Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/JRBluFbuOTiNoHbjIFyQcWfAMFw.roa
File: JRBluFbuOTiNoHbjIFyQcWfAMFw.roa (raw, json)
Hash identifier: MnyhBWSaerS8t6ieKxg8UB5xGiSZrp2++6hNbOpnRFM=
Subject key identifier: 25:10:65:B8:56:EE:39:38:8D:A0:76:E3:20:5C:90:71:67:C0:30:5C
Certificate issuer: /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial: 01856D0AE8B32676B76EA669D608432A8774
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/JRBluFbuOTiNoHbjIFyQcWfAMFw.roa
Signing time: Sun 01 Jan 2023 11:15:09 +0000
ROA not before: Sun 01 Jan 2023 11:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43966
IP address blocks: 79.173.66.0/23 maxlen: 24
79.173.80.0/20 maxlen: 24
94.243.192.0/20 maxlen: 24
94.243.232.0/21 maxlen: 24
79.173.64.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Mar 2023 10:07:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:e8:b3:26:76:b7:6e:a6:69:d6:08:43:2a:87:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
Validity
Not Before: Jan 1 11:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=251065b856ee39388da076e3205c907167c0305c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a3:78:64:a4:55:d6:4d:a2:a9:4a:97:fd:fe:
e8:62:ae:c6:70:9f:17:f5:db:71:52:d6:3c:ce:88:
f7:4a:b2:9d:53:8a:00:cb:90:51:cb:7e:61:f6:b9:
9a:40:1f:1d:aa:1b:7f:9b:1a:93:15:25:e3:ad:78:
19:53:50:0a:2d:72:09:16:9c:71:cc:8f:cf:17:b0:
38:c2:55:a7:b4:d0:07:11:f9:3b:63:24:55:94:6f:
85:78:19:be:f3:12:7d:17:e9:20:73:39:d1:51:70:
89:8f:fd:6a:b4:b5:d4:6b:d8:0d:63:c3:8c:4c:54:
20:8a:e6:f5:86:dc:0c:5d:de:f8:60:70:a2:69:ad:
96:38:ad:98:fe:3c:6e:8a:5e:61:9f:85:15:0e:95:
d2:a8:85:15:25:e4:fa:c9:e7:f6:dd:a8:b8:a8:a3:
32:9e:98:fa:a5:5f:bf:8e:65:88:62:b7:ef:6b:b4:
78:76:02:15:4b:84:e8:fe:45:c3:8c:57:ed:77:49:
9e:cc:09:b5:39:32:72:ff:0e:16:74:6c:17:6f:c2:
70:36:d9:7b:38:bb:08:e9:99:42:40:a0:b6:85:3a:
e7:59:f3:9a:9c:2f:90:d8:87:23:43:af:e4:69:d0:
6c:64:12:8e:4d:87:75:b9:61:fd:37:b7:78:15:bb:
4e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:10:65:B8:56:EE:39:38:8D:A0:76:E3:20:5C:90:71:67:C0:30:5C
X509v3 Authority Key Identifier:
keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/JRBluFbuOTiNoHbjIFyQcWfAMFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.173.64.0/22
79.173.80.0/20
94.243.192.0/20
94.243.232.0/21
Signature Algorithm: sha256WithRSAEncryption
57:1a:10:cd:e5:63:2b:8f:11:0e:52:f2:bb:de:c3:a9:e5:ee:
8f:dc:bb:c9:3a:53:f5:ac:6d:51:4f:9e:b3:79:95:91:05:3a:
c9:28:67:84:96:a9:0e:db:b7:51:ad:fc:37:54:e3:fc:a4:f8:
f0:cc:be:2e:3d:51:08:7d:96:5a:b2:21:3a:08:e3:7c:80:4c:
42:27:ef:7a:cb:d1:3d:e7:42:05:d1:83:b4:f1:e5:d8:37:c7:
95:5f:43:13:7d:6e:c2:d8:e0:23:e9:9d:ab:b1:3c:fb:1a:83:
f5:89:6e:e1:bb:0a:8c:3a:04:a5:46:e2:c9:b2:49:68:56:ca:
4c:7f:69:ed:1b:34:e2:bb:cc:02:b8:d8:9d:10:2a:4e:ac:8a:
6a:37:f2:4f:c0:f2:4a:74:46:17:4c:1f:c5:dc:27:74:98:f5:
9a:b4:43:c2:2d:3f:5f:7f:00:a3:e9:40:d5:9e:57:9d:b8:24:
2b:36:41:f6:0d:b7:e5:83:af:02:00:cb:d1:be:29:fa:61:17:
c1:8c:33:aa:71:5f:e5:b8:58:7c:65:be:05:b2:92:20:d8:84:
b4:70:d4:a8:a8:94:5f:03:0e:b4:28:ac:1a:bb:14:71:78:6b:
92:3f:08:41:20:98:56:6a:ef:0f:c0:d8:b0:ea:03:16:dd:70:
7a:be:67:28
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtCuizJna3bqZp1ghDKod0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDA5OWE4MWIzNDZmOWFiY2FmMjYwNTZmNWI3NzA5NGQx
Y2YxMTMwHhcNMjMwMTAxMTExNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTEwNjViODU2ZWUzOTM4OGRhMDc2ZTMyMDVjOTA3MTY3YzAzMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6N4ZKRV1k2iqUqX/f7oYq7GcJ8X
9dtxUtY8zoj3SrKdU4oAy5BRy35h9rmaQB8dqht/mxqTFSXjrXgZU1AKLXIJFpxx
zI/PF7A4wlWntNAHEfk7YyRVlG+FeBm+8xJ9F+kgcznRUXCJj/1qtLXUa9gNY8OM
TFQgiub1htwMXd74YHCiaa2WOK2Y/jxuil5hn4UVDpXSqIUVJeT6yef23ai4qKMy
npj6pV+/jmWIYrfva7R4dgIVS4To/kXDjFftd0mezAm1OTJy/w4WdGwXb8JwNtl7
OLsI6ZlCQKC2hTrnWfOanC+Q2IcjQ6/kadBsZBKOTYd1uWH9N7d4FbtOFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCUQZbhW7jk4jaB24yBckHFnwDBcMB8GA1UdIwQY
MBaAFDgAmagbNG+avK8mBW9bdwlNHPETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMt
NDUwZmUzMzU5NWQxLzEvSlJCbHVGYnVPVGlOb0hiaklGeVFjV2ZBTUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMtNDUwZmUzMzU5NWQx
LzEvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCT61AAwQE
T61QAwQEXvPAAwQDXvPoMA0GCSqGSIb3DQEBCwUAA4IBAQBXGhDN5WMrjxEOUvK7
3sOp5e6P3LvJOlP1rG1RT56zeZWRBTrJKGeElqkO27dRrfw3VOP8pPjwzL4uPVEI
fZZasiE6CON8gExCJ+96y9E950IF0YO08eXYN8eVX0MTfW7C2OAj6Z2rsTz7GoP1
iW7huwqMOgSlRuLJskloVspMf2ntGzTiu8wCuNidECpOrIpqN/JPwPJKdEYXTB/F
3Cd0mPWatEPCLT9ffwCj6UDVnleduCQrNkH2Dbflg68CAMvRvin6YRfBjDOqcV/l
uFh8Zb4FspIg2IS0cNSoqJRfAw60KKwauxRxeGuSPwhBIJhWau8PwNiw6gMW3XB6
vmco
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:56 2024 by rpki-client on console-ams.rpki-client.org