Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/jbg3L3e7ZptASy4uwQA-7l25SbY.roa
File: jbg3L3e7ZptASy4uwQA-7l25SbY.roa (raw, json)
Hash identifier: +Fxiz5071NzKMbfOZ5vWFv4Qc7JMeYal7teYCjrXQPw=
Subject key identifier: 8D:B8:37:2F:77:BB:66:9B:40:4B:2E:2E:C1:00:3E:EE:5D:B9:49:B6
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 0185701EE16329F0035D8E6832A823027420
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/jbg3L3e7ZptASy4uwQA-7l25SbY.roa
Signing time: Mon 02 Jan 2023 01:35:49 +0000
ROA not before: Mon 02 Jan 2023 01:35:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197071
IP address blocks: 31.214.240.0/21 maxlen: 32
95.156.226.0/23 maxlen: 32
95.156.225.0/24 maxlen: 32
109.230.252.0/22 maxlen: 32
95.156.228.0/22 maxlen: 32
95.156.232.0/24 maxlen: 32
185.87.20.0/22 maxlen: 32
109.230.195.0/24 maxlen: 32
46.251.225.0/24 maxlen: 32
46.251.227.0/24 maxlen: 32
109.230.224.0/20 maxlen: 32
31.214.149.0/24 maxlen: 32
134.255.220.0/22 maxlen: 32
134.255.224.0/22 maxlen: 32
134.255.228.0/23 maxlen: 32
134.255.230.0/24 maxlen: 32
134.255.235.0/24 maxlen: 32
134.255.236.0/22 maxlen: 32
134.255.252.0/22 maxlen: 32
193.25.201.0/24 maxlen: 32
2a05:bec0::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:e1:63:29:f0:03:5d:8e:68:32:a8:23:02:74:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 2 01:35:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8db8372f77bb669b404b2e2ec1003eee5db949b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e0:93:98:d1:30:ff:53:dd:6f:31:e8:51:6b:
57:88:9e:83:3c:35:be:69:d3:61:50:b8:f4:ac:03:
e2:b2:c9:1e:5e:ea:5c:c8:4f:5d:18:29:31:dc:5f:
5f:5c:5e:8c:07:de:c2:7b:e6:c8:77:85:87:0e:81:
f5:88:06:66:87:56:94:0e:c9:7b:75:33:5c:8b:2b:
ec:56:0d:b6:95:20:19:ce:db:25:d0:84:fc:bf:55:
43:d5:18:52:90:bc:db:7b:2c:45:61:98:6b:71:df:
8c:bf:d8:c7:50:a8:f6:6a:7e:31:ca:15:ef:77:cc:
7e:39:b7:51:4d:e4:4e:08:bd:f5:39:b4:1d:b5:1f:
3b:24:85:23:c9:a0:06:b7:90:c9:66:74:ac:05:b7:
e6:95:1f:eb:39:47:05:a5:bc:8d:2d:d9:4f:d0:3d:
ad:02:87:03:6b:8d:2d:c0:9b:5b:04:b7:77:71:91:
46:0c:52:95:39:95:b4:0b:d7:54:23:0a:94:8e:4f:
5c:4a:42:66:28:d5:f6:97:a9:b7:81:50:2a:fe:6d:
83:dc:b0:ec:1c:87:9d:6d:10:8a:56:cc:2a:3f:14:
0c:8a:59:e4:d0:63:81:66:f0:41:92:46:5f:70:0c:
f3:e5:d1:1e:07:5b:1a:5f:de:68:23:e5:db:08:f8:
b0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B8:37:2F:77:BB:66:9B:40:4B:2E:2E:C1:00:3E:EE:5D:B9:49:B6
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/jbg3L3e7ZptASy4uwQA-7l25SbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.149.0/24
31.214.240.0/21
46.251.225.0/24
