Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c9ebb2-851d-4578-a879-c29bf25d266e/1/ji-hjlVqwKO60oiTC9ClTrK_zL0.roa
File: ji-hjlVqwKO60oiTC9ClTrK_zL0.roa (raw, json)
Hash identifier: NpAu8s/d6TLYI0NKTVorPpcGjbhp4i3yprpaZEyRM4c=
Subject key identifier: 8E:2F:A1:8E:55:6A:C0:A3:BA:D2:88:93:0B:D0:A5:4E:B2:BF:CC:BD
Certificate issuer: /CN=8888818c4ecf1d5deb4ea93667470a7a114d9a07
Certificate serial: 0185715E761F972EF2BA6EB33368B1CF1876
Authority key identifier: 88:88:81:8C:4E:CF:1D:5D:EB:4E:A9:36:67:47:0A:7A:11:4D:9A:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iIiBjE7PHV3rTqk2Z0cKehFNmgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c9ebb2-851d-4578-a879-c29bf25d266e/1/ji-hjlVqwKO60oiTC9ClTrK_zL0.roa
Signing time: Mon 02 Jan 2023 07:24:54 +0000
ROA not before: Mon 02 Jan 2023 07:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 559
IP address blocks: 192.33.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:76:1f:97:2e:f2:ba:6e:b3:33:68:b1:cf:18:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8888818c4ecf1d5deb4ea93667470a7a114d9a07
Validity
Not Before: Jan 2 07:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e2fa18e556ac0a3bad288930bd0a54eb2bfccbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bf:a2:d4:88:e5:50:c6:30:14:6d:54:53:8d:
1c:46:c2:38:e5:5f:7f:fe:8e:c0:77:e0:66:96:11:
81:b6:6c:ac:e7:09:62:07:d3:db:61:06:fb:e9:ee:
3d:01:e1:ff:92:2d:0a:55:35:25:23:b4:48:04:fc:
93:68:a9:e9:b0:59:6f:d3:1c:c9:55:65:58:c7:ca:
9d:f9:ba:e4:88:53:20:1e:10:6f:c7:3d:0b:28:4e:
c9:9b:f7:2c:18:73:eb:81:93:18:de:91:71:dc:2b:
c8:0e:4e:51:1a:38:5b:8c:ee:8b:63:f8:4f:57:d8:
31:fa:eb:ac:20:5b:49:d0:56:4f:75:84:fa:ce:1e:
d0:4b:81:37:86:6d:28:b0:5f:3a:67:74:79:64:4a:
b7:ab:37:62:ca:fc:41:5a:05:34:67:d0:7b:e6:d2:
20:2e:25:89:57:a2:f3:79:ae:95:17:d2:f6:d5:ce:
d2:84:64:c7:6b:12:9a:2d:b0:f0:87:47:7c:70:91:
22:67:a7:8b:4a:a1:6e:dd:cf:29:11:d2:1f:a6:f7:
2b:ad:70:8c:99:86:ac:c8:0a:92:a5:97:e6:0e:18:
f9:fc:57:ca:b2:e4:e1:98:4e:c2:4a:89:c7:e4:46:
69:8d:3f:d2:cc:ef:94:3e:50:e3:38:ed:63:2f:08:
a5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:2F:A1:8E:55:6A:C0:A3:BA:D2:88:93:0B:D0:A5:4E:B2:BF:CC:BD
X509v3 Authority Key Identifier:
keyid:88:88:81:8C:4E:CF:1D:5D:EB:4E:A9:36:67:47:0A:7A:11:4D:9A:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iIiBjE7PHV3rTqk2Z0cKehFNmgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c9ebb2-851d-4578-a879-c29bf25d266e/1/ji-hjlVqwKO60oiTC9ClTrK_zL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c9ebb2-851d-4578-a879-c29bf25d266e/1/iIiBjE7PHV3rTqk2Z0cKehFNmgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.33.221.0/24
