Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/b20bec-3846-4bd1-812f-06e00a3ea062/1/J8imZNCdnThqcJ9-n9fudnBYXUY.roa
File: J8imZNCdnThqcJ9-n9fudnBYXUY.roa (raw, json)
Hash identifier: IwfYyUCnstr27EHSvlDALIQVqOF6yYTGcJgsLRNcqMQ=
Subject key identifier: 27:C8:A6:64:D0:9D:9D:38:6A:70:9F:7E:9F:D7:EE:76:70:58:5D:46
Certificate issuer: /CN=8d62ddbdf958bb4b983da962ecf03beaee38d449
Certificate serial: 018571F0E167623FFA8461116ACDD77857A1
Authority key identifier: 8D:62:DD:BD:F9:58:BB:4B:98:3D:A9:62:EC:F0:3B:EA:EE:38:D4:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jWLdvflYu0uYPali7PA76u441Ek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/b20bec-3846-4bd1-812f-06e00a3ea062/1/J8imZNCdnThqcJ9-n9fudnBYXUY.roa
Signing time: Mon 02 Jan 2023 10:04:49 +0000
ROA not before: Mon 02 Jan 2023 10:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206114
IP address blocks: 87.255.160.0/19 maxlen: 19
2a04:2800::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:e1:67:62:3f:fa:84:61:11:6a:cd:d7:78:57:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d62ddbdf958bb4b983da962ecf03beaee38d449
Validity
Not Before: Jan 2 10:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27c8a664d09d9d386a709f7e9fd7ee7670585d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:99:7c:fc:bd:e7:b2:95:4c:34:15:b1:49:95:
d3:b2:e6:2e:f9:b6:1f:a8:76:5f:e9:f7:53:87:b6:
24:b2:c5:83:d1:fb:1c:3f:5e:4c:97:22:28:3d:f5:
ed:1f:0b:10:a9:97:41:ab:bb:bb:cb:a3:d1:06:75:
e9:37:7e:5d:26:2b:71:83:ee:e3:a7:aa:8e:5e:e9:
b4:4d:58:79:f6:32:9f:3f:13:91:db:df:16:56:bc:
55:49:cc:97:35:9a:67:40:b9:b0:1d:6c:32:30:eb:
d1:de:d6:94:ff:65:49:f1:57:66:a8:c0:27:06:be:
a0:f5:06:d8:d4:b1:08:0b:1e:91:8c:5a:68:f2:87:
d9:99:96:02:85:2c:f8:ba:46:bc:91:c4:c1:fa:ea:
e8:39:7d:65:bd:4c:ab:77:f4:9e:ff:2f:9a:1e:a4:
de:73:0d:53:6c:03:cb:ba:b7:ef:86:8b:54:24:4b:
82:8d:61:f2:6f:f0:3f:ab:2b:05:77:2a:a1:72:22:
15:c9:3c:fb:c2:b4:78:d0:26:32:95:1f:e9:b7:38:
e4:c2:19:cd:74:a0:9f:77:de:b6:87:7a:13:05:1a:
81:67:85:e3:df:88:94:08:c9:6f:e0:90:11:07:ac:
42:95:01:b7:e1:5b:cf:c8:b8:07:fb:d5:f4:6d:a7:
9b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C8:A6:64:D0:9D:9D:38:6A:70:9F:7E:9F:D7:EE:76:70:58:5D:46
X509v3 Authority Key Identifier:
keyid:8D:62:DD:BD:F9:58:BB:4B:98:3D:A9:62:EC:F0:3B:EA:EE:38:D4:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jWLdvflYu0uYPali7PA76u441Ek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b20bec-3846-4bd1-812f-06e00a3ea062/1/J8imZNCdnThqcJ9-n9fudnBYXUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b20bec-3846-4bd1-812f-06e00a3ea062/1/jWLdvflYu0uYPali7PA76u441Ek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.255.160.0/19
