Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/J574-3jmej2fvDaT9S4U4HFxdZ4.roa
File: J574-3jmej2fvDaT9S4U4HFxdZ4.roa (raw, json)
Hash identifier: QaE/VnVV44N8bi78MLNoyUlB4BOO9icJOmvSjF+hg+8=
Subject key identifier: 27:9E:F8:FB:78:E6:7A:3D:9F:BC:36:93:F5:2E:14:E0:71:71:75:9E
Certificate issuer: /CN=b194f0304eedd363c6622fd91c59b10871aa3044
Certificate serial: 01856FCBA108A33EDE38526DD3BF08688BEF
Authority key identifier: B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/J574-3jmej2fvDaT9S4U4HFxdZ4.roa
Signing time: Mon 02 Jan 2023 00:04:54 +0000
ROA not before: Mon 02 Jan 2023 00:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30870
IP address blocks: 185.40.56.0/22 maxlen: 24
185.108.116.0/22 maxlen: 24
194.30.160.0/24 maxlen: 24
87.101.8.0/21 maxlen: 21
2a01:4d60::/32 maxlen: 48
2a06:4a80::/29 maxlen: 40
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:a1:08:a3:3e:de:38:52:6d:d3:bf:08:68:8b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b194f0304eedd363c6622fd91c59b10871aa3044
Validity
Not Before: Jan 2 00:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=279ef8fb78e67a3d9fbc3693f52e14e07171759e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:04:6d:ab:05:c7:dd:2f:02:32:92:e1:37:10:
a2:a0:e8:24:aa:70:02:3a:77:f5:b5:14:95:f5:34:
4d:13:e2:23:22:f8:38:b4:a3:d3:50:1e:c9:be:74:
e6:b7:4a:01:64:b6:e1:83:61:40:ed:ae:73:6c:fd:
bb:bd:0f:f7:93:ff:d9:bf:89:58:13:2e:83:ab:4f:
de:42:1e:48:c4:27:69:18:d2:b3:d3:e0:74:e2:cd:
b9:3d:58:f6:35:8b:60:62:33:3c:38:91:09:20:7f:
fb:25:49:70:49:e2:31:1a:c9:34:41:de:99:e4:a4:
b0:b2:fb:7e:c0:fe:4c:fa:97:98:b3:c4:f5:51:30:
67:27:12:42:18:ff:d1:b9:63:a9:25:3f:5d:00:6c:
c6:d7:7c:27:15:bd:90:5a:f1:1f:74:dc:e3:c0:db:
6d:c3:00:7b:c6:a2:29:2e:b8:89:4e:aa:81:be:30:
9a:22:80:8a:b2:e2:ec:d1:ad:0f:43:dc:42:a9:12:
12:43:42:93:5d:45:8a:bc:9e:57:de:b0:32:6f:dd:
bc:41:e6:ee:ba:4d:23:7f:97:0b:b8:60:c7:64:75:
cc:65:b4:06:b3:44:e6:34:5b:47:04:38:3e:51:71:
11:94:39:80:c3:6e:27:f5:42:45:bf:ed:c0:45:f3:
61:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:9E:F8:FB:78:E6:7A:3D:9F:BC:36:93:F5:2E:14:E0:71:71:75:9E
X509v3 Authority Key Identifier:
keyid:B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/J574-3jmej2fvDaT9S4U4HFxdZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.101.8.0/21
185.40.56.0/22
185.108.116.0/22
194.30.160.0/24
IPv6:
2a01:4d60::/32
2a06:4a80::/29
Signature Algorithm: sha256WithRSAEncryption
