Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/jXFbPs5MsQDAt8L8F8-d2alyoN4.roa
File: jXFbPs5MsQDAt8L8F8-d2alyoN4.roa (raw, json)
Hash identifier: usxrkd+4NlGQB6sl2CvndK1Tq+Y/Z7FHd1grniJuzAM=
Subject key identifier: 8D:71:5B:3E:CE:4C:B1:00:C0:B7:C2:FC:17:CF:9D:D9:A9:72:A0:DE
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018A89C8C35EABE8891CF17CA6D33D6DB2DA
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/jXFbPs5MsQDAt8L8F8-d2alyoN4.roa
Signing time: Tue 12 Sep 2023 14:25:50 +0000
ROA not before: Tue 12 Sep 2023 14:25:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60647
IP address blocks: 185.88.175.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:c8:c3:5e:ab:e8:89:1c:f1:7c:a6:d3:3d:6d:b2:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Sep 12 14:25:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d715b3ece4cb100c0b7c2fc17cf9dd9a972a0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3c:e1:b2:e3:78:a1:52:72:77:de:9c:95:ac:
7c:db:96:f5:8b:63:c0:f7:78:27:b6:3d:8a:05:57:
06:ef:2d:6a:13:51:c2:9d:d5:c1:02:a1:53:db:14:
83:7b:86:ad:32:3e:4b:28:9d:e4:05:39:2a:07:61:
99:87:3e:38:8a:85:78:30:e9:54:3c:ea:00:2a:d1:
be:96:fe:63:8f:10:c0:cf:fb:65:d3:62:a6:4a:de:
dd:36:a7:e4:35:82:80:b1:82:49:df:bf:72:b5:1b:
72:57:89:7b:b4:a2:47:1f:b6:b2:53:6b:b3:d1:18:
d1:29:d8:d8:52:6e:e0:8e:5e:6d:d0:4c:d8:f8:ab:
17:19:36:4e:92:a8:fa:1c:7e:61:66:28:e6:72:c2:
98:96:86:42:4b:8e:ab:8b:7a:25:b9:29:e5:48:80:
68:cc:7b:56:17:cc:57:78:20:20:08:c6:7f:fe:7a:
71:ec:86:df:e1:a0:fd:37:4c:60:1e:e9:b4:77:00:
5b:78:7d:74:bc:98:22:00:f1:0c:95:54:62:be:d0:
f2:ff:34:fe:c1:4f:6d:d6:5d:32:9f:81:72:b4:0c:
91:9e:63:ea:70:f9:b5:00:ed:5e:d1:79:0a:bc:e3:
fd:ff:f2:eb:af:71:31:d9:76:ce:db:31:dc:60:56:
1e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:71:5B:3E:CE:4C:B1:00:C0:B7:C2:FC:17:CF:9D:D9:A9:72:A0:DE
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/jXFbPs5MsQDAt8L8F8-d2alyoN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.175.0/24
185.98.63.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:a0:7e:58:fc:d8:a0:92:21:13:73:3f:06:96:c1:9b:2d:70:
9e:09:dc:8e:c6:51:03:b1:8b:19:95:2e:7d:87:e6:e8:de:a5:
a8:f1:28:2b:b0:25:e7:cf:64:eb:18:e7:45:96:f4:bf:86:3b:
dc:c4:63:17:d9:87:c6:42:b1:a4:d4:9b:8a:d4:28:fe:92:74:
8c:59:14:8c:73:aa:80:62:f2:50:1e:b1:7d:f7:0c:38:3d:4c:
96:6d:80:76:8f:a8:62:2d:0f:a4:8c:08:23:ef:27:bb:83:1f:
a4:68:1b:37:f7:14:6e:b2:4e:e1:99:bc:41:aa:80:7c:a2:d5:
cc:88:58:32:40:91:64:48:b0:2c:59:d0:bc:99:b9:a1:0c:1f:
2e:0a:7c:79:5d:c5:8f:c2:16:a3:c7:83:8a:1c:75:f5:d3:dc:
5a:9e:56:bc:81:86:f7:70:7b:7e:a7:d5:12:c1:f9:b8:73:69:
d0:93:3d:1e:2f:42:69:cd:c4:25:37:8a:d0:04:53:6f:40:80:
2f:35:09:15:32:ba:cc:d4:93:7b:5d:9d:c8:53:04:35:37:ff:
01:bb:2b:75:a7:68:22:b4:7b:17:af:f8:10:2f:cd:dc:dd:54:
ac:e5:2e:8f:8c:e6:7f:00:e5:15:59:20:16:14:3d:9b:42:1e:
74:cd:96:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqJyMNeq+iJHPF8ptM9bbLaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwOTEyMTQyNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDcxNWIzZWNlNGNiMTAwYzBiN2MyZmMxN2NmOWRkOWE5NzJhMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzzhsuN4oVJyd96clax825b1i2PA
93gntj2KBVcG7y1qE1HCndXBAqFT2xSDe4atMj5LKJ3kBTkqB2GZhz44ioV4MOlU
POoAKtG+lv5jjxDAz/tl02KmSt7dNqfkNYKAsYJJ379ytRtyV4l7tKJHH7ayU2uz
0RjRKdjYUm7gjl5t0EzY+KsXGTZOkqj6HH5hZijmcsKYloZCS46ri3oluSnlSIBo
zHtWF8xXeCAgCMZ//npx7Ibf4aD9N0xgHum0dwBbeH10vJgiAPEMlVRivtDy/zT+
wU9t1l0yn4FytAyRnmPqcPm1AO1e0XkKvOP9//Lrr3Ex2XbO2zHcYFYeRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI1xWz7OTLEAwLfC/BfPndmpcqDeMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvalhGYlBzNU1zUURBdDhMOEY4LWQyYWx5b040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVivAwQA
uWI/MA0GCSqGSIb3DQEBCwUAA4IBAQB9oH5Y/NigkiETcz8GlsGbLXCeCdyOxlED
sYsZlS59h+bo3qWo8SgrsCXnz2TrGOdFlvS/hjvcxGMX2YfGQrGk1JuK1Cj+knSM
WRSMc6qAYvJQHrF99ww4PUyWbYB2j6hiLQ+kjAgj7ye7gx+kaBs39xRusk7hmbxB
qoB8otXMiFgyQJFkSLAsWdC8mbmhDB8uCnx5XcWPwhajx4OKHHX109xanla8gYb3
cHt+p9USwfm4c2nQkz0eL0JpzcQlN4rQBFNvQIAvNQkVMrrM1JN7XZ3IUwQ1N/8B
uyt1p2gitHsXr/gQL83c3VSs5S6PjOZ/AOUVWSAWFD2bQh50zZYE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org