Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jFZYGdm2agHsxwBD32voUypQCvM.roa
File: jFZYGdm2agHsxwBD32voUypQCvM.roa (raw, json)
Hash identifier: KYRvtIVoGJ4JA27Jtw6pAlf8cXElT0ObzH8eDmyMWzY=
Subject key identifier: 8C:56:58:19:D9:B6:6A:01:EC:C7:00:43:DF:6B:E8:53:2A:50:0A:F3
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DB7C0C100E45BBD9CCB1E19FE3E43
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jFZYGdm2agHsxwBD32voUypQCvM.roa
Signing time: Sun 01 Jan 2023 23:14:45 +0000
ROA not before: Sun 01 Jan 2023 23:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 176.236.0.0/16 maxlen: 24
85.153.128.0/17 maxlen: 24
212.252.0.0/15 maxlen: 24
91.93.0.0/16 maxlen: 24
195.33.192.0/18 maxlen: 24
213.254.128.0/19 maxlen: 24
213.74.0.0/16 maxlen: 24
176.88.0.0/16 maxlen: 24
84.51.0.0/18 maxlen: 24
217.131.0.0/16 maxlen: 24
213.14.207.0/24 maxlen: 24
176.232.0.0/14 maxlen: 24
213.14.0.0/16 maxlen: 24
2a01:730::/32 maxlen: 48
2a01:188::/32 maxlen: 48
2a03:3c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:b7:c0:c1:00:e4:5b:bd:9c:cb:1e:19:fe:3e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c565819d9b66a01ecc70043df6be8532a500af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9e:49:a5:17:8d:13:b4:f7:5c:c3:90:5d:c4:
20:c4:0a:9e:26:7f:30:c3:da:98:fd:44:8e:f1:96:
b0:18:51:d8:e4:56:9f:3f:16:11:dc:55:50:16:04:
bb:70:ef:a6:69:52:91:b7:c4:75:13:d3:94:88:b1:
a6:be:fe:d4:9d:7d:d7:e7:dc:9f:47:2e:80:aa:b6:
d3:d4:3a:e8:7c:8b:7e:7a:92:12:74:50:30:a2:cd:
20:92:9c:dd:31:d1:ea:32:df:e7:80:7a:81:34:7b:
f4:11:12:d0:6c:2d:18:b5:e4:e5:bd:d2:ea:58:f3:
2a:75:97:81:91:3a:1f:86:a9:34:be:8c:b8:c7:d9:
22:a7:e3:3e:02:e1:ac:23:ef:62:f3:53:0a:9c:4e:
8b:df:6c:86:6a:1a:67:ef:c1:e3:16:8c:1c:38:34:
12:b0:48:a5:e2:b5:e9:18:bd:39:87:23:e2:85:8d:
6c:e8:0e:b0:fd:77:04:bb:da:84:d0:a2:d2:51:db:
50:7e:fc:b3:10:61:06:39:41:d6:10:e2:d2:90:2d:
68:6f:8f:50:f4:d0:a6:f8:3e:ff:6e:f2:cf:53:14:
bc:1c:fc:cf:69:ab:86:a4:81:13:5e:c5:99:40:9c:
d5:4e:7d:4e:26:89:08:ac:c9:23:88:1e:ba:a9:2b:
7d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:56:58:19:D9:B6:6A:01:EC:C7:00:43:DF:6B:E8:53:2A:50:0A:F3
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jFZYGdm2agHsxwBD32voUypQCvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.51.0.0/18
85.153.128.0/17
91.93.0.0/16
176.88.0.0/16
176.232.0.0-176.236.255.255