IPv6:
2a04:2800::/29
Signature Algorithm: sha256WithRSAEncryption
30:c8:8a:b2:b8:37:b1:09:d4:72:d1:f7:05:8b:7d:a0:37:aa:
61:4a:f1:15:26:37:ce:62:e0:05:38:ea:4e:28:e5:b7:c7:49:
d2:41:46:2a:4c:ab:8b:0a:45:33:82:a3:91:19:d5:a2:f6:94:
f7:2f:c5:55:98:de:b6:a9:7a:e1:c6:0c:eb:b8:b9:89:9c:ca:
6b:88:8f:25:4c:7e:82:db:92:f0:1c:bf:b7:0d:f8:6e:b3:2b:
d6:e2:b6:0e:ab:0a:84:17:65:45:b4:9d:5b:ee:43:c4:14:80:
a0:e5:33:ad:59:26:2d:b4:10:bd:ca:b7:95:a4:f5:ef:8a:fb:
81:6c:f5:7d:8a:73:01:e2:ce:d2:b9:33:f8:f8:bf:33:43:58:
db:71:93:67:cd:83:ae:6d:b7:d5:1b:26:e8:f1:6b:e8:b4:26:
46:94:fd:cf:1b:23:c0:cb:6e:75:27:6f:1b:42:01:3e:34:d2:
25:12:e5:b6:e9:e7:ba:79:c7:e4:df:4a:ef:e9:39:1e:40:f9:
f7:20:0b:ce:1e:9f:5d:d5:e9:6e:2b:62:9f:78:d7:96:c9:0d:
da:eb:cb:72:17:60:5a:22:3c:60:88:2b:3b:5d:f7:fd:9f:8a:
a6:4d:0e:62:ea:f9:69:23:33:76:ff:39:e8:dd:7a:17:f5:4a:
bb:ec:56:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx8OFnYj/6hGERas3XeFehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNjJkZGJkZjk1OGJiNGI5ODNkYTk2MmVjZjAzYmVhZWUz
OGQ0NDkwHhcNMjMwMTAyMTAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2M4YTY2NGQwOWQ5ZDM4NmE3MDlmN2U5ZmQ3ZWU3NjcwNTg1ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJl8/L3nspVMNBWxSZXTsuYu+bYf
qHZf6fdTh7YkssWD0fscP15MlyIoPfXtHwsQqZdBq7u7y6PRBnXpN35dJitxg+7j
p6qOXum0TVh59jKfPxOR298WVrxVScyXNZpnQLmwHWwyMOvR3taU/2VJ8VdmqMAn
Br6g9QbY1LEICx6RjFpo8ofZmZYChSz4uka8kcTB+uroOX1lvUyrd/Se/y+aHqTe
cw1TbAPLurfvhotUJEuCjWHyb/A/qysFdyqhciIVyTz7wrR40CYylR/ptzjkwhnN
dKCfd962h3oTBRqBZ4Xj34iUCMlv4JARB6xClQG34VvPyLgH+9X0baeb7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCfIpmTQnZ04anCffp/X7nZwWF1GMB8GA1UdIwQY
MBaAFI1i3b35WLtLmD2pYuzwO+ruONRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaldMZHZmbFl1MHVZUGFsaTdQQTc2dTQ0MUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iMjBiZWMtMzg0Ni00YmQxLTgxMmYt
MDZlMDBhM2VhMDYyLzEvSjhpbVpOQ2RuVGhxY0o5LW45ZnVkbkJZWFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iMjBiZWMtMzg0Ni00YmQxLTgxMmYtMDZlMDBhM2VhMDYy
LzEvaldMZHZmbFl1MHVZUGFsaTdQQTc2dTQ0MUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFV/+gMA0E
AgACMAcDBQMqBCgAMA0GCSqGSIb3DQEBCwUAA4IBAQAwyIqyuDexCdRy0fcFi32g
N6phSvEVJjfOYuAFOOpOKOW3x0nSQUYqTKuLCkUzgqORGdWi9pT3L8VVmN62qXrh
xgzruLmJnMpriI8lTH6C25LwHL+3DfhusyvW4rYOqwqEF2VFtJ1b7kPEFICg5TOt
WSYttBC9yreVpPXvivuBbPV9inMB4s7SuTP4+L8zQ1jbcZNnzYOubbfVGybo8Wvo
tCZGlP3PGyPAy251J28bQgE+NNIlEuW26ee6ecfk30rv6TkeQPn3IAvOHp9d1elu
K2KfeNeWyQ3a68tyF2BaIjxgiCs7Xff9n4qmTQ5i6vlpIzN2/zno3XoX9Uq77Far
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org