Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/jnru3J0bmyP3St50vq_r51P70VI.roa
File: jnru3J0bmyP3St50vq_r51P70VI.roa (raw, json)
Hash identifier: 3skotntBGne8DfuFwho5od4IUbpej2O7CwW+Pp9nAb0=
Subject key identifier: 8E:7A:EE:DC:9D:1B:9B:23:F7:4A:DE:74:BE:AF:EB:E7:53:FB:D1:52
Certificate issuer: /CN=85370cc5d260f3e2aeff5dd8f8f4a415a2345a81
Certificate serial: 0188E23E0AAD46C7B5EB89F40DE3C7043DEC
Authority key identifier: 85:37:0C:C5:D2:60:F3:E2:AE:FF:5D:D8:F8:F4:A4:15:A2:34:5A:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/jnru3J0bmyP3St50vq_r51P70VI.roa
Signing time: Thu 22 Jun 2023 08:34:56 +0000
ROA not before: Thu 22 Jun 2023 08:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 80.79.112.0/20 maxlen: 24
185.246.184.0/22 maxlen: 24
46.22.208.0/20 maxlen: 24
2a01:97a0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e2:3e:0a:ad:46:c7:b5:eb:89:f4:0d:e3:c7:04:3d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85370cc5d260f3e2aeff5dd8f8f4a415a2345a81
Validity
Not Before: Jun 22 08:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e7aeedc9d1b9b23f74ade74beafebe753fbd152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9a:6e:7a:89:fa:d5:26:c0:ba:61:58:e6:fd:
5d:5e:eb:45:b8:4b:15:ec:bd:dd:29:17:37:ef:6e:
cb:b8:f9:5a:2f:44:56:e5:ab:07:18:3f:95:22:9b:
37:9b:6c:16:4f:8a:e1:da:c0:8b:9c:99:ab:54:18:
09:67:4e:b4:b2:eb:0a:5d:0b:70:fe:cd:c8:61:4d:
e2:c5:62:83:34:1f:50:59:bd:b6:3d:a9:0f:78:1a:
6e:f4:7a:34:14:2c:0f:c5:a8:12:99:5e:f0:07:d6:
1e:55:f7:b0:fc:f8:5e:48:51:72:07:49:df:78:9b:
1b:c6:a3:29:77:65:cf:d1:3d:2a:87:ae:10:f4:3f:
3c:5d:04:d1:8d:b8:ca:fe:d8:5d:0c:9a:cd:2c:62:
f7:0d:e5:86:35:7d:47:ef:80:69:5c:2e:a3:53:7b:
a2:39:1b:2a:59:53:59:18:7f:23:66:3b:48:0f:5c:
c1:30:05:f3:3c:38:b0:4f:46:4f:86:b2:d3:cf:cc:
eb:4a:73:b0:f2:f5:02:70:c1:73:2b:20:96:e5:17:
b4:ee:05:a8:ad:e5:6e:94:fb:98:bc:63:40:e9:22:
56:85:6f:25:a8:42:cb:58:8f:23:73:bd:26:58:de:
72:5d:39:2b:67:8c:b8:6b:89:31:e5:ba:07:fa:cc:
ce:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7A:EE:DC:9D:1B:9B:23:F7:4A:DE:74:BE:AF:EB:E7:53:FB:D1:52
X509v3 Authority Key Identifier:
keyid:85:37:0C:C5:D2:60:F3:E2:AE:FF:5D:D8:F8:F4:A4:15:A2:34:5A:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/jnru3J0bmyP3St50vq_r51P70VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.208.0/20
80.79.112.0/20
185.246.184.0/22
IPv6:
2a01:97a0::/32
Signature Algorithm: sha256WithRSAEncryption
a3:71:69:27:98:9e:8e:5a:84:6a:98:53:35:36:55:ca:fe:b7:
