Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/JX5yqHSlzWzhqVs2l5RzLx7CSKk.roa
File: JX5yqHSlzWzhqVs2l5RzLx7CSKk.roa (raw, json)
Hash identifier: 6j77+Rvff6q9Bg3Cn6qT3annIg+hHkf2F5q3zq/8NT8=
Subject key identifier: 25:7E:72:A8:74:A5:CD:6C:E1:A9:5B:36:97:94:73:2F:1E:C2:48:A9
Certificate issuer: /CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Certificate serial: 0185703055EFCD928F2F6241766BD6CADF40
Authority key identifier: 29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/JX5yqHSlzWzhqVs2l5RzLx7CSKk.roa
Signing time: Mon 02 Jan 2023 01:54:53 +0000
ROA not before: Mon 02 Jan 2023 01:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205371
IP address blocks: 185.220.112.0/24 maxlen: 24
185.220.115.0/24 maxlen: 24
185.220.113.0/24 maxlen: 24
185.220.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Sep 2023 12:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:55:ef:cd:92:8f:2f:62:41:76:6b:d6:ca:df:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Validity
Not Before: Jan 2 01:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=257e72a874a5cd6ce1a95b369794732f1ec248a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e8:9b:9b:af:37:2b:54:22:5c:3e:e5:a5:81:
19:52:38:df:3f:84:85:5c:1c:f6:12:bb:71:d1:50:
d7:b5:ad:2a:a6:9b:aa:1f:c2:9b:25:5b:05:84:26:
78:c7:8a:f9:37:f9:eb:04:37:cb:cd:00:0d:c6:23:
cf:11:ec:0b:e2:5c:15:d5:1c:e6:05:1a:1c:1e:16:
16:6d:4d:ce:06:7d:65:b6:b2:60:b2:e5:6a:f1:7a:
71:9c:5e:d1:64:13:ac:81:ae:8f:61:dd:95:57:fd:
a2:1a:42:0d:fd:25:f1:de:d1:48:50:6f:de:11:e8:
13:f1:04:e2:1a:a8:01:12:3b:0f:7d:66:db:e0:5c:
9e:0c:0f:47:bb:a6:f6:37:d6:96:ff:70:cd:ee:8f:
7a:cd:b7:68:3c:56:08:25:d8:b8:17:21:9a:fc:1d:
1b:af:72:b1:9c:d5:59:f2:71:88:bf:06:2d:4d:18:
31:61:f3:e1:b9:53:95:df:5c:0f:37:4c:1e:fa:b1:
26:50:b9:6e:21:58:df:90:35:e8:a4:78:b2:fa:be:
bd:97:54:4d:5f:5b:50:d2:bc:4c:55:c8:9f:fb:e4:
0a:88:4d:b1:f6:6d:19:be:25:cd:b7:e7:b9:8f:c7:
89:30:cd:57:f2:71:e3:6e:a6:8b:13:1e:8d:0d:28:
0e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7E:72:A8:74:A5:CD:6C:E1:A9:5B:36:97:94:73:2F:1E:C2:48:A9
X509v3 Authority Key Identifier:
keyid:29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/JX5yqHSlzWzhqVs2l5RzLx7CSKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/KVtqNKIQm6fE2X92x0Rm8UwzM-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.112.0/22
Signature Algorithm: sha256WithRSAEncryption
14:83:21:15:33:ec:0a:1d:f3:39:23:69:41:88:09:55:7d:d9:
