Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/jhSr5kHuE619LEfthL21vOiiY2E.roa
File: jhSr5kHuE619LEfthL21vOiiY2E.roa (raw, json)
Hash identifier: 4bWArJfro0PeFvW1aa3nlk/0stuZWUt/ed8sbx8z5Sc=
Subject key identifier: 8E:14:AB:E6:41:EE:13:AD:7D:2C:47:ED:84:BD:B5:BC:E8:A2:63:61
Certificate issuer: /CN=8d64e43c75bdc511d524f0c85d009cba76956144
Certificate serial: 018571BA1A9CF363243C30917E92ACC2DAA8
Authority key identifier: 8D:64:E4:3C:75:BD:C5:11:D5:24:F0:C8:5D:00:9C:BA:76:95:61:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jWTkPHW9xRHVJPDIXQCcunaVYUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/jhSr5kHuE619LEfthL21vOiiY2E.roa
Signing time: Mon 02 Jan 2023 09:04:59 +0000
ROA not before: Mon 02 Jan 2023 09:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61349
IP address blocks: 193.178.196.0/24 maxlen: 24
185.29.200.0/22 maxlen: 24
91.205.212.0/22 maxlen: 24
91.199.236.0/24 maxlen: 24
185.173.12.0/22 maxlen: 22
2a04:4340::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:1a:9c:f3:63:24:3c:30:91:7e:92:ac:c2:da:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d64e43c75bdc511d524f0c85d009cba76956144
Validity
Not Before: Jan 2 09:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e14abe641ee13ad7d2c47ed84bdb5bce8a26361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:41:08:ef:09:16:d9:6e:c3:0b:62:1e:e1:ef:
6f:67:34:d2:a4:a0:01:9d:ff:b2:0e:b3:4d:57:eb:
37:f4:f7:fe:ff:53:62:8f:7e:52:9b:01:15:7d:32:
be:41:cb:cf:ea:f0:71:8f:5a:b2:03:28:53:f2:4c:
8d:73:f0:fd:b3:8e:76:a1:7e:cd:7d:d3:1b:06:4f:
6f:26:11:cb:76:26:1d:98:68:e3:83:31:c3:72:6d:
be:44:f6:0b:b7:e9:f3:27:83:92:83:5b:48:2f:4b:
51:69:52:89:68:c4:79:cd:dc:f1:6f:08:42:27:e5:
98:90:77:92:6a:bd:52:bd:5f:36:6d:79:23:e8:7a:
37:06:07:d5:e3:d7:21:10:f9:d7:62:7c:eb:5f:f1:
4f:fa:c5:da:60:be:29:a3:f9:d1:29:fb:6f:12:01:
ac:bb:2e:7a:7a:04:ff:a5:33:d8:14:8d:31:cf:aa:
80:3f:5c:3c:98:ce:76:f4:29:b1:e2:a9:11:01:e9:
30:14:46:57:7f:c8:bc:ac:5b:c4:fd:50:c0:8d:25:
e6:bc:db:95:57:c0:73:9e:e0:71:d3:45:3c:11:b9:
2d:b1:1b:94:8a:4e:bf:17:4a:49:85:a5:fc:49:05:
7d:4e:48:a8:55:77:70:79:74:e8:9b:12:b7:47:ef:
6b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:14:AB:E6:41:EE:13:AD:7D:2C:47:ED:84:BD:B5:BC:E8:A2:63:61
X509v3 Authority Key Identifier:
keyid:8D:64:E4:3C:75:BD:C5:11:D5:24:F0:C8:5D:00:9C:BA:76:95:61:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jWTkPHW9xRHVJPDIXQCcunaVYUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/jhSr5kHuE619LEfthL21vOiiY2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/jWTkPHW9xRHVJPDIXQCcunaVYUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.236.0/24
91.205.212.0/22
185.29.200.0/22
185.173.12.0/22
