Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/jVxBE_6LrNbyBs9DmxSrDFYzdgA.roa
File: jVxBE_6LrNbyBs9DmxSrDFYzdgA.roa (raw, json)
Hash identifier: 0xEpOeXGk0pE8YZDYVLZstzq5AKOiFW+GWsHZEr238c=
Subject key identifier: 8D:5C:41:13:FE:8B:AC:D6:F2:06:CF:43:9B:14:AB:0C:56:33:76:00
Certificate issuer: /CN=9c67ea34a011a4773871583ec3954e791d8c028d
Certificate serial: 018CC34962108486384BA5D19C93476D7B6C
Authority key identifier: 9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/jVxBE_6LrNbyBs9DmxSrDFYzdgA.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205314
IP address blocks: 185.138.20.0/22 maxlen: 22
2a12:ddc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 11 Jun 2024 10:25:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:62:10:84:86:38:4b:a5:d1:9c:93:47:6d:7b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c67ea34a011a4773871583ec3954e791d8c028d
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d5c4113fe8bacd6f206cf439b14ab0c56337600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:20:6c:9c:c3:22:16:f5:c5:c3:b4:5f:37:03:
6d:4d:dc:c5:11:e6:f6:c4:1a:d3:ca:c7:63:34:1d:
fc:39:71:42:91:53:9c:58:9c:46:07:04:fc:fb:4b:
13:fd:66:4a:f3:7e:c2:d6:1d:df:b7:2b:9b:29:52:
0e:5a:82:68:3c:6d:49:6c:b2:96:dc:54:40:1e:b7:
39:7e:62:06:e9:b0:26:f3:e6:d2:c6:c3:52:4c:e1:
9f:68:cd:38:90:08:69:34:98:53:44:be:2c:d1:53:
2d:99:18:7c:0b:7b:98:f0:ca:29:37:68:77:21:3a:
98:cd:b7:ad:60:37:8a:d9:67:1a:dd:5f:19:8c:be:
ef:76:3a:2d:19:ab:e9:a4:7c:88:ec:16:97:59:98:
36:d1:8c:30:eb:8a:1d:14:b0:6e:d7:da:9e:9f:d3:
73:2e:2e:1d:f3:19:c1:9a:77:7b:bd:8c:b2:fb:10:
a9:39:06:1a:d3:d4:93:b2:c7:7b:a9:e2:2a:8a:7f:
9f:2c:8a:11:84:9d:59:36:e5:03:51:33:6a:92:03:
e5:70:10:ef:ae:73:d1:c3:f2:98:ca:47:95:22:79:
1c:6a:d3:64:82:51:49:7f:f5:c7:02:59:2d:fe:78:
89:f9:4b:d8:f3:67:2a:05:ed:77:a8:4d:54:0c:9f:
a4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:5C:41:13:FE:8B:AC:D6:F2:06:CF:43:9B:14:AB:0C:56:33:76:00
X509v3 Authority Key Identifier:
keyid:9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/jVxBE_6LrNbyBs9DmxSrDFYzdgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.20.0/22
IPv6:
2a12:ddc0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:4f:7b:93:92:98:4f:69:04:c1:d4:4d:64:45:00:d7:ab:a6:
60:36:94:5d:14:b6:38:2d:91:50:c2:e1:2c:0d:f0:a0:81:b9:
cf:ba:36:ef:a7:2f:ad:d6:a2:aa:60:7e:16:ee:d1:92:b3:72:
7d:bf:c8:8d:26:66:ec:8b:02:d1:ab:04:54:f2:27:37:28:4a:
16:63:6b:9e:25:5a:55:55:33:15:9b:64:6b:8b:8a:d3:00:bd:
fc:d3:14:15:64:0f:e6:96:ac:32:02:27:05:ac:de:52:e5:ca:
7a:2d:cd:5e:aa:0e:22:30:c8:d1:37:91:ae:3d:32:4b:64:98:
a1:48:53:8e:e9:87:99:9f:b0:63:22:42:14:fe:ac:32:9b:c0:
93:d2:2d:33:cb:07:f4:fc:73:d6:7f:d5:73:7e:fe:cc:eb:4b:
8f:bf:f0:83:bc:81:c4:55:03:f2:4c:71:94:dc:dc:f0:31:2a:
d3:ba:1a:d0:85:68:2a:a6:c1:ef:8b:f5:8d:39:97:13:3a:d2:
cb:e1:9a:3f:c0:51:1b:88:48:e3:7a:08:64:93:d0:70:05:6c:
fa:c8:0e:c5:4f:dd:f7:65:b7:73:43:b6:83:4b:be:4e:d7:88:
64:12:b7:eb:c5:0e:03:65:7d:98:ce:9d:45:19:65:05:ca:5a:
9d:4e:04:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSWIQhIY4S6XRnJNHbXtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNjdlYTM0YTAxMWE0NzczODcxNTgzZWMzOTU0ZTc5MWQ4
YzAyOGQwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDVjNDExM2ZlOGJhY2Q2ZjIwNmNmNDM5YjE0YWIwYzU2MzM3NjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyBsnMMiFvXFw7RfNwNtTdzFEeb2
xBrTysdjNB38OXFCkVOcWJxGBwT8+0sT/WZK837C1h3ftyubKVIOWoJoPG1JbLKW
3FRAHrc5fmIG6bAm8+bSxsNSTOGfaM04kAhpNJhTRL4s0VMtmRh8C3uY8MopN2h3
ITqYzbetYDeK2Wca3V8ZjL7vdjotGavppHyI7BaXWZg20Yww64odFLBu19qen9Nz
Li4d8xnBmnd7vYyy+xCpOQYa09STssd7qeIqin+fLIoRhJ1ZNuUDUTNqkgPlcBDv
rnPRw/KYykeVInkcatNkglFJf/XHAlkt/niJ+UvY82cqBe13qE1UDJ+kLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI1cQRP+i6zW8gbPQ5sUqwxWM3YAMB8GA1UdIwQY
MBaAFJxn6jSgEaR3OHFYPsOVTnkdjAKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgt
ODJjNjdjNjllOTIzLzEvalZ4QkVfNkxyTmJ5QnM5RG14U3JERll6ZGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgtODJjNjdjNjllOTIz
LzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYoUMA0E
AgACMAcDBQMqEt3AMA0GCSqGSIb3DQEBCwUAA4IBAQAvT3uTkphPaQTB1E1kRQDX
q6ZgNpRdFLY4LZFQwuEsDfCggbnPujbvpy+t1qKqYH4W7tGSs3J9v8iNJmbsiwLR
qwRU8ic3KEoWY2ueJVpVVTMVm2Rri4rTAL380xQVZA/mlqwyAicFrN5S5cp6Lc1e
qg4iMMjRN5GuPTJLZJihSFOO6YeZn7BjIkIU/qwym8CT0i0zywf0/HPWf9Vzfv7M
60uPv/CDvIHEVQPyTHGU3NzwMSrTuhrQhWgqpsHvi/WNOZcTOtLL4Zo/wFEbiEjj
eghkk9BwBWz6yA7FT933ZbdzQ7aDS75O14hkErfrxQ4DZX2Yzp1FGWUFylqdTgQV
-----END CERTIFICATE-----
Generated at Tue Jun 11 16:28:24 2024 by rpki-client on console-ams.rpki-client.org