39:fd:2c:88:7c:13:d3:0c:97:99:80:b4:49:d9:52:41:08:f5:
98:58:76:f2:51:ac:b0:b4:ab:64:78:ef:1c:a7:31:75:77:07:
13:0a:61:d0:57:69:cd:e6:86:fb:0e:ff:81:c6:21:a1:6b:c5:
c4:e0:52:5c:37:13:42:72:14:9d:33:72:24:bb:91:0b:4f:f2:
a6:94:06:19:43:02:c1:f4:21:ba:4e:3b:c2:f7:94:88:6d:78:
40:94:df:b0:03:b3:eb:b2:6c:a6:f5:85:56:a6:c4:c0:c5:ad:
f1:20:f6:70:96:d7:75:fa:e7:13:74:43:82:37:74:97:56:7a:
fb:d0:0b:f9:b6:ea:a0:00:bf:eb:6e:ee:01:77:88:ca:5d:71:
03:bd:c5:d3:aa:48:0c:af:5d:9c:06:46:9b:c6:94:50:2c:8e:
4c:c0:a6:78:c4:90:2d:62:0e:09:8f:fe:de:70:dc:19:96:f9:
1e:4d:1e:ce:53:8b:7b:c2:e7:67:6d:41:2a:99:41:dc:d7:3e:
b9:92:16:1a:f8:5c:a4:01:46:14:21:ed:e8:20:3b:55:18:37:
e6:70:1f:d3:3e:22:86:c8:09:5e:06:d8:f8:9b:da:48:a9:0c:
c7:db:60:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMFXvzZKPL2JBdmvWyt9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NWI2YTM0YTIxMDliYTdjNGQ5N2Y3NmM3NDQ2NmYxNGMz
MzMzZTAwHhcNMjMwMTAyMDE1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdlNzJhODc0YTVjZDZjZTFhOTViMzY5Nzk0NzMyZjFlYzI0OGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuibm683K1QiXD7lpYEZUjjfP4SF
XBz2Ertx0VDXta0qppuqH8KbJVsFhCZ4x4r5N/nrBDfLzQANxiPPEewL4lwV1Rzm
BRocHhYWbU3OBn1ltrJgsuVq8XpxnF7RZBOsga6PYd2VV/2iGkIN/SXx3tFIUG/e
EegT8QTiGqgBEjsPfWbb4FyeDA9Hu6b2N9aW/3DN7o96zbdoPFYIJdi4FyGa/B0b
r3KxnNVZ8nGIvwYtTRgxYfPhuVOV31wPN0we+rEmULluIVjfkDXopHiy+r69l1RN
X1tQ0rxMVcif++QKiE2x9m0ZviXNt+e5j8eJMM1X8nHjbqaLEx6NDSgOKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCV+cqh0pc1s4albNpeUcy8ewkipMB8GA1UdIwQY
MBaAFClbajSiEJunxNl/dsdEZvFMMzPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Z0cU5LSVFtNmZFMlg5MngwUm04VXd6TS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lOWIxNzMtOTJiNi00MjEwLWE4ZTAt
Yjc5N2E0NDA2ZjMwLzEvSlg1eXFIU2x6V3pocVZzMmw1UnpMeDdDU0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lOWIxNzMtOTJiNi00MjEwLWE4ZTAtYjc5N2E0NDA2ZjMw
LzEvS1Z0cU5LSVFtNmZFMlg5MngwUm04VXd6TS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudxwMA0G
CSqGSIb3DQEBCwUAA4IBAQAUgyEVM+wKHfM5I2lBiAlVfdk5/SyIfBPTDJeZgLRJ
2VJBCPWYWHbyUaywtKtkeO8cpzF1dwcTCmHQV2nN5ob7Dv+BxiGha8XE4FJcNxNC
chSdM3Iku5ELT/KmlAYZQwLB9CG6TjvC95SIbXhAlN+wA7Prsmym9YVWpsTAxa3x
IPZwltd1+ucTdEOCN3SXVnr70Av5tuqgAL/rbu4Bd4jKXXEDvcXTqkgMr12cBkab
xpRQLI5MwKZ4xJAtYg4Jj/7ecNwZlvkeTR7OU4t7wudnbUEqmUHc1z65khYa+Fyk
AUYUIe3oIDtVGDfmcB/TPiKGyAleBtj4m9pIqQzH22DZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:34 2024 by rpki-client on console-ams.rpki-client.org