75:1b:a2:55:d5:54:33:14:ec:d6:14:78:7c:4f:1a:34:a3:91:
77:67:5f:6b:26:86:a0:96:0a:30:d0:b4:1e:68:8e:08:6e:7f:
a3:e7:59:22:64:fb:73:fe:25:e6:6a:b4:a4:fa:c2:33:7d:b5:
e0:13:df:ba:5b:85:45:af:20:6e:ec:fd:9f:a0:28:19:29:e6:
6f:16:32:ee:20:1c:91:72:2b:57:03:eb:e6:95:e7:b2:bb:1f:
f6:91:06:63:43:a8:8f:ee:be:d3:fd:70:ae:e4:45:61:a1:9b:
a6:80:21:ac:8c:ee:0e:1c:05:a2:74:c3:c1:53:29:92:1b:e1:
7c:20:7d:fb:c1:9a:89:67:12:63:c1:4c:be:4b:17:a9:21:7c:
05:7e:0d:55:5a:d2:57:2a:d5:27:08:fd:18:3e:ed:bd:0a:af:
13:ff:c9:cf:1e:12:28:0c:f0:90:58:8f:04:7c:b1:08:4f:72:
64:d1:36:d7:25:4b:94:92:ad:28:13:ae:77:e4:5b:dc:24:46:
e2:74:e7:f6:8e:43:a8:be:96:3c:c3:b9:70:df:bf:ef:80:43:
17:ed:d8:6a:b6:80:af:61:33:21:66:e0:0c:74:e1:91:f1:dc:
68:2c:62:f1:38:43:8a:f0:25:f6:59:75:26:cb:bc:93:4b:29:
cf:85:4e:ee
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVvy6EIoz7eOFJt078IaIvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOTRmMDMwNGVlZGQzNjNjNjYyMmZkOTFjNTliMTA4NzFh
YTMwNDQwHhcNMjMwMTAyMDAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzllZjhmYjc4ZTY3YTNkOWZiYzM2OTNmNTJlMTRlMDcxNzE3NTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgARtqwXH3S8CMpLhNxCioOgkqnAC
Onf1tRSV9TRNE+IjIvg4tKPTUB7JvnTmt0oBZLbhg2FA7a5zbP27vQ/3k//Zv4lY
Ey6Dq0/eQh5IxCdpGNKz0+B04s25PVj2NYtgYjM8OJEJIH/7JUlwSeIxGsk0Qd6Z
5KSwsvt+wP5M+peYs8T1UTBnJxJCGP/RuWOpJT9dAGzG13wnFb2QWvEfdNzjwNtt
wwB7xqIpLriJTqqBvjCaIoCKsuLs0a0PQ9xCqRISQ0KTXUWKvJ5X3rAyb928Qebu
uk0jf5cLuGDHZHXMZbQGs0TmNFtHBDg+UXERlDmAw24n9UJFv+3ARfNhjwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCee+Pt45no9n7w2k/UuFOBxcXWeMB8GA1UdIwQY
MBaAFLGU8DBO7dNjxmIv2RxZsQhxqjBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUt
YWZiZGJkYWQ1OGE1LzEvSjU3NC0zam1lajJmdkRhVDlTNFU0SEZ4ZFo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUtYWZiZGJkYWQ1OGE1
LzEvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDV2UIAwQC
uSg4AwQCuWx0AwQAwh6gMBQEAgACMA4DBQAqAU1gAwUDKgZKgDANBgkqhkiG9w0B
AQsFAAOCAQEAdRuiVdVUMxTs1hR4fE8aNKORd2dfayaGoJYKMNC0HmiOCG5/o+dZ
ImT7c/4l5mq0pPrCM3214BPfuluFRa8gbuz9n6AoGSnmbxYy7iAckXIrVwPr5pXn
srsf9pEGY0Ooj+6+0/1wruRFYaGbpoAhrIzuDhwFonTDwVMpkhvhfCB9+8GaiWcS
Y8FMvksXqSF8BX4NVVrSVyrVJwj9GD7tvQqvE//Jzx4SKAzwkFiPBHyxCE9yZNE2
1yVLlJKtKBOud+Rb3CRG4nTn9o5DqL6WPMO5cN+/74BDF+3YaraAr2EzIWbgDHTh
kfHcaCxi8ThDivAl9ll1Jsu8k0spz4VO7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:02 2024 by rpki-client on console-fra.rpki-client.org