Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/JVsjlTK1xCYswh-qpksjkRtDWeU.roa
File: JVsjlTK1xCYswh-qpksjkRtDWeU.roa (raw, json)
Hash identifier: 5YyHD7iOoqpEEDya+FBsiJTgrLNnB6hT8BmyddJp0ZI=
Subject key identifier: 25:5B:23:95:32:B5:C4:26:2C:C2:1F:AA:A6:4B:23:91:1B:43:59:E5
Certificate issuer: /CN=b7c8df3da33938bf1b245f1c4479fd24dd9f94f0
Certificate serial: 018895F43F2A9B7628B12E43C368A14AD86E
Authority key identifier: B7:C8:DF:3D:A3:39:38:BF:1B:24:5F:1C:44:79:FD:24:DD:9F:94:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t8jfPaM5OL8bJF8cRHn9JN2flPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/JVsjlTK1xCYswh-qpksjkRtDWeU.roa
Signing time: Wed 07 Jun 2023 13:03:12 +0000
ROA not before: Wed 07 Jun 2023 13:03:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200064
IP address blocks: 185.238.164.0/24 maxlen: 24
185.238.166.0/24 maxlen: 24
185.238.165.0/24 maxlen: 24
185.238.164.0/22 maxlen: 22
185.238.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:f4:3f:2a:9b:76:28:b1:2e:43:c3:68:a1:4a:d8:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7c8df3da33938bf1b245f1c4479fd24dd9f94f0
Validity
Not Before: Jun 7 13:03:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=255b239532b5c4262cc21faaa64b23911b4359e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0e:30:8c:9a:2d:0d:86:bb:8e:3f:92:34:6d:
2f:bd:c1:d9:13:f0:f4:11:3d:ba:21:76:6b:3c:c0:
f7:ac:e2:32:4d:3f:28:4d:5a:a3:55:0f:25:3f:9f:
4c:c5:0e:14:a8:14:1b:80:93:9e:81:9c:72:8a:4f:
fc:76:89:63:71:46:49:71:34:1f:25:18:d0:9b:52:
de:cf:ba:7f:6d:7c:73:35:41:e5:9f:40:90:99:81:
a4:2c:6f:69:c6:cf:b3:88:37:30:ff:b8:0f:57:cc:
3f:17:9e:96:19:89:1d:f8:9f:77:27:24:0f:1b:65:
82:99:1b:f3:17:b7:32:83:ef:1b:aa:e0:85:ea:d3:
35:11:02:d8:ec:11:e9:b7:97:d5:17:82:3d:96:0f:
a2:15:c5:02:3d:08:1f:bd:52:29:2d:db:0b:63:35:
47:c2:d3:44:55:3a:ae:3e:84:e3:f9:10:7a:6e:8a:
08:d0:71:69:7b:c6:fd:09:c5:d9:b3:e9:4f:dc:dd:
f7:23:1e:56:d7:cf:05:1c:7e:05:6e:7c:c7:dc:d4:
ab:d5:3f:e7:59:b7:a1:f5:3a:fc:a5:db:3d:58:84:
90:ce:bf:cd:49:b8:25:03:f3:ee:8e:8a:08:0a:38:
1e:76:bc:55:2a:a4:a5:91:82:cb:2b:bc:94:af:df:
51:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5B:23:95:32:B5:C4:26:2C:C2:1F:AA:A6:4B:23:91:1B:43:59:E5
X509v3 Authority Key Identifier:
keyid:B7:C8:DF:3D:A3:39:38:BF:1B:24:5F:1C:44:79:FD:24:DD:9F:94:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t8jfPaM5OL8bJF8cRHn9JN2flPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/JVsjlTK1xCYswh-qpksjkRtDWeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/t8jfPaM5OL8bJF8cRHn9JN2flPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.164.0/22
