Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/jkfUYU6o3mplvVcXPdBWkYD8ra8.roa
File: jkfUYU6o3mplvVcXPdBWkYD8ra8.roa (raw, json)
Hash identifier: mHbZ6Xm2MZKQ5qTTQmdZ4LSnELeH2WvKYEq4ZvYXMrU=
Subject key identifier: 8E:47:D4:61:4E:A8:DE:6A:65:BD:57:17:3D:D0:56:91:80:FC:AD:AF
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018DB081177D0AD9AA3D8809E182D24EBD8B
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/jkfUYU6o3mplvVcXPdBWkYD8ra8.roa
Signing time: Fri 16 Feb 2024 06:01:06 +0000
ROA not before: Fri 16 Feb 2024 06:01:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.57.242.0/24 maxlen: 24
37.140.247.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.35.131.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 18:24:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b0:81:17:7d:0a:d9:aa:3d:88:09:e1:82:d2:4e:bd:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 16 06:01:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e47d4614ea8de6a65bd57173dd0569180fcadaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4e:97:bf:51:1c:61:b4:64:b1:bd:04:30:cd:
82:1e:0d:c1:5a:9d:bb:42:8f:74:e9:85:81:92:b9:
b6:00:43:a6:c3:24:7f:5c:81:bd:a0:5f:61:58:a6:
9b:a7:a7:4b:db:16:d1:18:b9:52:f0:8d:55:34:f2:
e1:30:80:f7:8c:88:fc:57:7e:c6:49:b1:00:27:66:
f2:d0:e9:51:ae:26:2e:34:e6:b3:53:29:4c:d9:bc:
f9:7a:ed:62:01:fd:77:87:81:dd:f5:a4:b1:6e:86:
c7:f6:7b:4e:5a:c7:76:34:87:47:ee:20:88:cf:31:
76:38:f0:4d:4a:e0:cf:58:f3:c2:ca:19:44:9d:44:
b6:ac:26:17:37:12:b2:0f:6d:82:b7:13:83:39:23:
d6:fd:d7:1a:32:6c:3b:fe:13:5b:26:27:56:d8:e6:
ec:b3:33:bb:2b:3b:05:60:e9:3e:16:a6:88:0a:bd:
3a:a0:84:99:db:bc:2f:0b:ac:63:e0:c1:16:28:c6:
9b:83:9e:8b:9e:b8:96:a3:e3:ac:de:3e:4b:d8:1b:
36:3a:9f:1c:d9:93:75:23:cf:aa:c0:95:e3:d5:a7:
69:60:8c:ce:c6:6b:4a:24:6d:26:26:de:aa:c0:da:
d2:6e:86:0d:18:cc:04:0c:39:b8:90:e2:2c:dc:c9:
9d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:47:D4:61:4E:A8:DE:6A:65:BD:57:17:3D:D0:56:91:80:FC:AD:AF
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/jkfUYU6o3mplvVcXPdBWkYD8ra8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/24
37.140.247.0/24
89.34.106.0/24
89.35.129.0/24
89.35.131.0/24
89.40.215.0/24
91.132.51.0/24
93.114.183.0/24
128.0.41.0/24
Signature Algorithm: sha256WithRSAEncryption
27:47:36:64:34:e3:54:14:f3:4c:bd:2f:d4:d4:ed:99:0d:cf:
b6:26:4b:67:e1:27:0d:4d:f0:e4:11:b3:5a:3b:40:06:79:66:
b1:fa:d0:32:c7:1b:17:bb:81:cd:e4:bc:09:8a:f5:43:bc:ff:
21:4f:cb:f2:0a:45:1b:8c:59:d0:d1:bb:81:03:07:38:4f:46:
64:fe:eb:97:db:3b:ca:b7:9d:2d:e7:02:70:ca:87:59:f6:a3:
69:35:5e:7c:e4:34:33:9e:6b:b2:89:0f:83:ac:bf:57:ee:26:
90:88:7c:41:f7:97:4c:5c:d2:77:55:d2:b4:65:53:d4:ae:31:
e1:a9:d6:f4:40:34:3b:22:20:8f:c8:55:8d:a9:b1:2a:12:3b:
2e:9f:b8:18:10:2b:61:18:67:da:fe:49:3a:76:39:ca:02:21:
ac:69:c9:4e:1c:86:e0:ce:85:24:78:19:2c:87:38:17:36:d2:
e5:67:5e:b5:88:16:72:bb:d3:4b:5a:b3:61:3c:8d:5a:68:a7:
f4:17:c2:d0:58:de:b9:71:39:59:ce:e9:7b:b3:db:02:36:ae:
e1:bc:9b:8a:47:0f:09:3a:16:8d:8d:b4:5b:70:d2:f1:ff:39:
14:af:0d:d9:d7:01:ed:b9:e7:60:1e:ff:92:9a:af:f1:9e:d3:
a1:34:30:19
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY2wgRd9CtmqPYgJ4YLSTr2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMjE2MDYwMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTQ3ZDQ2MTRlYThkZTZhNjViZDU3MTczZGQwNTY5MTgwZmNhZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkE6Xv1EcYbRksb0EMM2CHg3BWp27
Qo906YWBkrm2AEOmwyR/XIG9oF9hWKabp6dL2xbRGLlS8I1VNPLhMID3jIj8V37G
SbEAJ2by0OlRriYuNOazUylM2bz5eu1iAf13h4Hd9aSxbobH9ntOWsd2NIdH7iCI
zzF2OPBNSuDPWPPCyhlEnUS2rCYXNxKyD22CtxODOSPW/dcaMmw7/hNbJidW2Obs
szO7KzsFYOk+FqaICr06oISZ27wvC6xj4MEWKMabg56LnriWo+Os3j5L2Bs2Op8c
2ZN1I8+qwJXj1adpYIzOxmtKJG0mJt6qwNrSboYNGMwEDDm4kOIs3MmdswIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFI5H1GFOqN5qZb1XFz3QVpGA/K2vMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvamtmVVlVNm8zbXBsdlZjWFBkQldrWUQ4cmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjnyAwQA
JYz3AwQAWSJqAwQAWSOBAwQAWSODAwQAWSjXAwQAW4QzAwQAXXK3AwQAgAApMA0G
CSqGSIb3DQEBCwUAA4IBAQAnRzZkNONUFPNMvS/U1O2ZDc+2Jktn4ScNTfDkEbNa
O0AGeWax+tAyxxsXu4HN5LwJivVDvP8hT8vyCkUbjFnQ0buBAwc4T0Zk/uuX2zvK
t50t5wJwyodZ9qNpNV585DQznmuyiQ+DrL9X7iaQiHxB95dMXNJ3VdK0ZVPUrjHh
qdb0QDQ7IiCPyFWNqbEqEjsun7gYECthGGfa/kk6djnKAiGsaclOHIbgzoUkeBks
hzgXNtLlZ161iBZyu9NLWrNhPI1aaKf0F8LQWN65cTlZzul7s9sCNq7hvJuKRw8J
OhaNjbRbcNLx/zkUrw3Z1wHtuedgHv+Smq/xntOhNDAZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org