Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/jPbOnbAoAAu09SPpx31uaCjCWUE.roa
File: jPbOnbAoAAu09SPpx31uaCjCWUE.roa (raw, json)
Hash identifier: LenN4wq9hParsePfG/FgNQ6OGZIuQ2D1O+WTarxWpgY=
Subject key identifier: 8C:F6:CE:9D:B0:28:00:0B:B4:F5:23:E9:C7:7D:6E:68:28:C2:59:41
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A3BF94B999E139F0D120E0B737B3B
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/jPbOnbAoAAu09SPpx31uaCjCWUE.roa
Signing time: Sun 01 Jan 2023 03:05:05 +0000
ROA not before: Sun 01 Jan 2023 03:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201411
IP address blocks: 37.18.96.0/22 maxlen: 24
178.170.156.0/22 maxlen: 24
37.18.62.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
188.120.36.0/22 maxlen: 24
188.120.40.0/22 maxlen: 24
178.170.182.0/23 maxlen: 24
178.170.184.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:3b:f9:4b:99:9e:13:9f:0d:12:0e:0b:73:7b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cf6ce9db028000bb4f523e9c77d6e6828c25941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:dd:72:a2:f0:49:c3:ac:0c:d1:07:91:aa:64:
e7:1d:60:94:a0:87:07:d6:54:b4:9f:c3:39:81:cd:
db:c0:87:a2:6c:3c:ac:9e:f7:3b:41:7b:b0:9f:64:
19:04:0b:0d:2e:d8:15:c1:a2:b4:25:53:ea:6b:ab:
20:38:0d:65:bd:1f:c9:a2:8d:00:e0:45:12:5d:52:
ee:f3:fd:0b:12:44:5c:f6:79:c8:17:42:7e:2c:aa:
3d:00:67:a4:1a:bb:3f:a1:f7:01:21:5e:fd:cf:ad:
cd:a6:56:b4:93:df:76:f1:32:60:38:76:c2:b8:c8:
47:fe:d0:e2:3c:2a:8b:0c:23:77:7b:fd:1b:33:1d:
12:78:e9:95:50:8f:40:65:00:eb:7e:cd:0a:bb:70:
63:07:33:88:4b:03:e0:1a:be:6e:05:f8:34:34:3a:
ed:5e:97:6e:cc:5d:2b:93:b7:e4:71:33:fc:82:b1:
69:43:3d:57:6c:90:75:6d:ae:85:84:c5:58:71:02:
a3:49:93:7e:1b:61:1d:f4:89:57:d8:21:d2:4a:ba:
ca:75:9f:e1:27:4d:de:99:db:91:21:0b:0e:bb:e9:
97:8d:d1:1c:a4:ca:39:01:d4:94:1c:0a:9c:a7:6e:
de:d0:f9:49:1a:a8:9b:da:50:c9:3f:63:00:76:33:
8e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F6:CE:9D:B0:28:00:0B:B4:F5:23:E9:C7:7D:6E:68:28:C2:59:41
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/jPbOnbAoAAu09SPpx31uaCjCWUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.62.0/23
37.18.96.0/22
178.170.156.0/22
178.170.182.0-178.170.185.255
188.120.36.0-188.120.43.255
Signature Algorithm: sha256WithRSAEncryption
3d:df:ed:08:a2:46:84:a3:da:b4:d4:3e:2a:34:58:a3:2e:14:
54:a2:ed:fe:8a:2b:91:ef:27:cd:78:3e:02:be:72:9a:ba:66:
ad:59:30:78:08:47:36:db:7b:b6:a4:c1:71:dd:ba:74:80:f7:
0d:19:59:c3:55:6d:38:9c:d3:e0:ed:d3:a8:b8:cb:f2:5b:80:
2e:3e:4a:d4:85:8d:d5:09:cd:4f:7b:ba:d9:13:45:6f:84:36:
b2:c3:3e:7b:81:dd:a7:02:42:fa:4c:85:7b:50:2e:df:bc:99:
2f:0a:12:38:8d:2f:0a:77:29:12:93:9d:4f:f0:0e:da:49:40:
d2:42:36:6f:e2:11:42:98:d3:db:74:70:e2:94:88:d0:af:e4:
f1:b8:74:d2:86:67:14:a8:4a:b9:35:b1:0b:f9:1e:a6:3f:54:
69:3f:a9:5c:b6:a3:54:49:98:d8:0b:4b:1c:0b:7b:2d:f7:c8:
00:39:96:51:05:01:e4:a1:f2:db:a7:ff:1b:36:17:0a:f9:19:
d9:0d:c4:a1:2e:b9:42:e1:87:65:3b:fa:36:03:7a:d3:01:14:
17:9d:8f:4e:03:a5:36:f0:70:e4:fb:a1:da:25:a3:9a:02:a7:
e7:63:bd:6b:4b:42:8b:cc:be:12:31:a9:8a:90:c0:60:79:51:
a2:86:33:dc
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVrSjv5S5meE58NEg4Lc3s7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2Y2Y2U5ZGIwMjgwMDBiYjRmNTIzZTljNzdkNmU2ODI4YzI1OTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk91yovBJw6wM0QeRqmTnHWCUoIcH
1lS0n8M5gc3bwIeibDysnvc7QXuwn2QZBAsNLtgVwaK0JVPqa6sgOA1lvR/Joo0A
4EUSXVLu8/0LEkRc9nnIF0J+LKo9AGekGrs/ofcBIV79z63Npla0k9928TJgOHbC
uMhH/tDiPCqLDCN3e/0bMx0SeOmVUI9AZQDrfs0Ku3BjBzOISwPgGr5uBfg0NDrt
XpduzF0rk7fkcTP8grFpQz1XbJB1ba6FhMVYcQKjSZN+G2Ed9IlX2CHSSrrKdZ/h
J03emduRIQsOu+mXjdEcpMo5AdSUHAqcp27e0PlJGqib2lDJP2MAdjOOcwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIz2zp2wKAALtPUj6cd9bmgowllBMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvalBiT25iQW9BQXUwOVNQcHgzMXVhQ2pDV1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBJRI+AwQC
JRJgAwQCsqqcMAwDBAGyqrYDBAGyqrgwDAMEArx4JAMEArx4KDANBgkqhkiG9w0B
AQsFAAOCAQEAPd/tCKJGhKPatNQ+KjRYoy4UVKLt/oorke8nzXg+Ar5ymrpmrVkw
eAhHNtt7tqTBcd26dID3DRlZw1VtOJzT4O3TqLjL8luALj5K1IWN1QnNT3u62RNF
b4Q2ssM+e4HdpwJC+kyFe1Au37yZLwoSOI0vCncpEpOdT/AO2klA0kI2b+IRQpjT
23Rw4pSI0K/k8bh00oZnFKhKuTWxC/kepj9UaT+pXLajVEmY2AtLHAt7LffIADmW
UQUB5KHy26f/GzYXCvkZ2Q3EoS65QuGHZTv6NgN60wEUF52PTgOlNvBw5Puh2iWj
mgKn52O9a0tCi8y+EjGpipDAYHlRooYz3A==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:50 2024 by rpki-client on console-fra.rpki-client.org