Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/JqjWYNiixArITTezhl4R2hB56yk.roa
File: JqjWYNiixArITTezhl4R2hB56yk.roa (raw, json)
Hash identifier: NZwSNfqC/ijqUD9lf32RjFjxMlg/Mg6mggwkPOfNpCU=
Subject key identifier: 26:A8:D6:60:D8:A2:C4:0A:C8:4D:37:B3:86:5E:11:DA:10:79:EB:29
Certificate issuer: /CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
Certificate serial: 018570DE6D29CC43A4FD48571C9FB5981EC2
Authority key identifier: EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/JqjWYNiixArITTezhl4R2hB56yk.roa
Signing time: Mon 02 Jan 2023 05:05:03 +0000
ROA not before: Mon 02 Jan 2023 05:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8251
IP address blocks: 212.79.96.0/20 maxlen: 20
31.47.96.0/20 maxlen: 20
185.99.64.0/22 maxlen: 22
81.201.48.0/21 maxlen: 21
81.201.56.0/21 maxlen: 21
81.201.48.175/32 maxlen: 32
78.108.96.0/20 maxlen: 20
2a01:490::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:6d:29:cc:43:a4:fd:48:57:1c:9f:b5:98:1e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
Validity
Not Before: Jan 2 05:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26a8d660d8a2c40ac84d37b3865e11da1079eb29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7a:6d:c8:40:55:d7:58:55:60:33:ef:97:a6:
cd:7c:3e:57:61:98:f6:fb:6f:ba:47:fe:c8:4f:68:
7f:2d:72:fd:73:92:17:f0:a0:9a:9b:a7:a8:ae:ec:
5d:a3:bd:25:d5:56:fe:b2:5c:f2:a4:0f:e9:72:69:
bd:4b:ec:61:7b:71:f5:61:b6:65:06:06:23:90:c8:
da:44:3f:7c:e4:cd:79:88:7e:80:76:a8:71:88:b4:
09:0c:b4:8a:97:84:58:ec:ca:2a:ef:5a:93:bd:5e:
7e:82:20:b7:07:fd:2a:d2:4f:df:ee:dc:d5:00:f4:
bb:43:f7:dd:b4:ed:e6:c0:d2:f0:91:78:42:59:06:
c7:23:8d:eb:e0:57:3e:8b:07:c2:ec:b3:c0:1b:c8:
30:a9:7b:6d:1b:49:38:4c:b7:c8:da:a5:96:38:b6:
6c:a7:96:7b:32:a8:59:6b:2c:51:19:45:7b:ef:dc:
6a:e1:da:7a:91:5a:03:e8:69:6e:56:e0:4f:dc:f1:
be:1e:46:34:f0:c6:f0:e0:60:6e:8f:c9:17:64:2e:
1a:dc:c9:27:33:19:84:64:18:4a:18:35:e0:83:42:
65:7c:9c:f9:75:66:87:b9:b3:87:2f:c1:06:95:b4:
9a:67:66:af:18:35:5f:32:20:4f:ee:42:9b:2b:a6:
bf:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:A8:D6:60:D8:A2:C4:0A:C8:4D:37:B3:86:5E:11:DA:10:79:EB:29
X509v3 Authority Key Identifier:
keyid:EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/JqjWYNiixArITTezhl4R2hB56yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/71CC03-8gZmL_PlIpbvdpj7f3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.96.0/20
78.108.96.0/20
