Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/JYCr_Xy7P_EosZVMSI3XTWRNl2A.roa
File: JYCr_Xy7P_EosZVMSI3XTWRNl2A.roa (raw, json)
Hash identifier: i5cenyV92cg60HnlvaTq/bdDNKcfSb1jXBBTmuEUzd4=
Subject key identifier: 25:80:AB:FD:7C:BB:3F:F1:28:B1:95:4C:48:8D:D7:4D:64:4D:97:60
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 018EA973AC89A2D15BAE34D956985E908DF2
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/JYCr_Xy7P_EosZVMSI3XTWRNl2A.roa
Signing time: Thu 04 Apr 2024 14:11:54 +0000
ROA not before: Thu 04 Apr 2024 14:11:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 62.171.192.0/18 maxlen: 24
185.192.228.0/22 maxlen: 24
194.154.0.0/19 maxlen: 24
194.238.32.0/19 maxlen: 24
194.238.64.0/19 maxlen: 24
213.18.192.0/18 maxlen: 24
217.177.0.0/18 maxlen: 24
217.177.64.0/19 maxlen: 24
217.179.0.0/17 maxlen: 24
217.179.192.0/18 maxlen: 24
217.180.0.0/18 maxlen: 24
217.181.0.0/18 maxlen: 24
217.181.64.0/19 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Apr 2024 21:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:73:ac:89:a2:d1:5b:ae:34:d9:56:98:5e:90:8d:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 4 14:11:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2580abfd7cbb3ff128b1954c488dd74d644d9760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e1:d8:ce:9d:0b:ab:82:95:bd:f9:63:01:23:
0d:24:7a:0e:de:cd:1c:95:47:7d:96:f0:4c:57:8d:
96:30:d0:11:b8:87:4a:0c:10:bb:eb:62:86:46:ab:
84:94:f0:a9:ac:c6:d6:e8:6d:d1:d9:07:fe:00:c6:
87:c1:cc:39:b3:dd:19:95:d3:27:ba:21:a8:a5:8b:
bf:88:a3:3a:3c:e0:f6:e4:ef:fe:e6:f7:44:6b:17:
e3:19:c2:7c:0b:76:48:56:ef:f3:1d:08:9e:fa:03:
a3:57:c3:e1:06:85:02:2b:9e:2f:22:97:12:13:21:
6e:63:37:6d:7d:ef:dd:c3:e9:58:dd:e8:1e:5d:1b:
35:45:71:16:e7:97:e0:c3:ef:a5:e9:62:6f:d1:45:
3b:5e:65:9c:6f:a6:3d:5d:93:40:06:88:14:4e:62:
0e:8c:22:b7:f4:66:6d:63:8a:12:bd:f2:5c:ac:c7:
fe:53:a7:26:2d:09:46:84:44:ca:b3:4e:ac:13:d4:
31:3c:55:69:2c:fa:82:66:8d:06:77:4a:52:7e:c3:
e4:a6:65:d1:e5:81:31:50:ac:2d:0f:c9:8e:00:a8:
29:70:31:e0:28:f3:1d:f6:4f:22:82:66:6a:6f:58:
ee:68:a9:52:04:df:cf:57:62:2e:30:b2:06:c2:e7:
05:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:80:AB:FD:7C:BB:3F:F1:28:B1:95:4C:48:8D:D7:4D:64:4D:97:60
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/JYCr_Xy7P_EosZVMSI3XTWRNl2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0/18
185.192.228.0/22
194.154.0.0/19
194.238.32.0-194.238.95.255
213.18.192.0/18
