Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/1e2316-1b5b-4ba5-937d-02864c58519c/1/JCyBKZj1JN80ocQ0A1wysrdq-PU.roa
File: JCyBKZj1JN80ocQ0A1wysrdq-PU.roa (raw, json)
Hash identifier: seG04liUNU22oVMz0BGi8cO0/+f5CchW5nInEby2K2M=
Subject key identifier: 24:2C:81:29:98:F5:24:DF:34:A1:C4:34:03:5C:32:B2:B7:6A:F8:F5
Certificate issuer: /CN=b278ed8f9780f29dafa22f9fdf03374da4980e94
Certificate serial: 01856D8AF90DBDEE2D5E55DA3A3113C71BD9
Authority key identifier: B2:78:ED:8F:97:80:F2:9D:AF:A2:2F:9F:DF:03:37:4D:A4:98:0E:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snjtj5eA8p2voi-f3wM3TaSYDpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/1e2316-1b5b-4ba5-937d-02864c58519c/1/JCyBKZj1JN80ocQ0A1wysrdq-PU.roa
Signing time: Sun 01 Jan 2023 13:35:02 +0000
ROA not before: Sun 01 Jan 2023 13:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59852
IP address blocks: 185.253.10.0/24 maxlen: 24
2a10:b4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f9:0d:bd:ee:2d:5e:55:da:3a:31:13:c7:1b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b278ed8f9780f29dafa22f9fdf03374da4980e94
Validity
Not Before: Jan 1 13:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=242c812998f524df34a1c434035c32b2b76af8f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ef:3b:5d:dd:44:c9:a7:f8:50:21:33:e5:4e:
87:59:20:b4:88:eb:a5:ff:3d:03:25:64:6e:2a:9c:
e8:15:95:52:d7:0f:f7:f7:19:41:30:a6:28:24:96:
f9:36:bb:6c:44:95:59:ff:29:88:89:80:ef:fb:b7:
a8:f1:6b:a8:ca:4e:a3:59:78:5a:33:aa:9e:10:05:
d9:42:66:f7:5f:89:d6:e9:ec:b5:f4:db:47:42:ca:
4b:8f:ea:2f:d6:be:68:5c:a3:8d:91:7d:6d:30:32:
3e:35:7e:12:e7:0e:c1:fb:e1:0c:36:95:b2:aa:6b:
47:b8:71:1d:16:51:fc:ab:08:02:bb:c2:a5:67:3e:
64:c0:e2:17:41:bd:cf:0c:2f:8c:9f:88:93:ac:d4:
1d:a0:77:5a:16:94:b3:d9:fd:af:34:4b:1e:40:7f:
1d:f5:80:d2:99:10:b8:92:d6:d0:f7:44:0c:c1:ff:
00:f3:df:4e:31:af:a4:aa:a1:9d:d5:1b:a2:d3:98:
d2:41:e3:6b:74:80:44:bc:18:47:cb:95:9f:08:bb:
2f:2b:46:0f:45:fb:f9:d3:31:b5:f8:6c:02:7a:3c:
9b:6e:77:07:18:9d:32:86:61:e2:56:17:38:98:d0:
d8:29:30:a1:de:d0:31:b2:5e:15:cb:dc:df:d5:56:
4d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2C:81:29:98:F5:24:DF:34:A1:C4:34:03:5C:32:B2:B7:6A:F8:F5
X509v3 Authority Key Identifier:
keyid:B2:78:ED:8F:97:80:F2:9D:AF:A2:2F:9F:DF:03:37:4D:A4:98:0E:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snjtj5eA8p2voi-f3wM3TaSYDpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/1e2316-1b5b-4ba5-937d-02864c58519c/1/JCyBKZj1JN80ocQ0A1wysrdq-PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/1e2316-1b5b-4ba5-937d-02864c58519c/1/snjtj5eA8p2voi-f3wM3TaSYDpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.10.0/24
