Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/f6cf44-66d3-4f0b-8132-d53811fbd7b0/1/jIxWn4O9JooJa5oCXsmsD1voEvo.roa
File: jIxWn4O9JooJa5oCXsmsD1voEvo.roa (raw, json)
Hash identifier: 4BdJdcEg7tyFutBbaGQNVCdVx73Y1oCNI7srvDvlqq0=
Subject key identifier: 8C:8C:56:9F:83:BD:26:8A:09:6B:9A:02:5E:C9:AC:0F:5B:E8:12:FA
Certificate issuer: /CN=43ca7f3f65d2947af94f398bb3c7c9c320019084
Certificate serial: 01856EB91629EFE9784C0E396301DBD9196F
Authority key identifier: 43:CA:7F:3F:65:D2:94:7A:F9:4F:39:8B:B3:C7:C9:C3:20:01:90:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8p_P2XSlHr5TzmLs8fJwyABkIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/f6cf44-66d3-4f0b-8132-d53811fbd7b0/1/jIxWn4O9JooJa5oCXsmsD1voEvo.roa
Signing time: Sun 01 Jan 2023 19:05:01 +0000
ROA not before: Sun 01 Jan 2023 19:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42093
IP address blocks: 195.22.100.0/22 maxlen: 22
185.10.156.0/22 maxlen: 24
178.251.24.0/21 maxlen: 21
2a00:1938::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:16:29:ef:e9:78:4c:0e:39:63:01:db:d9:19:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43ca7f3f65d2947af94f398bb3c7c9c320019084
Validity
Not Before: Jan 1 19:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c8c569f83bd268a096b9a025ec9ac0f5be812fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a2:f3:ca:0e:ac:9c:b1:84:a1:e4:4a:27:fa:
ce:c0:fd:b7:58:8b:8a:52:15:ff:42:97:a7:36:3f:
6c:2d:31:62:97:dd:10:b7:fc:95:ff:c0:6f:d3:4f:
ba:30:13:2a:d6:91:39:f8:28:fe:1e:26:bc:05:f6:
a5:a4:be:16:56:63:ec:3b:f0:3b:5a:33:22:94:46:
8c:e6:81:89:5d:c3:f1:bb:41:a4:8e:89:23:2b:a6:
6a:51:ce:1b:46:1a:00:84:58:1a:4d:85:ce:aa:cf:
07:4d:08:e4:bf:89:48:57:32:45:74:a9:24:39:6e:
d0:b4:70:38:58:63:30:0f:ec:bd:fb:71:a9:59:92:
db:04:98:37:cd:f5:41:a8:29:26:37:65:21:65:4b:
31:1f:27:18:d8:00:5c:e0:67:7e:a3:10:d6:0b:42:
71:42:f6:53:f8:01:39:e7:16:79:75:df:ad:20:f5:
d6:00:be:a2:6f:46:0c:7c:99:7c:dd:8b:36:3c:e2:
19:6a:b3:50:81:0c:f4:d0:59:41:67:9c:96:97:ae:
0c:22:83:54:ac:92:91:cf:72:7b:d4:0c:ca:fb:7a:
f9:f1:51:1c:91:a5:1c:0d:83:3d:e5:56:be:8d:05:
7e:3e:15:ab:ac:f1:e0:76:21:e8:38:94:ef:1c:5a:
2d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8C:56:9F:83:BD:26:8A:09:6B:9A:02:5E:C9:AC:0F:5B:E8:12:FA
X509v3 Authority Key Identifier:
keyid:43:CA:7F:3F:65:D2:94:7A:F9:4F:39:8B:B3:C7:C9:C3:20:01:90:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8p_P2XSlHr5TzmLs8fJwyABkIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/f6cf44-66d3-4f0b-8132-d53811fbd7b0/1/jIxWn4O9JooJa5oCXsmsD1voEvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/f6cf44-66d3-4f0b-8132-d53811fbd7b0/1/Q8p_P2XSlHr5TzmLs8fJwyABkIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.24.0/21