217.177.0.0-217.177.95.255
217.179.0.0/17
217.179.192.0-217.180.63.255
217.181.0.0-217.181.95.255
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
5f:0f:da:fc:9e:dd:df:7d:17:54:dd:20:c3:be:b5:74:12:a9:
2b:f2:36:88:19:e3:25:6c:a0:e1:2f:18:22:a3:dd:26:c6:22:
28:85:26:21:1a:4d:0c:38:d1:d0:cd:98:03:a9:cd:56:e1:6a:
78:e1:db:d7:81:d8:37:d9:3b:8b:ce:9a:df:3a:5b:2b:34:b4:
91:bb:ed:93:01:f4:2c:26:59:5e:59:9b:43:f8:5e:7d:20:4e:
72:15:22:e7:32:9c:fd:ae:c0:fe:f0:92:55:3a:69:47:af:7d:
89:26:68:ee:84:08:af:e3:6f:56:ea:b2:d6:2d:0e:9a:e7:17:
f8:7b:de:28:15:2b:da:b4:7c:f8:90:af:28:58:b3:90:ee:e4:
76:b6:e5:66:52:4d:5f:96:4f:f4:4a:55:48:fe:e1:e2:6d:26:
e7:9f:73:0c:33:8c:8d:31:75:a4:fa:58:8f:19:ea:3e:05:31:
77:d4:6c:f1:24:fb:c5:71:ac:33:d1:db:b3:d2:d8:aa:57:8d:
72:a5:84:f3:b1:49:18:f3:3d:15:6b:88:5c:93:6a:e6:98:13:
1b:85:e2:e3:51:f5:ab:9c:65:f7:ff:d6:64:4d:c7:be:a3:a6:
81:d0:e7:49:22:70:3e:59:b8:2d:b9:ba:b5:75:f0:0e:87:fc:
56:27:91:ea
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAY6pc6yJotFbrjTZVphekI3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwNDA0MTQxMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTgwYWJmZDdjYmIzZmYxMjhiMTk1NGM0ODhkZDc0ZDY0NGQ5NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+HYzp0Lq4KVvfljASMNJHoO3s0c
lUd9lvBMV42WMNARuIdKDBC762KGRquElPCprMbW6G3R2Qf+AMaHwcw5s90ZldMn
uiGopYu/iKM6POD25O/+5vdEaxfjGcJ8C3ZIVu/zHQie+gOjV8PhBoUCK54vIpcS
EyFuYzdtfe/dw+lY3egeXRs1RXEW55fgw++l6WJv0UU7XmWcb6Y9XZNABogUTmIO
jCK39GZtY4oSvfJcrMf+U6cmLQlGhETKs06sE9QxPFVpLPqCZo0Gd0pSfsPkpmXR
5YExUKwtD8mOAKgpcDHgKPMd9k8igmZqb1juaKlSBN/PV2IuMLIGwucFowIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFCWAq/18uz/xKLGVTEiN101kTZdgMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvSllDcl9YeTdQX0Vvc1pWTVNJM1hUV1JObDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQGPqvAAwQC
ucDkAwQFwpoAMAwDBAXC7iADBAXC7kADBAbVEsAwCwMDANmxAwQF2bFAAwQH2bMA
MAwDBAbZs8ADBAbZtAAwCwMDANm1AwQF2bVAMA0EAgACMAcDBQAqAg+wMA0GCSqG
SIb3DQEBCwUAA4IBAQBfD9r8nt3ffRdU3SDDvrV0Eqkr8jaIGeMlbKDhLxgio90m
xiIohSYhGk0MONHQzZgDqc1W4Wp44dvXgdg32TuLzprfOlsrNLSRu+2TAfQsJlle
WZtD+F59IE5yFSLnMpz9rsD+8JJVOmlHr32JJmjuhAiv429W6rLWLQ6a5xf4e94o
FSvatHz4kK8oWLOQ7uR2tuVmUk1flk/0SlVI/uHibSbnn3MMM4yNMXWk+liPGeo+
BTF31GzxJPvFcawz0duz0tiqV41ypYTzsUkY8z0Va4hck2rmmBMbheLjUfWrnGX3
/9ZkTce+o6aB0OdJInA+Wbgtubq1dfAOh/xWJ5Hq
-----END CERTIFICATE-----
Generated at Tue Apr 23 22:12:03 2024 by rpki-client on console-fra.rpki-client.org