IPv6:
2a10:b4c0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:51:14:bc:a9:16:c4:67:7c:1c:58:f5:c9:bf:fa:e2:7c:57:
11:6b:d2:b1:57:4c:b7:82:df:45:cb:8f:96:7b:0f:b3:1c:65:
e7:b3:10:9e:c8:e9:26:bd:d7:42:1a:e8:0c:29:d5:3e:7e:76:
30:84:69:a5:49:5a:7a:a0:90:01:69:55:e7:52:89:30:f5:4f:
dc:07:b2:db:e2:24:4c:81:31:69:a9:d9:c5:2b:0b:b5:82:1c:
26:30:2c:67:9f:f4:48:01:3c:ab:ef:cb:4f:29:38:06:02:7f:
58:7c:55:00:59:4c:df:76:d1:14:ec:84:df:d3:05:3e:1b:eb:
e7:c5:fd:b6:c5:15:e7:37:87:50:44:68:0d:0f:04:cb:fe:42:
5b:7a:eb:d1:4e:2a:28:45:25:ff:79:6b:82:3d:3e:e2:39:65:
91:15:fe:c7:f8:6f:02:7f:66:a2:87:55:6b:4f:93:b2:08:32:
b5:76:6a:3c:de:7b:b2:ea:74:75:b7:17:39:65:08:f7:e9:db:
53:73:62:6e:2c:7f:a5:b5:92:f9:4a:cc:76:b7:2a:ca:0d:11:
06:df:0d:9b:9a:6e:a8:2f:32:21:5c:c1:be:9f:30:59:c5:3c:
21:a8:85:5d:68:cf:78:8f:cf:86:be:6e:ce:84:22:b8:c5:b6:
9a:9e:c7:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtivkNve4tXlXaOjETxxvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzhlZDhmOTc4MGYyOWRhZmEyMmY5ZmRmMDMzNzRkYTQ5
ODBlOTQwHhcNMjMwMTAxMTMzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDJjODEyOTk4ZjUyNGRmMzRhMWM0MzQwMzVjMzJiMmI3NmFmOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO87Xd1Eyaf4UCEz5U6HWSC0iOul
/z0DJWRuKpzoFZVS1w/39xlBMKYoJJb5NrtsRJVZ/ymIiYDv+7eo8Wuoyk6jWXha
M6qeEAXZQmb3X4nW6ey19NtHQspLj+ov1r5oXKONkX1tMDI+NX4S5w7B++EMNpWy
qmtHuHEdFlH8qwgCu8KlZz5kwOIXQb3PDC+Mn4iTrNQdoHdaFpSz2f2vNEseQH8d
9YDSmRC4ktbQ90QMwf8A899OMa+kqqGd1Rui05jSQeNrdIBEvBhHy5WfCLsvK0YP
Rfv50zG1+GwCejybbncHGJ0yhmHiVhc4mNDYKTCh3tAxsl4Vy9zf1VZNLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCQsgSmY9STfNKHENANcMrK3avj1MB8GA1UdIwQY
MBaAFLJ47Y+XgPKdr6Ivn98DN02kmA6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25qdGo1ZUE4cDJ2b2ktZjN3TTNUYVNZRHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8xZTIzMTYtMWI1Yi00YmE1LTkzN2Qt
MDI4NjRjNTg1MTljLzEvSkN5QktaajFKTjgwb2NRMEExd3lzcmRxLVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8xZTIzMTYtMWI1Yi00YmE1LTkzN2QtMDI4NjRjNTg1MTlj
LzEvc25qdGo1ZUE4cDJ2b2ktZjN3TTNUYVNZRHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuf0KMA0E
AgACMAcDBQMqELTAMA0GCSqGSIb3DQEBCwUAA4IBAQBNURS8qRbEZ3wcWPXJv/ri
fFcRa9KxV0y3gt9Fy4+Wew+zHGXnsxCeyOkmvddCGugMKdU+fnYwhGmlSVp6oJAB
aVXnUokw9U/cB7Lb4iRMgTFpqdnFKwu1ghwmMCxnn/RIATyr78tPKTgGAn9YfFUA
WUzfdtEU7ITf0wU+G+vnxf22xRXnN4dQRGgNDwTL/kJbeuvRTiooRSX/eWuCPT7i
OWWRFf7H+G8Cf2aih1VrT5OyCDK1dmo83nuy6nR1txc5ZQj36dtTc2JuLH+ltZL5
Ssx2tyrKDREG3w2bmm6oLzIhXMG+nzBZxTwhqIVdaM94j8+Gvm7OhCK4xbaansd+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:44 2024 by rpki-client on console-fra.rpki-client.org