Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/JzFyCWK514jusJ5Olc30-NrgYi8.roa
File: JzFyCWK514jusJ5Olc30-NrgYi8.roa (raw, json)
Hash identifier: 7ffiabanCo66u0OqJNcku0zddVnsXO1YPhtVQfmc7M0=
Subject key identifier: 27:31:72:09:62:B9:D7:88:EE:B0:9E:4E:95:CD:F4:F8:DA:E0:62:2F
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A65D5D80C23ED5799435762E8DF91B8FB
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/JzFyCWK514jusJ5Olc30-NrgYi8.roa
Signing time: Tue 05 Sep 2023 14:53:47 +0000
ROA not before: Tue 05 Sep 2023 14:53:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49074
IP address blocks: 193.242.196.0/22 maxlen: 22
109.166.32.0/22 maxlen: 22
91.228.140.0/22 maxlen: 22
194.40.204.0/22 maxlen: 22
91.234.56.0/22 maxlen: 22
151.248.64.0/24 maxlen: 24
151.248.65.0/24 maxlen: 24
151.248.66.0/24 maxlen: 24
151.248.67.0/24 maxlen: 24
151.248.95.0/24 maxlen: 24
176.113.104.0/22 maxlen: 22
2a04:2043::/32 maxlen: 32
2a04:2047::/32 maxlen: 32
2a04:2041::/32 maxlen: 32
2a04:2045::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:d5:d8:0c:23:ed:57:99:43:57:62:e8:df:91:b8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Sep 5 14:53:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2731720962b9d788eeb09e4e95cdf4f8dae0622f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:62:c7:43:6a:32:cd:6a:b6:e0:b0:ad:08:4c:
cc:6c:cf:54:d6:18:50:ae:bf:87:3c:31:20:41:e5:
ee:3a:e5:b9:70:23:31:b5:94:aa:c5:13:09:8e:ad:
11:dd:0a:e0:2b:48:80:0d:a8:8f:29:f1:f9:a4:ef:
fb:02:5f:88:3e:bd:e1:fe:12:fa:1f:97:ee:9e:b1:
a0:3f:05:82:99:6c:a1:58:f9:84:0c:d2:72:0e:c3:
2b:60:4f:36:bc:f3:15:ba:f5:1a:54:f8:33:86:e9:
ae:4c:0f:74:f3:e8:93:ca:2a:8b:4d:bf:f3:d1:8a:
c5:2e:a7:10:3f:17:c3:4b:0c:92:d1:f7:df:4a:71:
e0:f1:89:fb:19:7a:09:d4:06:a7:aa:df:2b:d3:a1:
38:8f:89:7b:d0:88:50:53:9b:db:f7:f4:1a:d6:c9:
8a:ce:81:f5:07:2f:03:f6:9c:d8:be:b8:06:ee:f5:
ba:22:95:81:43:b9:4a:cf:0a:ed:10:0a:8b:a6:12:
47:9f:7c:46:08:45:7a:5f:8b:6b:55:84:ca:46:00:
36:c4:ea:98:a5:65:13:64:ff:d6:e9:02:77:4e:2f:
a4:5f:4d:11:80:5d:76:5e:8f:1b:d8:fd:52:ac:52:
a4:eb:04:d8:e3:28:0a:d4:82:5f:79:32:fd:2b:18:
4a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:31:72:09:62:B9:D7:88:EE:B0:9E:4E:95:CD:F4:F8:DA:E0:62:2F
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/JzFyCWK514jusJ5Olc30-NrgYi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.140.0/22
91.234.56.0/22
109.166.32.0/22
151.248.64.0/22
151.248.95.0/24