5f:8b:e7:fd:6c:e3:9d:fe:f3:bc:22:b4:2e:c9:40:1a:2b:94:
3c:f1:88:52:fc:29:5d:a9:2b:c8:94:5f:1d:5f:43:e3:0d:32:
57:fc:6a:15:23:b5:9c:6d:16:c7:a7:39:a6:94:a2:66:79:b5:
6d:ff:e1:19:d3:42:fa:ef:4c:91:d8:56:84:c7:e7:85:61:17:
12:21:aa:ed:84:e4:3e:c4:c7:52:50:e1:1f:ba:7f:d2:e7:ea:
05:6d:c4:ae:35:c0:d8:93:bd:97:44:d4:f8:1c:bd:e9:1e:80:
25:fc:4a:aa:6f:4a:a5:92:35:c2:6c:ca:78:2b:29:ec:95:09:
62:da:84:bb:78:0c:24:5e:b2:58:38:1b:07:90:18:f0:61:b9:
66:62:5b:2e:f9:0c:2b:1e:0a:ad:99:03:eb:bd:d0:1c:bc:94:
ff:56:26:9f:c3:b5:b7:6e:5f:09:41:c0:d4:b1:1c:14:a0:17:
af:3e:5e:83:fe:13:45:62:60:bd:43:35:1a:b8:36:5d:fc:d7:
65:6f:80:bb:66:35:ce:d4:6e:7e:9f:0f:88:85:10:c5:3d:96:
85:d5:19:c9:d3:38:45:d2:2f:80:c5:ad:e5:b1:63:bb:39:4f:
52:d8:7d:81
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYjiPgqtRse164n0DePHBD3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzcwY2M1ZDI2MGYzZTJhZWZmNWRkOGY4ZjRhNDE1YTIz
NDVhODEwHhcNMjMwNjIyMDgzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTdhZWVkYzlkMWI5YjIzZjc0YWRlNzRiZWFmZWJlNzUzZmJkMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJpueon61SbAumFY5v1dXutFuEsV
7L3dKRc3727LuPlaL0RW5asHGD+VIps3m2wWT4rh2sCLnJmrVBgJZ060susKXQtw
/s3IYU3ixWKDNB9QWb22PakPeBpu9Ho0FCwPxagSmV7wB9YeVfew/PheSFFyB0nf
eJsbxqMpd2XP0T0qh64Q9D88XQTRjbjK/thdDJrNLGL3DeWGNX1H74BpXC6jU3ui
ORsqWVNZGH8jZjtID1zBMAXzPDiwT0ZPhrLTz8zrSnOw8vUCcMFzKyCW5Re07gWo
reVulPuYvGNA6SJWhW8lqELLWI8jc70mWN5yXTkrZ4y4a4kx5boH+szOsQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFI567tydG5sj90redL6v6+dT+9FSMB8GA1UdIwQY
MBaAFIU3DMXSYPPirv9d2Pj0pBWiNFqBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRjTXhkSmc4LUt1XzEzWS1QU2tGYUkwV29FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80ZjcyNDYtY2U4Zi00NGY4LWE4MzEt
YWU2MGJlYTA2YTljLzEvam5ydTNKMGJteVAzU3Q1MHZxX3I1MVA3MFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80ZjcyNDYtY2U4Zi00NGY4LWE4MzEtYWU2MGJlYTA2YTlj
LzEvaFRjTXhkSmc4LUt1XzEzWS1QU2tGYUkwV29FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQELhbQAwQE
UE9wAwQCufa4MA0EAgACMAcDBQAqAZegMA0GCSqGSIb3DQEBCwUAA4IBAQCjcWkn
mJ6OWoRqmFM1NlXK/rdfi+f9bOOd/vO8IrQuyUAaK5Q88YhS/CldqSvIlF8dX0Pj
DTJX/GoVI7WcbRbHpzmmlKJmebVt/+EZ00L670yR2FaEx+eFYRcSIarthOQ+xMdS
UOEfun/S5+oFbcSuNcDYk72XRNT4HL3pHoAl/Eqqb0qlkjXCbMp4KynslQli2oS7
eAwkXrJYOBsHkBjwYblmYlsu+QwrHgqtmQPrvdAcvJT/Viafw7W3bl8JQcDUsRwU
oBevPl6D/hNFYmC9QzUauDZd/Ndlb4C7ZjXO1G5+nw+IhRDFPZaF1RnJ0zhF0i+A
xa3lsWO7OU9S2H2B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org