Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/Jkp18ywhrtbyP-yrLPexmMsP4T0.roa
File: Jkp18ywhrtbyP-yrLPexmMsP4T0.roa (raw, json)
Hash identifier: AtIEg4QgXsQxBvkn+rQqzy+nlb3CSjtg0Cz0yFhs/Fg=
Subject key identifier: 26:4A:75:F3:2C:21:AE:D6:F2:3F:EC:AB:2C:F7:B1:98:CB:0F:E1:3D
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A91FAC852FC34BF1869FD8B8C43D8F4
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/Jkp18ywhrtbyP-yrLPexmMsP4T0.roa
Signing time: Sat 25 Mar 2023 20:59:47 +0000
ROA not before: Sat 25 Mar 2023 20:59:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213296
IP address blocks: 194.28.158.0/24 maxlen: 24
194.28.156.0/24 maxlen: 24
194.104.4.0/24 maxlen: 24
194.104.6.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
185.177.78.0/23 maxlen: 24
212.69.134.0/24 maxlen: 24
212.69.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 15:41:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:91:fa:c8:52:fc:34:bf:18:69:fd:8b:8c:43:d8:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 20:59:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=264a75f32c21aed6f23fecab2cf7b198cb0fe13d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0e:e5:9c:66:22:35:60:63:90:af:9d:72:f3:
65:3e:92:d7:a8:f1:a9:91:00:60:6d:07:10:0f:87:
cc:cf:88:0c:14:ce:49:90:58:b0:41:52:65:e2:ad:
f1:5d:7c:16:e9:aa:0a:0d:37:66:8f:1e:22:c5:2f:
5e:a2:32:da:44:0e:2e:d6:47:63:e5:0e:13:6c:2e:
d3:6c:f0:07:2f:16:e7:f9:06:5a:ff:50:41:86:de:
19:03:34:36:1c:98:e2:bd:c5:3e:5c:cd:fd:4a:a0:
bf:8f:13:9e:19:00:b3:d5:5a:bf:3c:de:19:a8:7f:
23:46:c1:0b:92:4e:fa:cd:c7:5c:b2:d1:48:25:c8:
85:3e:f0:98:84:0f:da:33:f1:11:9d:ad:dc:d1:e7:
a5:5f:d3:52:bd:a9:c3:9d:f0:4e:07:de:93:7b:53:
4c:19:86:59:f7:5a:60:4d:6a:fd:8b:b3:e2:91:8e:
ba:f6:3f:24:87:a0:9c:d7:20:46:46:95:a9:1e:a3:
44:11:2b:cc:6d:68:94:10:51:da:12:30:ad:1f:6b:
92:26:d9:36:68:15:7f:3d:dd:23:eb:ae:e1:cc:a6:
7d:0e:bb:a6:2a:55:db:24:5b:69:6e:35:c9:34:ef:
cc:53:3f:20:82:81:4a:e8:6b:1b:d1:27:bb:79:4b:
bd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:4A:75:F3:2C:21:AE:D6:F2:3F:EC:AB:2C:F7:B1:98:CB:0F:E1:3D
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/Jkp18ywhrtbyP-yrLPexmMsP4T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.78.0/23
194.28.156.0/24
194.28.158.0/24
194.104.4.0-194.104.6.255
212.69.132.0-212.69.134.255
Signature Algorithm: sha256WithRSAEncryption
49:c9:15:3c:9c:b5:7a:3a:e2:41:61:bc:47:ed:48:81:8d:1b:
85:81:fe:ab:15:97:39:cb:e5:b6:79:4b:6d:da:52:f2:98:f8:
e6:70:f3:be:64:56:78:72:51:7e:b5:7f:4e:cd:2d:bf:c5:20:
e7:ec:af:b0:b3:0f:17:4a:fc:b3:3d:55:f1:a1:b4:ea:f5:47:
c8:73:70:45:57:fb:7c:a1:f4:8d:20:b6:b9:2c:16:74:d5:28:
16:65:24:cc:89:86:18:f6:43:4d:78:d4:c0:b4:13:d9:3b:ed:
47:54:36:69:ba:ca:c5:97:0a:f3:60:4f:f3:67:e1:bb:61:5c:
11:ce:08:5f:09:99:11:47:a0:d8:ac:2f:a9:a3:e7:65:ca:39:
bd:17:0f:8b:6f:f5:76:fe:9e:89:ee:0a:58:27:0a:f9:4b:83:
8b:89:8f:b0:62:db:59:08:1f:7e:1b:5f:e7:da:05:65:c4:6e:
fb:45:70:43:d0:67:cb:b4:47:d0:30:75:b6:d1:5e:af:c4:d6:
a9:a9:85:5c:9b:b7:20:0a:93:69:95:a1:e3:a0:e3:5f:3d:fb:
b7:0e:6b:af:1a:20:d7:35:44:40:c5:68:22:68:b2:ec:ac:7d:
79:3e:a9:6d:d4:f8:ce:dc:3b:e9:a2:69:90:db:86:a5:43:ed:
35:90:c8:e0
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYcakfrIUvw0vxhp/YuMQ9j0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjA1OTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjRhNzVmMzJjMjFhZWQ2ZjIzZmVjYWIyY2Y3YjE5OGNiMGZlMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg7lnGYiNWBjkK+dcvNlPpLXqPGp
kQBgbQcQD4fMz4gMFM5JkFiwQVJl4q3xXXwW6aoKDTdmjx4ixS9eojLaRA4u1kdj
5Q4TbC7TbPAHLxbn+QZa/1BBht4ZAzQ2HJjivcU+XM39SqC/jxOeGQCz1Vq/PN4Z
qH8jRsELkk76zcdcstFIJciFPvCYhA/aM/ERna3c0eelX9NSvanDnfBOB96Te1NM
GYZZ91pgTWr9i7PikY669j8kh6Cc1yBGRpWpHqNEESvMbWiUEFHaEjCtH2uSJtk2
aBV/Pd0j667hzKZ9DrumKlXbJFtpbjXJNO/MUz8ggoFK6Gsb0Se7eUu9wQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCZKdfMsIa7W8j/sqyz3sZjLD+E9MB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvSmtwMTh5d2hydGJ5UC15ckxQZXhtTXNQNFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBubFOAwQA
whycAwQAwhyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0B
AQsFAAOCAQEASckVPJy1ejriQWG8R+1IgY0bhYH+qxWXOcvltnlLbdpS8pj45nDz
vmRWeHJRfrV/Ts0tv8Ug5+yvsLMPF0r8sz1V8aG06vVHyHNwRVf7fKH0jSC2uSwW
dNUoFmUkzImGGPZDTXjUwLQT2TvtR1Q2abrKxZcK82BP82fhu2FcEc4IXwmZEUeg
2KwvqaPnZco5vRcPi2/1dv6eie4KWCcK+UuDi4mPsGLbWQgffhtf59oFZcRu+0Vw
Q9Bny7RH0DB1ttFer8TWqamFXJu3IAqTaZWh46DjXz37tw5rrxog1zVEQMVoImiy
7Kx9eT6pbdT4ztw76aJpkNuGpUPtNZDI4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:20 2024 by rpki-client on console-ams.rpki-client.org