Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/JSSH7VEJsWt8f_bNMxwvI0qjqaw.roa
File: JSSH7VEJsWt8f_bNMxwvI0qjqaw.roa (raw, json)
Hash identifier: d4vcCS3ZLHsy7zTjr1BnYjnJWW6hKzSM+EybCQzNI/0=
Subject key identifier: 25:24:87:ED:51:09:B1:6B:7C:7F:F6:CD:33:1C:2F:23:4A:A3:A9:AC
Certificate issuer: /CN=e2b1e2e4c508c6c7a98b6598528745c813fad31d
Certificate serial: 01856F3018C3D44005FA04D956441818EC05
Authority key identifier: E2:B1:E2:E4:C5:08:C6:C7:A9:8B:65:98:52:87:45:C8:13:FA:D3:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/JSSH7VEJsWt8f_bNMxwvI0qjqaw.roa
Signing time: Sun 01 Jan 2023 21:15:01 +0000
ROA not before: Sun 01 Jan 2023 21:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43905
IP address blocks: 185.84.12.0/22 maxlen: 22
217.173.48.0/24 maxlen: 24
217.173.61.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:18:c3:d4:40:05:fa:04:d9:56:44:18:18:ec:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2b1e2e4c508c6c7a98b6598528745c813fad31d
Validity
Not Before: Jan 1 21:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=252487ed5109b16b7c7ff6cd331c2f234aa3a9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:62:be:ea:3a:8d:18:54:28:fd:fe:e6:80:
23:55:56:89:cf:85:cb:db:df:f6:b9:df:b4:68:10:
21:fe:7e:c2:67:0c:9f:2a:31:88:6d:91:20:7f:1e:
68:5a:04:f6:ae:5e:62:0d:23:a8:79:99:a2:b2:0c:
00:55:2c:bc:c1:7d:6a:7d:7f:ae:db:fd:46:8d:76:
ce:10:fe:93:27:5e:bd:77:1f:0e:1e:71:9b:80:22:
9c:75:88:ce:0b:8f:9b:16:d9:51:8f:d8:5a:fc:c5:
96:a2:02:0e:a4:da:21:80:23:fc:db:5b:a9:98:7d:
3e:95:5b:31:48:c5:8f:70:0a:ed:b6:ae:8e:4c:20:
e9:95:21:dd:07:d5:d7:87:ee:71:b6:fb:8d:ea:d8:
9f:ce:3d:d0:91:ef:00:f0:e4:06:af:7a:a1:fa:64:
95:ef:d9:b7:3b:30:62:2f:31:aa:6f:78:3c:ae:88:
c1:31:87:73:85:9d:7e:c9:02:8a:c9:7f:df:0a:70:
21:85:03:15:4a:bb:19:57:34:3a:6f:06:63:34:15:
27:3b:dd:3e:5a:79:ef:98:32:24:64:4b:81:c4:db:
75:99:4c:f4:2a:3c:ab:8b:e7:98:24:ad:ec:62:74:
0e:12:ca:81:77:5b:7e:02:ad:59:9f:12:8d:d9:13:
76:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:24:87:ED:51:09:B1:6B:7C:7F:F6:CD:33:1C:2F:23:4A:A3:A9:AC
X509v3 Authority Key Identifier:
keyid:E2:B1:E2:E4:C5:08:C6:C7:A9:8B:65:98:52:87:45:C8:13:FA:D3:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/JSSH7VEJsWt8f_bNMxwvI0qjqaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/4rHi5MUIxsepi2WYUodFyBP60x0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.12.0/22
217.173.48.0/24
217.173.61.0/24
Signature Algorithm: sha256WithRSAEncryption
45:a7:f2:56:3f:e7:d8:ac:69:5c:97:12:bc:06:bb:cd:fd:72:
c9:83:c5:30:eb:68:51:c7:35:4c:79:f6:1b:bb:de:27:61:87:
91:ce:dc:07:8a:e0:c2:b2:7b:63:ba:c2:8c:44:31:72:99:51:
2b:4a:4f:a5:60:85:db:bb:55:ab:d0:bf:13:7f:cf:b5:d5:c4:
cf:79:99:fa:de:ee:09:b6:72:ac:80:98:fb:51:51:60:0f:a9:
98:fb:af:98:13:43:c5:8f:a3:b3:c4:d3:33:fe:31:13:2a:7f:
34:47:c5:bb:3b:44:09:1b:e7:52:e8:8e:4a:49:17:69:59:a3:
df:53:1d:33:7e:29:68:ec:b9:3b:70:05:e8:dd:db:c8:51:6a:
4f:88:64:c3:13:2e:e1:0d:61:95:05:ff:b4:30:38:26:e9:a1:
5b:60:eb:be:d5:d6:5f:93:a8:c5:2c:48:84:bb:df:92:f8:9e:
cf:a5:f4:6b:48:34:fb:92:18:ea:a9:ed:66:93:f3:95:e8:93:
c2:0a:a6:b4:85:7f:9f:af:84:7d:4e:a0:64:e5:78:76:d6:7e:
2d:a0:b7:24:b9:07:57:98:a6:09:54:ac:94:23:e8:d6:ca:c1:
61:4d:4d:b5:db:37:77:9a:c8:aa:b9:69:49:f3:67:86:28:41:
aa:4c:d4:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvMBjD1EAF+gTZVkQYGOwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYjFlMmU0YzUwOGM2YzdhOThiNjU5ODUyODc0NWM4MTNm
YWQzMWQwHhcNMjMwMTAxMjExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTI0ODdlZDUxMDliMTZiN2M3ZmY2Y2QzMzFjMmYyMzRhYTNhOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWNivuo6jRhUKP3+5oAjVVaJz4XL
29/2ud+0aBAh/n7CZwyfKjGIbZEgfx5oWgT2rl5iDSOoeZmisgwAVSy8wX1qfX+u
2/1GjXbOEP6TJ169dx8OHnGbgCKcdYjOC4+bFtlRj9ha/MWWogIOpNohgCP821up
mH0+lVsxSMWPcArttq6OTCDplSHdB9XXh+5xtvuN6tifzj3Qke8A8OQGr3qh+mSV
79m3OzBiLzGqb3g8rojBMYdzhZ1+yQKKyX/fCnAhhQMVSrsZVzQ6bwZjNBUnO90+
WnnvmDIkZEuBxNt1mUz0Kjyri+eYJK3sYnQOEsqBd1t+Aq1ZnxKN2RN2MwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCUkh+1RCbFrfH/2zTMcLyNKo6msMB8GA1UdIwQY
MBaAFOKx4uTFCMbHqYtlmFKHRcgT+tMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHJIaTVNVUl4c2VwaTJXWVVvZEZ5QlA2MHgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kMzFlNWYtMGY1Mi00NjIzLTg2N2Et
NTQzZDYxODJlMjk0LzEvSlNTSDdWRUpzV3Q4Zl9iTk14d3ZJMHFqcWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kMzFlNWYtMGY1Mi00NjIzLTg2N2EtNTQzZDYxODJlMjk0
LzEvNHJIaTVNVUl4c2VwaTJXWVVvZEZ5QlA2MHgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuVQMAwQA
2a0wAwQA2a09MA0GCSqGSIb3DQEBCwUAA4IBAQBFp/JWP+fYrGlclxK8BrvN/XLJ
g8Uw62hRxzVMefYbu94nYYeRztwHiuDCsntjusKMRDFymVErSk+lYIXbu1Wr0L8T
f8+11cTPeZn63u4JtnKsgJj7UVFgD6mY+6+YE0PFj6OzxNMz/jETKn80R8W7O0QJ
G+dS6I5KSRdpWaPfUx0zfilo7Lk7cAXo3dvIUWpPiGTDEy7hDWGVBf+0MDgm6aFb
YOu+1dZfk6jFLEiEu9+S+J7PpfRrSDT7khjqqe1mk/OV6JPCCqa0hX+fr4R9TqBk
5Xh21n4toLckuQdXmKYJVKyUI+jWysFhTU212zd3msiquWlJ82eGKEGqTNTF
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:05 2023 by rpki-client on console-ams.rpki-client.org