195.33.192.0/18
212.252.0.0/15
213.14.0.0/16
213.74.0.0/16
213.254.128.0/19
217.131.0.0/16
IPv6:
2a01:188::/32
2a01:730::/32
2a03:3c0::/32
Signature Algorithm: sha256WithRSAEncryption
28:22:e0:cb:ad:09:c3:08:fd:35:f3:3f:e2:49:11:26:04:85:
6d:22:10:d4:89:98:e1:77:83:e8:5f:70:b5:d6:4d:f7:1e:2b:
dd:2a:02:74:c9:ad:fc:3e:a3:0d:14:96:e0:80:d2:23:b1:3c:
22:22:5e:0e:7c:8a:17:e2:48:cd:be:db:30:64:e3:5f:9e:06:
db:cc:bf:9b:e4:bf:87:84:35:43:32:23:7c:33:01:e7:5e:96:
fb:37:f5:c5:8e:6a:f6:18:17:ac:34:54:ae:2d:b9:12:01:00:
9e:08:d3:b3:e8:b6:46:93:85:ee:f9:61:71:a2:cb:b0:75:f5:
af:90:db:cb:11:89:80:89:f3:5f:fc:43:fc:0a:07:08:be:c1:
89:2f:20:e1:43:f7:b1:76:7f:fb:6d:79:fd:17:92:20:ea:46:
4d:4a:dc:74:4c:f3:bd:e9:77:ee:c0:73:3e:e8:c2:71:94:a8:
a5:97:25:b1:7a:b8:36:f5:f7:45:1d:b6:09:4a:ef:de:96:d1:
67:d0:16:2f:d0:76:94:92:5a:0b:d3:e3:81:8c:92:60:5d:60:
58:09:cb:8f:28:9a:e5:43:d5:cd:4b:c9:67:77:ce:8b:a0:80:
d8:c4:1c:b7:a8:e4:26:c1:5a:c0:4a:05:ab:4f:b1:89:fa:e7:
8e:89:ad:42
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYVvnbfAwQDkW72cyx4Z/j5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzU2NTgxOWQ5YjY2YTAxZWNjNzAwNDNkZjZiZTg1MzJhNTAwYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ5JpReNE7T3XMOQXcQgxAqeJn8w
w9qY/USO8ZawGFHY5FafPxYR3FVQFgS7cO+maVKRt8R1E9OUiLGmvv7UnX3X59yf
Ry6AqrbT1DrofIt+epISdFAwos0gkpzdMdHqMt/ngHqBNHv0ERLQbC0YteTlvdLq
WPMqdZeBkTofhqk0voy4x9kip+M+AuGsI+9i81MKnE6L32yGahpn78HjFowcODQS
sEil4rXpGL05hyPihY1s6A6w/XcEu9qE0KLSUdtQfvyzEGEGOUHWEOLSkC1ob49Q
9NCm+D7/bvLPUxS8HPzPaauGpIETXsWZQJzVTn1OJokIrMkjiB66qSt9tQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFIxWWBnZtmoB7McAQ99r6FMqUArzMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvakZaWUdkbTJhZ0hzeHdCRDMydm9VeXBRQ3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQGVDMAAwQH
VZmAAwMAW10DAwCwWDAKAwMDsOgDAwCw7AMEBsMhwAMDAdT8AwMA1Q4DAwDVSgME
BdX+gAMDANmDMBsEAgACMBUDBQAqAQGIAwUAKgEHMAMFACoDA8AwDQYJKoZIhvcN
AQELBQADggEBACgi4MutCcMI/TXzP+JJESYEhW0iENSJmOF3g+hfcLXWTfceK90q
AnTJrfw+ow0UluCA0iOxPCIiXg58ihfiSM2+2zBk41+eBtvMv5vkv4eENUMyI3wz
Aedelvs39cWOavYYF6w0VK4tuRIBAJ4I07PotkaThe75YXGiy7B19a+Q28sRiYCJ
81/8Q/wKBwi+wYkvIOFD97F2f/ttef0XkiDqRk1K3HRM873pd+7Acz7ownGUqKWX
JbF6uDb190UdtglK796W0WfQFi/QdpSSWgvT44GMkmBdYFgJy48omuVD1c1LyWd3
zouggNjEHLeo5CbBWsBKBatPsYn6546JrUI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org