Signature Algorithm: sha256WithRSAEncryption
37:23:86:8e:a5:af:58:d3:a7:8d:3b:3d:75:37:bc:bf:65:14:
ad:c7:c3:58:8e:6c:69:0e:86:fd:34:75:df:9d:e4:30:05:7a:
b1:98:aa:bd:3e:c1:d3:d4:61:52:aa:cc:9e:86:7f:80:c3:b8:
c3:7f:df:df:1d:56:eb:9f:95:dd:1d:a3:82:35:b3:1b:e3:55:
6d:5c:8f:4c:a3:78:32:f0:6e:e8:2e:b8:61:78:3a:25:a1:10:
45:be:33:82:93:d6:15:30:15:4d:c4:ed:eb:c0:28:62:2e:ac:
b6:13:17:a7:69:e0:4e:ba:02:b8:de:5f:71:0b:45:b2:9b:89:
c1:b5:8e:a9:98:21:bc:51:24:fe:f8:1b:f8:8c:f3:7a:74:e7:
a6:68:3c:25:cf:bf:60:a2:fb:eb:3f:1d:6e:59:17:7f:0d:e1:
53:84:d9:5d:a1:83:d8:fc:ab:c2:25:a6:88:d1:16:2a:7a:20:
60:5b:47:1b:2f:ee:55:81:e3:ff:2f:27:f2:d6:98:5e:b7:f3:
97:41:3e:be:b6:ff:c9:f2:26:ee:ad:f2:08:8e:6b:92:67:ad:
c6:45:7e:d4:bb:ca:34:c9:e6:28:60:ed:02:67:3e:78:a1:a9:
48:cb:d2:37:24:a3:37:40:8e:e7:76:cd:1a:c6:75:08:8b:42:
5b:1e:8c:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXnYfly7yum6zM2ixzxh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ODg4MThjNGVjZjFkNWRlYjRlYTkzNjY3NDcwYTdhMTE0
ZDlhMDcwHhcNMjMwMTAyMDcyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTJmYTE4ZTU1NmFjMGEzYmFkMjg4OTMwYmQwYTU0ZWIyYmZjY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL+i1IjlUMYwFG1UU40cRsI45V9/
/o7Ad+BmlhGBtmys5wliB9PbYQb76e49AeH/ki0KVTUlI7RIBPyTaKnpsFlv0xzJ
VWVYx8qd+brkiFMgHhBvxz0LKE7Jm/csGHPrgZMY3pFx3CvIDk5RGjhbjO6LY/hP
V9gx+uusIFtJ0FZPdYT6zh7QS4E3hm0osF86Z3R5ZEq3qzdiyvxBWgU0Z9B75tIg
LiWJV6Lzea6VF9L21c7ShGTHaxKaLbDwh0d8cJEiZ6eLSqFu3c8pEdIfpvcrrXCM
mYasyAqSpZfmDhj5/FfKsuThmE7CSonH5EZpjT/SzO+UPlDjOO1jLwilkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4voY5VasCjutKIkwvQpU6yv8y9MB8GA1UdIwQY
MBaAFIiIgYxOzx1d606pNmdHCnoRTZoHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUlpQmpFN1BIVjNyVHFrMlowY0tlaEZObWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOWViYjItODUxZC00NTc4LWE4Nzkt
YzI5YmYyNWQyNjZlLzEvamktaGpsVnF3S082MG9pVEM5Q2xUcktfekwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOWViYjItODUxZC00NTc4LWE4NzktYzI5YmYyNWQyNjZl
LzEvaUlpQmpFN1BIVjNyVHFrMlowY0tlaEZObWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCHdMA0G
CSqGSIb3DQEBCwUAA4IBAQA3I4aOpa9Y06eNOz11N7y/ZRStx8NYjmxpDob9NHXf
neQwBXqxmKq9PsHT1GFSqsyehn+Aw7jDf9/fHVbrn5XdHaOCNbMb41VtXI9Mo3gy
8G7oLrhheDoloRBFvjOCk9YVMBVNxO3rwChiLqy2ExenaeBOugK43l9xC0Wym4nB
tY6pmCG8UST++Bv4jPN6dOemaDwlz79govvrPx1uWRd/DeFThNldoYPY/KvCJaaI
0RYqeiBgW0cbL+5VgeP/Lyfy1phet/OXQT6+tv/J8iburfIIjmuSZ63GRX7Uu8o0
yeYoYO0CZz54oalIy9I3JKM3QI7nds0axnUIi0JbHoyQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:32 2024 by rpki-client on console-fra.rpki-client.org