Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/JU4FtU5SA1NGkmYQhHVdP97Y8dc.roa
File: JU4FtU5SA1NGkmYQhHVdP97Y8dc.roa (raw, json)
Hash identifier: 5hoLVM9rNY2b0uEYzcaQD9DxhJzCD/HYJjHmJnmfWQ0=
Subject key identifier: 25:4E:05:B5:4E:52:03:53:46:92:66:10:84:75:5D:3F:DE:D8:F1:D7
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018776C346D084B216BD5488794DEE8D96D7
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/JU4FtU5SA1NGkmYQhHVdP97Y8dc.roa
Signing time: Wed 12 Apr 2023 18:38:41 +0000
ROA not before: Wed 12 Apr 2023 18:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41957
IP address blocks: 185.191.213.0/24 maxlen: 24
194.147.89.0/24 maxlen: 24
185.21.141.0/24 maxlen: 24
194.93.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 20:17:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:c3:46:d0:84:b2:16:bd:54:88:79:4d:ee:8d:96:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Apr 12 18:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=254e05b54e5203534692661084755d3fded8f1d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:af:41:b6:90:ef:4b:47:65:17:a2:85:b4:17:
af:15:22:a2:83:7d:44:9d:f7:01:96:ee:fc:0b:73:
b6:2c:fa:4d:03:f6:f7:0c:cc:0b:bd:29:f9:c2:eb:
0b:da:87:3e:6e:3c:0d:e8:81:00:f5:7e:12:7a:e3:
85:8a:9c:e5:d1:0d:19:06:3a:b4:6f:fc:2b:b0:91:
dd:34:9a:69:32:7f:92:2f:3c:c4:3e:08:d9:51:3d:
33:9f:9a:7d:03:44:a5:1a:ed:41:31:a3:b4:72:00:
f2:25:b5:5a:be:af:32:a2:15:02:47:2b:a4:4f:16:
c5:b6:86:4f:1b:f3:0e:46:76:04:c2:8c:6e:07:1b:
be:7f:89:0d:9a:9e:59:7c:4b:5b:34:16:b3:2b:f3:
45:95:b5:c8:f5:31:24:94:3d:d1:00:66:93:8c:57:
f2:aa:75:aa:50:22:ff:96:9c:a3:ac:a0:30:a5:85:
d4:ec:59:ae:68:44:da:2e:6a:11:ae:f0:ba:39:4b:
fd:ef:60:bc:d9:76:4e:4b:5b:cd:32:8c:3b:e2:56:
10:e7:9c:5d:85:f3:93:43:87:39:5b:68:54:4c:e2:
5d:c3:a3:c8:64:2a:d0:56:1d:3a:31:0d:d5:37:50:
3d:b5:33:0c:b0:82:74:6f:93:74:c1:98:af:00:7b:
c8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4E:05:B5:4E:52:03:53:46:92:66:10:84:75:5D:3F:DE:D8:F1:D7
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/JU4FtU5SA1NGkmYQhHVdP97Y8dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.141.0/24
185.191.213.0/24
194.93.59.0/24
194.147.89.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:a8:97:4a:03:c1:b0:9c:7f:5e:63:bd:40:29:19:49:ec:87:
ba:4d:1a:eb:e9:62:61:69:c5:88:c6:fe:74:13:16:2b:a6:21:
5d:70:52:ca:79:4c:68:c0:5c:02:f3:aa:f2:59:71:fc:f1:43:
61:a6:90:97:2f:0a:fe:df:a6:60:c2:c2:1e:d3:13:60:9b:b6:
db:19:a0:72:08:77:3f:7b:da:15:9d:b0:61:3d:1d:f5:78:d5:
2f:75:07:e6:d9:9c:5f:c3:52:75:4e:d4:2d:01:df:7e:c6:8c:
b3:6d:23:5c:9c:15:77:65:cd:c1:ac:aa:e3:a3:f1:8a:af:b2:
30:fe:ab:9d:98:1f:cf:9c:7d:f5:9a:78:a5:4a:92:12:6d:29:
c7:ce:6d:ad:bc:25:d8:09:d8:1d:81:c2:28:6b:e4:a8:ce:8f:
f9:ba:b1:c8:fb:9b:49:e3:cf:a0:1d:62:19:21:f2:17:61:e4:
cc:6a:51:a4:79:ac:d3:bc:0f:d4:45:b8:82:9f:a9:2b:81:dc:
0e:a7:34:b8:81:34:6e:79:7e:d4:7c:e7:4a:99:24:06:f2:bc:
ef:89:ec:55:45:19:0a:0b:6c:f8:d7:aa:9b:89:fe:62:c1:06:
a2:ab:2d:bb:03:f8:f0:ba:4b:f7:e7:56:c1:d3:65:ef:50:eb:
9d:8c:be:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd2w0bQhLIWvVSIeU3ujZbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNDEyMTgzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRlMDViNTRlNTIwMzUzNDY5MjY2MTA4NDc1NWQzZmRlZDhmMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9a9BtpDvS0dlF6KFtBevFSKig31E
nfcBlu78C3O2LPpNA/b3DMwLvSn5wusL2oc+bjwN6IEA9X4SeuOFipzl0Q0ZBjq0
b/wrsJHdNJppMn+SLzzEPgjZUT0zn5p9A0SlGu1BMaO0cgDyJbVavq8yohUCRyuk
TxbFtoZPG/MORnYEwoxuBxu+f4kNmp5ZfEtbNBazK/NFlbXI9TEklD3RAGaTjFfy
qnWqUCL/lpyjrKAwpYXU7FmuaETaLmoRrvC6OUv972C82XZOS1vNMow74lYQ55xd
hfOTQ4c5W2hUTOJdw6PIZCrQVh06MQ3VN1A9tTMMsIJ0b5N0wZivAHvIQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCVOBbVOUgNTRpJmEIR1XT/e2PHXMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvSlU0RnRVNVNBMU5Ha21ZUWhIVmRQOTdZOGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuRWNAwQA
ub/VAwQAwl07AwQAwpNZMA0GCSqGSIb3DQEBCwUAA4IBAQCiqJdKA8GwnH9eY71A
KRlJ7Ie6TRrr6WJhacWIxv50ExYrpiFdcFLKeUxowFwC86ryWXH88UNhppCXLwr+
36ZgwsIe0xNgm7bbGaByCHc/e9oVnbBhPR31eNUvdQfm2Zxfw1J1TtQtAd9+xoyz
bSNcnBV3Zc3BrKrjo/GKr7Iw/qudmB/PnH31mnilSpISbSnHzm2tvCXYCdgdgcIo
a+Sozo/5urHI+5tJ48+gHWIZIfIXYeTMalGkeazTvA/URbiCn6krgdwOpzS4gTRu
eX7UfOdKmSQG8rzviexVRRkKC2z416qbif5iwQaiqy27A/jwukv351bB02XvUOud
jL66
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org