Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/e22980-d5e5-41e8-a06a-7469ef203f82/1/JthkCAV3VC0N9f-2hKTfskFQrk4.roa
File: JthkCAV3VC0N9f-2hKTfskFQrk4.roa (raw, json)
Hash identifier: ADXxUD7r46yvNccmxq+r/nQa6ThOGgtuHFToOuofpng=
Subject key identifier: 26:D8:64:08:05:77:54:2D:0D:F5:FF:B6:84:A4:DF:B2:41:50:AE:4E
Certificate issuer: /CN=c87c78b5b06a6f902c510f9b4a8f803ba32dfa84
Certificate serial: 018B834BAAC1FB53A9DF43F617E10D621A9A
Authority key identifier: C8:7C:78:B5:B0:6A:6F:90:2C:51:0F:9B:4A:8F:80:3B:A3:2D:FA:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHx4tbBqb5AsUQ-bSo-AO6Mt-oQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/e22980-d5e5-41e8-a06a-7469ef203f82/1/JthkCAV3VC0N9f-2hKTfskFQrk4.roa
Signing time: Tue 31 Oct 2023 01:14:16 +0000
ROA not before: Tue 31 Oct 2023 01:14:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203391
IP address blocks: 185.136.98.0/24 maxlen: 24
185.136.97.0/24 maxlen: 24
185.136.96.0/24 maxlen: 24
185.136.99.0/24 maxlen: 24
45.83.251.0/24 maxlen: 24
45.83.250.0/24 maxlen: 24
45.83.249.0/24 maxlen: 24
45.83.248.0/24 maxlen: 24
2a06:fb00:3::/48 maxlen: 48
2a06:fb00:2::/48 maxlen: 48
2a06:fb00:1::/48 maxlen: 48
2a06:fb00:4::/48 maxlen: 48
2a06:fb00::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 03 Nov 2023 10:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:83:4b:aa:c1:fb:53:a9:df:43:f6:17:e1:0d:62:1a:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87c78b5b06a6f902c510f9b4a8f803ba32dfa84
Validity
Not Before: Oct 31 01:14:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26d864080577542d0df5ffb684a4dfb24150ae4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:75:7c:e3:89:2c:c7:49:4c:ef:c4:de:11:8e:
55:ff:e4:56:4e:78:9b:80:2a:82:ff:01:60:23:a0:
fb:f4:c0:98:cc:70:29:7b:59:71:ff:fa:69:f4:af:
cc:cb:ee:3e:fe:6c:7f:15:9e:02:0b:de:31:14:a2:
b5:7b:a9:67:e7:4a:bf:73:20:a0:22:d8:67:4b:cb:
b8:46:2a:a6:e8:1a:5b:49:3d:59:88:11:3c:5d:9b:
91:61:7c:bf:b9:60:90:c0:4c:54:ea:50:80:89:2e:
82:d7:e9:10:b0:2a:40:2d:46:c7:79:79:b2:50:c3:
a4:0b:39:ca:56:b2:d0:2d:68:b2:42:9e:d9:cb:fd:
1b:c5:e8:17:a8:cc:8e:97:15:3f:f5:f7:5c:4c:92:
33:79:88:03:72:a6:39:3d:0f:15:7b:03:a4:34:6d:
48:17:95:dc:a9:ae:22:e1:c0:55:91:c0:a9:54:4b:
8a:08:13:5c:86:5a:30:91:3e:1f:a3:ad:11:6e:04:
5a:36:1c:f4:30:b5:3b:af:e1:42:eb:d3:e8:51:02:
27:7b:0c:46:32:b9:ba:be:b2:73:b9:6a:9d:48:d0:
dc:3b:fd:7b:88:2e:24:c9:12:39:62:ea:6e:03:8d:
f7:74:f0:43:61:4e:e5:15:b2:bb:30:b3:02:c1:69:
da:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D8:64:08:05:77:54:2D:0D:F5:FF:B6:84:A4:DF:B2:41:50:AE:4E
X509v3 Authority Key Identifier:
keyid:C8:7C:78:B5:B0:6A:6F:90:2C:51:0F:9B:4A:8F:80:3B:A3:2D:FA:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHx4tbBqb5AsUQ-bSo-AO6Mt-oQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e22980-d5e5-41e8-a06a-7469ef203f82/1/JthkCAV3VC0N9f-2hKTfskFQrk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e22980-d5e5-41e8-a06a-7469ef203f82/1/yHx4tbBqb5AsUQ-bSo-AO6Mt-oQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.248.0/22
