Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/CJ9kgMK204ro0Hy8BVxRZFQNYzY.roa
File: CJ9kgMK204ro0Hy8BVxRZFQNYzY.roa (raw, json)
Hash identifier: jb7B4iCd+PVtcc9AXh1L//96AtR2m0CBsZhrdCBgcxs=
Subject key identifier: 08:9F:64:80:C2:B6:D3:8A:E8:D0:7C:BC:05:5C:51:64:54:0D:63:36
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018D0D1F77C9F262DED6E179572E070BF9D8
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/CJ9kgMK204ro0Hy8BVxRZFQNYzY.roa
Signing time: Mon 15 Jan 2024 12:36:22 +0000
ROA not before: Mon 15 Jan 2024 12:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 217.119.129.0/24 maxlen: 24
193.163.203.0/24 maxlen: 24
146.19.128.0/24 maxlen: 24
2a04:1bc0::/29 maxlen: 29
2a0f:cdc6:2001::/48 maxlen: 48
2a00:4080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 12 Feb 2024 17:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:1f:77:c9:f2:62:de:d6:e1:79:57:2e:07:0b:f9:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Jan 15 12:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=089f6480c2b6d38ae8d07cbc055c5164540d6336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:18:2e:68:18:32:10:4f:f5:98:3e:81:ff:3e:
54:1c:91:c4:6f:b0:42:19:48:04:6e:b5:05:03:59:
dc:23:fc:80:d6:be:1b:46:e1:b8:92:3b:6a:e5:c8:
71:6c:b3:fb:77:67:c1:6a:93:ea:88:fb:32:3f:8c:
16:a5:5d:be:a3:0e:b8:cd:31:7b:6c:75:4e:89:42:
c1:5f:08:12:53:b8:ce:d2:3f:7c:52:2e:fe:19:da:
1e:94:cd:61:d6:89:ba:d9:95:3c:7a:38:8d:55:9e:
7c:95:c9:5e:e5:de:d9:9d:c4:35:d8:5e:d4:b3:0c:
ce:85:66:6b:a2:1c:b7:b9:39:3b:2d:22:a5:10:ce:
f2:28:24:de:a9:3b:d2:d1:ba:8f:19:dc:ec:2e:67:
e4:37:4e:11:fb:0c:a6:4b:b7:f0:e1:40:02:07:9e:
c1:f2:34:86:85:f8:2a:32:a0:e1:7a:c4:67:d3:2a:
66:76:a0:39:f9:ef:c3:a3:57:df:b5:f9:77:b7:0c:
28:87:07:5f:05:e6:a9:e7:7a:da:80:a8:30:e7:c9:
7d:fd:05:96:58:65:62:53:33:25:78:b9:aa:a9:7f:
e8:51:73:63:0c:30:69:be:bf:fb:e5:0b:2f:51:7c:
80:e0:42:0a:30:07:c5:22:44:df:fa:cf:10:fa:e1:
9b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:9F:64:80:C2:B6:D3:8A:E8:D0:7C:BC:05:5C:51:64:54:0D:63:36
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/CJ9kgMK204ro0Hy8BVxRZFQNYzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.128.0/24
193.163.203.0/24
217.119.129.0/24
IPv6:
2a00:4080::/29
2a04:1bc0::/29
2a0f:cdc6:2001::/48
Signature Algorithm: sha256WithRSAEncryption
41:62:59:c3:99:12:c6:44:4e:53:b0:6a:b9:c9:0a:69:f3:93:
3b:96:0b:93:eb:58:8d:23:84:ea:25:85:83:14:d6:f7:0b:6a:
92:46:ee:1c:1d:6b:65:bb:41:22:c1:12:9c:e7:fb:55:64:a4:
75:50:a8:7f:13:f9:e7:cf:b5:71:92:88:e6:9d:e4:bc:16:f8:
63:ad:13:36:cb:04:34:e1:79:1c:e4:9f:44:be:ca:4e:d0:73:
eb:55:2e:ac:d8:08:9d:e0:05:0a:f0:29:c7:43:a6:25:4a:a0:
bf:f6:1a:b6:b2:a4:bb:3f:47:48:6d:a4:9a:88:a1:b4:df:e9:
92:84:eb:a4:42:b1:1d:6d:7b:2c:c5:67:75:34:21:3c:55:ff:
e3:45:2e:e2:9d:a4:0f:45:2e:1f:28:ad:c8:75:0d:ba:fc:0b:
4e:27:19:f4:29:fb:06:16:c1:b9:6c:be:3d:93:03:d7:1f:00:
60:29:73:50:df:39:57:f2:b1:89:e5:be:cf:d8:ae:04:e4:8c:
41:e6:85:7e:60:d2:98:b0:ba:d7:52:e3:d1:eb:24:95:12:af:
dc:4f:c8:fd:c6:ff:94:08:c0:69:0c:76:14:c0:53:39:b6:fb:
a4:b3:d9:93:52:29:74:46:09:f3:69:e7:8b:8f:89:f2:ab:46:
35:43:37:31
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY0NH3fJ8mLe1uF5Vy4HC/nYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwMTE1MTIzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODlmNjQ4MGMyYjZkMzhhZThkMDdjYmMwNTVjNTE2NDU0MGQ2MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBguaBgyEE/1mD6B/z5UHJHEb7BC
GUgEbrUFA1ncI/yA1r4bRuG4kjtq5chxbLP7d2fBapPqiPsyP4wWpV2+ow64zTF7
bHVOiULBXwgSU7jO0j98Ui7+GdoelM1h1om62ZU8ejiNVZ58lcle5d7ZncQ12F7U
swzOhWZrohy3uTk7LSKlEM7yKCTeqTvS0bqPGdzsLmfkN04R+wymS7fw4UACB57B
8jSGhfgqMqDhesRn0ypmdqA5+e/Do1fftfl3twwohwdfBeap53ragKgw58l9/QWW
WGViUzMleLmqqX/oUXNjDDBpvr/75QsvUXyA4EIKMAfFIkTf+s8Q+uGbOwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFAifZIDCttOK6NB8vAVcUWRUDWM2MB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvQ0o5a2dNSzIwNHJvMEh5OEJWeFJaRlFOWXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAYBAIAATASAwQAkhOAAwQA
waPLAwQA2XeBMB0EAgACMBcDBQMqAECAAwUDKgQbwAMHACoPzcYgATANBgkqhkiG
9w0BAQsFAAOCAQEAQWJZw5kSxkROU7BquckKafOTO5YLk+tYjSOE6iWFgxTW9wtq
kkbuHB1rZbtBIsESnOf7VWSkdVCofxP558+1cZKI5p3kvBb4Y60TNssENOF5HOSf
RL7KTtBz61UurNgIneAFCvApx0OmJUqgv/YatrKkuz9HSG2kmoihtN/pkoTrpEKx
HW17LMVndTQhPFX/40Uu4p2kD0UuHyityHUNuvwLTicZ9Cn7BhbBuWy+PZMD1x8A
YClzUN85V/KxieW+z9iuBOSMQeaFfmDSmLC611Lj0esklRKv3E/I/cb/lAjAaQx2
FMBTObb7pLPZk1IpdEYJ82nni4+J8qtGNUM3MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org