193.178.196.0/24
IPv6:
2a04:4340::/29
Signature Algorithm: sha256WithRSAEncryption
79:a9:e8:0a:71:68:9d:d4:f6:c8:40:fa:65:d9:5c:9a:e2:21:
e0:0d:c7:75:a0:9f:92:93:1f:0a:a2:4d:2e:d7:a9:4d:af:09:
23:f2:5c:67:a9:ce:98:57:19:ff:8f:0c:53:53:57:d6:f8:7d:
d9:78:5d:e5:a8:ab:c4:38:0b:67:d7:81:4d:4c:e5:dc:e0:87:
0d:77:cc:f0:e4:08:dd:51:d4:6b:17:00:f0:2d:d5:2e:d0:1a:
ae:f0:80:ed:8b:34:e4:9c:46:7d:42:f5:4d:14:78:fd:c0:1b:
88:d2:db:54:80:9d:62:84:bd:4b:9a:91:f9:93:45:b3:47:db:
84:56:d3:5e:7c:9b:ba:ed:b9:92:4c:70:98:cc:a7:08:47:11:
5b:be:41:26:17:a5:c2:98:25:cc:48:1a:0e:f9:4e:c1:28:fd:
d8:b7:b1:92:e4:52:ab:48:86:f6:e3:1a:91:f3:ba:17:f1:69:
6f:0d:3e:24:4d:fb:95:4a:fe:12:19:58:ca:d7:f2:bc:34:dc:
0b:74:d2:17:fa:e6:c3:77:51:ee:c4:c7:70:93:ef:e0:c9:5d:
c0:45:34:8a:79:f6:e5:44:43:a7:c6:53:f4:4d:7e:b7:3e:ef:
ec:69:c7:58:e7:da:20:0f:5f:aa:c2:24:a6:70:ae:eb:81:cf:
b4:5d:04:1a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVxuhqc82MkPDCRfpKswtqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNjRlNDNjNzViZGM1MTFkNTI0ZjBjODVkMDA5Y2JhNzY5
NTYxNDQwHhcNMjMwMTAyMDkwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTE0YWJlNjQxZWUxM2FkN2QyYzQ3ZWQ4NGJkYjViY2U4YTI2MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUEI7wkW2W7DC2Ie4e9vZzTSpKAB
nf+yDrNNV+s39Pf+/1Nij35SmwEVfTK+QcvP6vBxj1qyAyhT8kyNc/D9s452oX7N
fdMbBk9vJhHLdiYdmGjjgzHDcm2+RPYLt+nzJ4OSg1tIL0tRaVKJaMR5zdzxbwhC
J+WYkHeSar1SvV82bXkj6Ho3BgfV49chEPnXYnzrX/FP+sXaYL4po/nRKftvEgGs
uy56egT/pTPYFI0xz6qAP1w8mM529Cmx4qkRAekwFEZXf8i8rFvE/VDAjSXmvNuV
V8BznuBx00U8EbktsRuUik6/F0pJhaX8SQV9TkioVXdweXTomxK3R+9rhwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFI4Uq+ZB7hOtfSxH7YS9tbzoomNhMB8GA1UdIwQY
MBaAFI1k5Dx1vcUR1STwyF0AnLp2lWFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaldUa1BIVzl4UkhWSlBESVhRQ2N1bmFWWVVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82ZjliMDktYTU5ZS00ZjkwLTg3Yzct
NzI0NDgzNTJiODA3LzEvamhTcjVrSHVFNjE5TEVmdGhMMjF2T2lpWTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82ZjliMDktYTU5ZS00ZjkwLTg3YzctNzI0NDgzNTJiODA3
LzEvaldUa1BIVzl4UkhWSlBESVhRQ2N1bmFWWVVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW8fsAwQC
W83UAwQCuR3IAwQCua0MAwQAwbLEMA0EAgACMAcDBQMqBENAMA0GCSqGSIb3DQEB
CwUAA4IBAQB5qegKcWid1PbIQPpl2Vya4iHgDcd1oJ+Skx8Kok0u16lNrwkj8lxn
qc6YVxn/jwxTU1fW+H3ZeF3lqKvEOAtn14FNTOXc4IcNd8zw5AjdUdRrFwDwLdUu
0Bqu8IDtizTknEZ9QvVNFHj9wBuI0ttUgJ1ihL1LmpH5k0WzR9uEVtNefJu67bmS
THCYzKcIRxFbvkEmF6XCmCXMSBoO+U7BKP3Yt7GS5FKrSIb24xqR87oX8WlvDT4k
TfuVSv4SGVjK1/K8NNwLdNIX+ubDd1HuxMdwk+/gyV3ARTSKefblREOnxlP0TX63
Pu/sacdY59ogD1+qwiSmcK7rgc+0XQQa
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:34 2024 by rpki-client on console-fra.rpki-client.org