185.136.96.0/22
IPv6:
2a06:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
04:c2:bf:fb:9e:2f:b4:96:ea:eb:05:18:76:93:76:a0:cf:17:
5d:c0:54:80:b3:2b:00:00:ee:4a:f0:65:b8:46:98:c5:f6:1b:
6d:11:33:80:e9:12:bc:d3:d1:f9:e2:2b:53:16:a2:b5:da:8e:
66:70:ae:b9:d6:4d:35:26:2d:c8:1e:db:91:24:37:64:ec:30:
70:64:d6:63:f2:e0:8c:33:64:d4:01:24:71:e1:32:ae:73:9f:
5c:3a:ae:3a:58:0b:3b:02:20:a9:04:c3:62:2a:58:48:ff:20:
15:cf:69:80:d0:c4:52:b9:f9:dd:98:49:2d:d4:8d:91:12:d8:
a2:df:a7:eb:84:6f:00:83:52:74:28:b1:4d:a0:21:9b:f5:60:
7d:38:c3:43:63:c7:8c:06:33:3f:cc:e1:ea:92:a0:cb:32:c5:
f5:22:b2:9c:89:4f:80:0a:b5:98:6e:89:db:54:cd:a2:75:43:
14:05:06:48:34:51:34:b0:94:5b:91:3c:df:38:3c:7c:d0:2d:
82:80:98:b3:c1:03:d2:e3:02:4e:d7:48:23:25:c6:c1:4a:9e:
3f:46:1b:c1:0b:cf:06:df:09:78:17:3f:7b:79:bb:bf:ae:be:
51:96:f7:31:be:b2:ef:07:c9:1e:4b:8f:fc:8a:09:31:f4:a4:
a0:c5:4c:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuDS6rB+1Op30P2F+ENYhqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2M3OGI1YjA2YTZmOTAyYzUxMGY5YjRhOGY4MDNiYTMy
ZGZhODQwHhcNMjMxMDMxMDExNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmQ4NjQwODA1Nzc1NDJkMGRmNWZmYjY4NGE0ZGZiMjQxNTBhZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3V844ksx0lM78TeEY5V/+RWTnib
gCqC/wFgI6D79MCYzHApe1lx//pp9K/My+4+/mx/FZ4CC94xFKK1e6ln50q/cyCg
IthnS8u4Riqm6BpbST1ZiBE8XZuRYXy/uWCQwExU6lCAiS6C1+kQsCpALUbHeXmy
UMOkCznKVrLQLWiyQp7Zy/0bxegXqMyOlxU/9fdcTJIzeYgDcqY5PQ8VewOkNG1I
F5Xcqa4i4cBVkcCpVEuKCBNchlowkT4fo60RbgRaNhz0MLU7r+FC69PoUQInewxG
Mrm6vrJzuWqdSNDcO/17iC4kyRI5YupuA433dPBDYU7lFbK7MLMCwWna8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCbYZAgFd1QtDfX/toSk37JBUK5OMB8GA1UdIwQY
MBaAFMh8eLWwam+QLFEPm0qPgDujLfqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh4NHRiQnFiNUFzVVEtYlNvLUFPNk10LW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lMjI5ODAtZDVlNS00MWU4LWEwNmEt
NzQ2OWVmMjAzZjgyLzEvSnRoa0NBVjNWQzBOOWYtMmhLVGZza0ZRcms0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lMjI5ODAtZDVlNS00MWU4LWEwNmEtNzQ2OWVmMjAzZjgy
LzEveUh4NHRiQnFiNUFzVVEtYlNvLUFPNk10LW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVP4AwQC
uYhgMA0EAgACMAcDBQMqBvsAMA0GCSqGSIb3DQEBCwUAA4IBAQAEwr/7ni+0lurr
BRh2k3agzxddwFSAsysAAO5K8GW4RpjF9httETOA6RK809H54itTFqK12o5mcK65
1k01Ji3IHtuRJDdk7DBwZNZj8uCMM2TUASRx4TKuc59cOq46WAs7AiCpBMNiKlhI
/yAVz2mA0MRSufndmEkt1I2REtii36frhG8Ag1J0KLFNoCGb9WB9OMNDY8eMBjM/
zOHqkqDLMsX1IrKciU+ACrWYbonbVM2idUMUBQZINFE0sJRbkTzfODx80C2CgJiz
wQPS4wJO10gjJcbBSp4/RhvBC88G3wl4Fz97ebu/rr5RlvcxvrLvB8keS4/8igkx
9KSgxUwi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:30 2024 by rpki-client on console-ams.rpki-client.org