176.113.104.0/22
193.242.196.0/22
194.40.204.0/22
IPv6:
2a04:2041::/32
2a04:2043::/32
2a04:2045::/32
2a04:2047::/32
Signature Algorithm: sha256WithRSAEncryption
59:0a:08:78:e7:ec:52:76:01:6f:d8:dc:ba:61:fc:08:e4:f5:
ca:22:5b:46:fe:c8:b6:87:76:27:6c:51:92:91:99:73:d2:66:
55:d9:0b:50:4e:70:d0:52:8d:12:43:99:9e:87:09:4d:5e:8a:
0e:09:4c:2d:fc:35:bd:38:e9:7b:3f:4b:51:0d:da:31:a4:d8:
dc:4b:15:43:34:6e:7c:15:b8:09:d8:b1:0e:56:a0:5e:f2:f0:
a9:2b:6f:c8:d2:76:bb:84:27:30:27:28:1f:6b:b0:85:27:d4:
ba:70:19:f9:ed:05:76:18:6b:78:9b:41:d6:ca:05:1e:33:1c:
32:1c:a0:62:a6:eb:4d:60:da:5c:12:04:14:04:ea:af:f0:88:
36:de:c0:60:90:4e:48:14:0f:c1:fd:2f:06:f7:61:61:21:46:
ca:0b:38:b8:6f:a2:4c:a1:c5:17:0b:f6:41:1e:73:82:3e:96:
51:05:64:ea:32:56:d7:90:dc:7d:e6:fc:e1:fd:95:86:7e:c9:
44:6b:41:4e:6e:45:25:d3:89:08:bf:98:5d:17:28:7d:36:b5:
76:ae:3e:77:e5:b3:03:c6:b5:4f:e6:17:23:a2:ca:c6:4a:96:
70:ac:04:6e:47:80:f5:5a:5d:92:1b:2e:7b:2b:9c:1c:4e:39:
77:05:89:69
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYpl1dgMI+1XmUNXYujfkbj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwOTA1MTQ1MzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzMxNzIwOTYyYjlkNzg4ZWViMDllNGU5NWNkZjRmOGRhZTA2MjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGLHQ2oyzWq24LCtCEzMbM9U1hhQ
rr+HPDEgQeXuOuW5cCMxtZSqxRMJjq0R3QrgK0iADaiPKfH5pO/7Al+IPr3h/hL6
H5funrGgPwWCmWyhWPmEDNJyDsMrYE82vPMVuvUaVPgzhumuTA908+iTyiqLTb/z
0YrFLqcQPxfDSwyS0fffSnHg8Yn7GXoJ1Aanqt8r06E4j4l70IhQU5vb9/Qa1smK
zoH1By8D9pzYvrgG7vW6IpWBQ7lKzwrtEAqLphJHn3xGCEV6X4trVYTKRgA2xOqY
pWUTZP/W6QJ3Ti+kX00RgF12Xo8b2P1SrFKk6wTY4ygK1IJfeTL9KxhKwQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCcxcgliudeI7rCeTpXN9Pja4GIvMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvSnpGeUNXSzUxNGp1c0o1T2xjMzAtTnJnWWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQCW+SMAwQC
W+o4AwQCbaYgAwQCl/hAAwQAl/hfAwQCsHFoAwQCwfLEAwQCwijMMCIEAgACMBwD
BQAqBCBBAwUAKgQgQwMFACoEIEUDBQAqBCBHMA0GCSqGSIb3DQEBCwUAA4IBAQBZ
Cgh45+xSdgFv2Ny6YfwI5PXKIltG/si2h3YnbFGSkZlz0mZV2QtQTnDQUo0SQ5me
hwlNXooOCUwt/DW9OOl7P0tRDdoxpNjcSxVDNG58FbgJ2LEOVqBe8vCpK2/I0na7
hCcwJygfa7CFJ9S6cBn57QV2GGt4m0HWygUeMxwyHKBiputNYNpcEgQUBOqv8Ig2
3sBgkE5IFA/B/S8G92FhIUbKCzi4b6JMocUXC/ZBHnOCPpZRBWTqMlbXkNx95vzh
/ZWGfslEa0FObkUl04kIv5hdFyh9NrV2rj535bMDxrVP5hcjosrGSpZwrARuR4D1
Wl2SGy57K5wcTjl3BYlp
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:06 2024 by rpki-client on console-ams.rpki-client.org