Signature Algorithm: sha256WithRSAEncryption
71:b9:30:a0:e7:06:20:b3:9b:b6:e0:1a:c4:2d:53:15:e9:5a:
2c:0e:36:29:99:9f:3c:be:91:e4:27:30:77:8e:e4:de:cb:7a:
a4:80:b9:71:3d:8e:da:2d:bc:84:7e:e5:87:3c:11:2b:60:ea:
27:1d:97:29:f7:d1:8d:98:c7:3e:d6:47:f1:f0:01:d1:cd:62:
69:fc:88:e9:9a:e0:4c:97:52:f4:91:ba:0c:ab:3f:a9:32:b7:
20:00:fd:c2:e9:e8:06:d0:20:6f:c9:36:4f:be:b6:e0:16:f6:
16:e6:0c:85:6e:2e:1b:93:51:e0:d2:69:36:b3:f1:35:c2:10:
d5:8b:12:d7:4e:ea:6e:3e:41:a6:4a:45:fd:ef:5e:63:a0:84:
fb:a0:b1:f7:9d:35:c3:ff:a7:03:e2:a4:79:f6:40:35:6d:10:
18:8e:52:7a:b5:a9:0c:66:51:8f:a5:26:c3:ef:cc:80:84:7e:
1e:6f:95:10:68:f4:ba:2e:51:c4:0e:d3:2f:39:29:06:9d:71:
7a:40:0d:c0:53:c5:5b:49:71:0f:ca:99:b1:94:6e:81:5b:99:
c4:90:26:2d:21:2a:83:cd:50:52:3f:b3:98:b9:12:5e:83:9f:
77:af:7f:6d:8c:a0:46:da:fe:34:68:d4:8e:b5:66:cf:cd:64:
9f:42:13:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiV9D8qm3YosS5Dw2ihSthuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YzhkZjNkYTMzOTM4YmYxYjI0NWYxYzQ0NzlmZDI0ZGQ5
Zjk0ZjAwHhcNMjMwNjA3MTMwMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTViMjM5NTMyYjVjNDI2MmNjMjFmYWFhNjRiMjM5MTFiNDM1OWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ4wjJotDYa7jj+SNG0vvcHZE/D0
ET26IXZrPMD3rOIyTT8oTVqjVQ8lP59MxQ4UqBQbgJOegZxyik/8doljcUZJcTQf
JRjQm1Lez7p/bXxzNUHln0CQmYGkLG9pxs+ziDcw/7gPV8w/F56WGYkd+J93JyQP
G2WCmRvzF7cyg+8bquCF6tM1EQLY7BHpt5fVF4I9lg+iFcUCPQgfvVIpLdsLYzVH
wtNEVTquPoTj+RB6booI0HFpe8b9CcXZs+lP3N33Ix5W188FHH4FbnzH3NSr1T/n
Wbeh9Tr8pds9WISQzr/NSbglA/PujooICjgedrxVKqSlkYLLK7yUr99RDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCVbI5UytcQmLMIfqqZLI5EbQ1nlMB8GA1UdIwQY
MBaAFLfI3z2jOTi/GyRfHER5/STdn5TwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDhqZlBhTTVPTDhiSkY4Y1JIbjlKTjJmbFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny80ZGQxOTgtOTNjYi00NTljLWJlZTIt
MmQxZGFhMjk5ZTgzLzEvSlZzamxUSzF4Q1lzd2gtcXBrc2prUnREV2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny80ZGQxOTgtOTNjYi00NTljLWJlZTItMmQxZGFhMjk5ZTgz
LzEvdDhqZlBhTTVPTDhiSkY4Y1JIbjlKTjJmbFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue6kMA0G
CSqGSIb3DQEBCwUAA4IBAQBxuTCg5wYgs5u24BrELVMV6VosDjYpmZ88vpHkJzB3
juTey3qkgLlxPY7aLbyEfuWHPBErYOonHZcp99GNmMc+1kfx8AHRzWJp/IjpmuBM
l1L0kboMqz+pMrcgAP3C6egG0CBvyTZPvrbgFvYW5gyFbi4bk1Hg0mk2s/E1whDV
ixLXTupuPkGmSkX9715joIT7oLH3nTXD/6cD4qR59kA1bRAYjlJ6takMZlGPpSbD
78yAhH4eb5UQaPS6LlHEDtMvOSkGnXF6QA3AU8VbSXEPypmxlG6BW5nEkCYtISqD
zVBSP7OYuRJeg593r39tjKBG2v40aNSOtWbPzWSfQhNR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:44 2024 by rpki-client on console-ams.rpki-client.org