:a7:39:89:59:87:59:ca:32:68:e9:7c:c8:d4:
2b:06:25:19:2e:7b:5d:9e:ac:42:06:f0:20:8b:68:70:9d:e0:
c3:09:ad:0a:0f:77:8b:b1:ac:94:66:57:9d:9a:ca:cb:96:63:
97:8a:1b:92:01:c9:e2:6a:d6:ad:23:b5:d3:54:05:83:64:9e:
41:de:ee:a7:67:9b:de:b9:a2:60:9d:38:2a:f6:4a:9a:46:50:
65:d2:9a:2a:fa:cf:f1:a2:cc:6f:45:1b:e6:69:05:c9:ac:b1:
bb:f3:93:a7:db:4b:a3:a6:7c:1f:8b:a4:15:3c:91:fb:cc:af:
4e:82:ed:ed:92:5b:19:f6:8b:35:5a:f2:59:2d:da:f5:d5:5d:
14:d7:2f:a0:7d:a0:8a:f8:ac:aa:02:84:db:1e:21:ae:c6:5c:
06:ea:70:c6:cb:ec:10:ec:36:e6:74:6c:6a:eb:d4:7b:f7:11:
08:7a:64:e2:0a:d0:44:b8:78:49:24:86:f7:b7:ce:7f:07:28:
52:94:ac:79:c2:9f:50:67:5a:bb:07:ba:16:7c:b2:16:c2:28:
8c:e1:3f:50
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVxgyE0orjmmZkZ6SqWKX8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMGRlYTRlYTI1NDZkN2EwMTlhNGVmODI0M2I1ZWI2MzU2
NWM4NDcwHhcNMjMwMTAyMDgwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTlkZjQyZjZjMzFjM2M4NTc0MGQ2MmIzZTI3OGU1ZWRmYTg2ODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsr7wwDsiK1S7dnS8Uju1vTsLnFG
6+INmqOIdVP4L2xwPgWER2/pMu9IOukJ1zNuxwvZmCWw4BXIG6UnwjUvuHYeJ6rt
gW/JECm2bNp915mHiFANvk2hakQhsYXnfwyV02T+pBjCgiPKUEtLdtWGDg6a7SLt
vypbp44vC1BzzSJrfZavJRL9jwBaG5FVB9SVzeFyMSaAC7J8f0UNlBwo5JXeOigA
+H1aUsNkNxykeZuRNYBVodmMpze4wmKMJ2zR7crrGOEoBNFMC5q503VR6W04VNt8
YZHYY8bfdyg9T54S/5K9r062oVYabgKkQz0aV0jCcv8e59szLbFLwL5UcQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFCWd9C9sMcPIV0DWKz4njl7fqGgfMB8GA1UdIwQY
MBaAFNwN6k6iVG16AZpO+CQ7XrY1ZchHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0EzcVRxSlViWG9CbWs3NEpEdGV0alZseUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNWE2ZTUtMzM2NC00YTc0LTk2NGMt
M2Q0YjI4M2YzMjJkLzEvSlozMEwyd3h3OGhYUU5ZclBpZU9YdC1vYUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNWE2ZTUtMzM2NC00YTc0LTk2NGMtM2Q0YjI4M2YzMjJk
LzEvM0EzcVRxSlViWG9CbWs3NEpEdGV0alZseUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAixQwDQYJ
KoZIhvcNAQELBQADggEBAAl8bpi/DR9C0IhtTML99yYRPuJo3xHPuK+koU9Riiri
93STOSB94VqkpzmJWYdZyjJo6XzI1CsGJRkue12erEIG8CCLaHCd4MMJrQoPd4ux
rJRmV52aysuWY5eKG5IByeJq1q0jtdNUBYNknkHe7qdnm965omCdOCr2SppGUGXS
mir6z/GizG9FG+ZpBcmssbvzk6fbS6OmfB+LpBU8kfvMr06C7e2SWxn2izVa8lkt
2vXVXRTXL6B9oIr4rKoChNseIa7GXAbqcMbL7BDsNuZ0bGrr1Hv3EQh6ZOIK0ES4
eEkkhve3zn8HKFKUrHnCn1BnWrsHuhZ8shbCKIzhP1A=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:31 2024 by rpki-client on console-fra.rpki-client.org