185.10.156.0/22
195.22.100.0/22
IPv6:
2a00:1938::/32
Signature Algorithm: sha256WithRSAEncryption
53:8b:03:ad:28:f2:57:95:68:a5:b0:b3:0f:4e:58:3d:05:99:
7a:18:9b:40:ae:c6:99:08:4f:56:0d:e3:4f:72:6c:73:ae:40:
b2:82:35:d6:e4:d8:e9:cb:13:bf:3b:e7:31:8a:0e:6c:e2:04:
54:65:f7:ca:68:48:a7:18:19:08:d1:cf:27:4a:2f:88:94:b0:
55:e6:17:14:28:05:ce:4e:c1:47:23:c1:e5:06:e1:6d:a7:71:
51:7a:1e:a0:28:ed:0b:18:cd:68:68:51:dd:64:05:94:1e:9f:
ea:cf:7d:94:2c:58:7b:c6:aa:9a:9f:7f:64:e3:0e:36:66:36:
58:d5:f3:fc:2f:07:16:cd:25:73:21:ac:dc:29:0f:e4:c3:f4:
b6:c6:10:6c:6a:89:c6:bc:f4:95:cb:f9:c5:61:2f:a8:96:a5:
9c:97:82:5e:cc:43:c8:f0:0d:22:a7:43:04:55:f7:71:0b:6c:
31:b9:c8:20:d1:86:79:0d:78:28:57:14:4a:07:5c:47:22:7d:
2f:d2:83:7a:86:3e:6f:2d:32:05:57:bb:53:bb:6c:35:a4:ab:
77:7a:5c:52:13:44:f6:7f:6e:34:b7:ba:8a:c5:50:12:d0:f3:
09:2b:c9:56:98:82:c3:12:11:ac:62:d3:ed:a4:04:95:97:5c:
da:98:b9:e7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuuRYp7+l4TA45YwHb2RlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzY2E3ZjNmNjVkMjk0N2FmOTRmMzk4YmIzYzdjOWMzMjAw
MTkwODQwHhcNMjMwMTAxMTkwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzhjNTY5ZjgzYmQyNjhhMDk2YjlhMDI1ZWM5YWMwZjViZTgxMmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKLzyg6snLGEoeRKJ/rOwP23WIuK
UhX/QpenNj9sLTFil90Qt/yV/8Bv00+6MBMq1pE5+Cj+Hia8BfalpL4WVmPsO/A7
WjMilEaM5oGJXcPxu0GkjokjK6ZqUc4bRhoAhFgaTYXOqs8HTQjkv4lIVzJFdKkk
OW7QtHA4WGMwD+y9+3GpWZLbBJg3zfVBqCkmN2UhZUsxHycY2ABc4Gd+oxDWC0Jx
QvZT+AE55xZ5dd+tIPXWAL6ib0YMfJl83Ys2POIZarNQgQz00FlBZ5yWl64MIoNU
rJKRz3J71AzK+3r58VEckaUcDYM95Va+jQV+PhWrrPHgdiHoOJTvHFotMwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIyMVp+DvSaKCWuaAl7JrA9b6BL6MB8GA1UdIwQY
MBaAFEPKfz9l0pR6+U85i7PHycMgAZCEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUThwX1AyWFNsSHI1VHptTHM4Zkp3eUFCa0lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9mNmNmNDQtNjZkMy00ZjBiLTgxMzIt
ZDUzODExZmJkN2IwLzEvakl4V240TzlKb29KYTVvQ1hzbXNEMXZvRXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9mNmNmNDQtNjZkMy00ZjBiLTgxMzItZDUzODExZmJkN2Iw
LzEvUThwX1AyWFNsSHI1VHptTHM4Zkp3eUFCa0lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDsvsYAwQC
uQqcAwQCwxZkMA0EAgACMAcDBQAqABk4MA0GCSqGSIb3DQEBCwUAA4IBAQBTiwOt
KPJXlWilsLMPTlg9BZl6GJtArsaZCE9WDeNPcmxzrkCygjXW5NjpyxO/O+cxig5s
4gRUZffKaEinGBkI0c8nSi+IlLBV5hcUKAXOTsFHI8HlBuFtp3FReh6gKO0LGM1o
aFHdZAWUHp/qz32ULFh7xqqan39k4w42ZjZY1fP8LwcWzSVzIazcKQ/kw/S2xhBs
aonGvPSVy/nFYS+olqWcl4JezEPI8A0ip0MEVfdxC2wxucgg0YZ5DXgoVxRKB1xH
In0v0oN6hj5vLTIFV7tTu2w1pKt3elxSE0T2f240t7qKxVAS0PMJK8lWmILDEhGs
YtPtpASVl1zamLnn
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:22 2024 by rpki-client on console-ams.rpki-client.org