46.251.227.0/24
95.156.225.0-95.156.232.255
109.230.195.0/24
109.230.224.0/20
109.230.252.0/22
134.255.220.0-134.255.230.255
134.255.235.0-134.255.239.255
134.255.252.0/22
185.87.20.0/22
193.25.201.0/24
IPv6:
2a05:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
a5:20:d2:30:68:0e:87:35:2d:87:61:e1:74:b3:a1:a4:76:cc:
65:37:5b:8e:09:a4:1c:11:8a:22:c3:bf:01:c2:27:27:57:06:
18:0e:a5:03:eb:73:4e:cd:3c:a0:2e:1e:f1:20:bc:00:df:86:
55:35:84:90:72:a9:86:9d:06:f3:78:4d:4c:01:c3:88:c8:cd:
3c:ef:45:f4:bf:2e:0c:7e:4b:dd:37:4e:07:1e:88:02:c1:fb:
86:19:3b:64:44:a7:52:87:29:5f:23:3d:ed:ef:ce:23:a5:a2:
73:e8:13:4e:73:4f:25:94:44:f0:95:3a:53:51:34:8f:4d:f1:
3a:98:e4:4e:a5:64:a6:a3:ae:1b:39:16:b2:b4:b1:7d:c3:b7:
e4:f0:4b:ed:d6:42:42:c5:31:08:b9:b4:05:19:14:d1:cf:53:
19:d3:67:b5:09:16:8a:42:1e:df:b6:0f:3f:ee:4b:64:2c:8e:
ad:ea:65:03:e0:77:2e:af:06:dc:32:cd:a1:df:c0:1f:0b:63:
e4:fc:d7:ec:b0:9d:f2:a5:0b:9e:b8:4b:3e:b2:9a:35:16:02:
00:e7:3a:0d:8a:40:f6:32:81:a4:c3:42:75:25:30:f5:4d:9b:
14:b3:81:d3:61:00:70:c0:5d:cf:5f:fc:ac:80:af:11:6b:d9:
46:b8:6d:90
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYVwHuFjKfADXY5oMqgjAnQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjMwMTAyMDEzNTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGI4MzcyZjc3YmI2NjliNDA0YjJlMmVjMTAwM2VlZTVkYjk0OWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOCTmNEw/1PdbzHoUWtXiJ6DPDW+
adNhULj0rAPisskeXupcyE9dGCkx3F9fXF6MB97Ce+bId4WHDoH1iAZmh1aUDsl7
dTNciyvsVg22lSAZztsl0IT8v1VD1RhSkLzbeyxFYZhrcd+Mv9jHUKj2an4xyhXv
d8x+ObdRTeROCL31ObQdtR87JIUjyaAGt5DJZnSsBbfmlR/rOUcFpbyNLdlP0D2t
AocDa40twJtbBLd3cZFGDFKVOZW0C9dUIwqUjk9cSkJmKNX2l6m3gVAq/m2D3LDs
HIedbRCKVswqPxQMilnk0GOBZvBBkkZfcAzz5dEeB1saX95oI+XbCPiwIwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFI24Ny93u2abQEsuLsEAPu5duUm2MB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvamJnM0wzZTdacHRBU3k0dXdRQS03bDI1U2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAB/WlQME
Ax/W8AMEAC774QMEAC774zAMAwQAX5zhAwQAX5zoAwQAbebDAwQEbebgAwQCbeb8
MAwDBAKG/9wDBACG/+YwDAMEAIb/6wMEBIb/4AMEAob//AMEArlXFAMEAMEZyTAN
BAIAAjAHAwUDKgW+wDANBgkqhkiG9w0BAQsFAAOCAQEApSDSMGgOhzUth2HhdLOh
pHbMZTdbjgmkHBGKIsO/AcInJ1cGGA6lA+tzTs08oC4e8SC8AN+GVTWEkHKphp0G
83hNTAHDiMjNPO9F9L8uDH5L3TdOBx6IAsH7hhk7ZESnUocpXyM97e/OI6Wic+gT
TnNPJZRE8JU6U1E0j03xOpjkTqVkpqOuGzkWsrSxfcO35PBL7dZCQsUxCLm0BRkU
0c9TGdNntQkWikIe37YPP+5LZCyOreplA+B3Lq8G3DLNod/AHwtj5PzX7LCd8qUL
nrhLPrKaNRYCAOc6DYpA9jKBpMNCdSUw9U2bFLOB02EAcMBdz1/8rICvEWvZRrht
kA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:07 2024 by rpki-client on console-fra.rpki-client.org