81.201.48.0/20
185.99.64.0/22
212.79.96.0/20
IPv6:
2a01:490::/32
Signature Algorithm: sha256WithRSAEncryption
8e:66:94:6c:fd:5c:a1:4f:2d:ec:2f:89:11:3b:40:72:c5:7b:
38:4c:18:13:60:4b:04:61:b8:3a:f0:9e:cc:1b:27:43:6f:f1:
c4:0e:10:ad:b7:07:f1:8f:06:55:47:11:39:07:a2:7b:2c:27:
2a:4f:e6:3e:2f:85:55:32:71:28:ef:9a:bf:c1:52:44:f1:4c:
8d:51:8c:b7:2c:bf:ee:bc:6f:9b:51:1a:8d:a3:e6:1b:b0:20:
8e:0d:21:c0:fa:04:8d:40:2b:f3:69:9a:fe:b1:6c:1d:85:b4:
03:e0:db:4c:e1:e2:02:12:4f:77:fd:a0:c8:d6:5f:ca:4d:1b:
e7:45:54:f1:70:c8:38:c0:dd:65:8a:12:4f:8f:a3:ee:fa:14:
6e:c5:55:bc:54:9e:13:cf:b4:18:f4:fd:d0:bb:53:80:d3:83:
ed:ec:9a:d7:15:8c:41:52:0d:3a:0e:05:57:52:5c:4b:a4:41:
6f:b6:56:a2:59:29:9d:df:80:5a:77:14:f3:3e:19:7c:f5:47:
84:db:6b:6c:d5:23:a5:59:dd:a7:74:5e:f3:39:7f:59:32:81:
3f:69:fb:cc:88:e8:02:bc:a6:da:67:e7:87:3d:00:20:6c:cb:
4e:8b:95:a4:43:65:80:81:f2:40:7f:e7:a9:bc:a4:62:f4:62:
af:b6:dd:8b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVw3m0pzEOk/UhXHJ+1mB7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTA4MmQzN2ZiYzgxOTk4YmZjZjk0OGE1YmJkZGE2M2Vk
ZmRlZTAwHhcNMjMwMTAyMDUwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmE4ZDY2MGQ4YTJjNDBhYzg0ZDM3YjM4NjVlMTFkYTEwNzllYjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nptyEBV11hVYDPvl6bNfD5XYZj2
+2+6R/7IT2h/LXL9c5IX8KCam6eoruxdo70l1Vb+slzypA/pcmm9S+xhe3H1YbZl
BgYjkMjaRD985M15iH6AdqhxiLQJDLSKl4RY7Moq71qTvV5+giC3B/0q0k/f7tzV
APS7Q/fdtO3mwNLwkXhCWQbHI43r4Fc+iwfC7LPAG8gwqXttG0k4TLfI2qWWOLZs
p5Z7MqhZayxRGUV779xq4dp6kVoD6GluVuBP3PG+HkY08Mbw4GBuj8kXZC4a3Mkn
MxmEZBhKGDXgg0JlfJz5dWaHubOHL8EGlbSaZ2avGDVfMiBP7kKbK6a/hQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCao1mDYosQKyE03s4ZeEdoQeespMB8GA1UdIwQY
MBaAFO9QgtN/vIGZi/z5SKW73aY+397gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFDQzAzLThnWm1MX1BsSXBidmRwajdmM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wYzNjNGQtMDFkMi00NDBhLWE1MWYt
OTE5NWQwMmRlZDU1LzEvSnFqV1lOaWl4QXJJVFRlemhsNFIyaEI1NnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wYzNjNGQtMDFkMi00NDBhLWE1MWYtOTE5NWQwMmRlZDU1
LzEvNzFDQzAzLThnWm1MX1BsSXBidmRwajdmM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEHy9gAwQE
TmxgAwQEUckwAwQCuWNAAwQE1E9gMA0EAgACMAcDBQAqAQSQMA0GCSqGSIb3DQEB
CwUAA4IBAQCOZpRs/VyhTy3sL4kRO0ByxXs4TBgTYEsEYbg68J7MGydDb/HEDhCt
twfxjwZVRxE5B6J7LCcqT+Y+L4VVMnEo75q/wVJE8UyNUYy3LL/uvG+bURqNo+Yb
sCCODSHA+gSNQCvzaZr+sWwdhbQD4NtM4eICEk93/aDI1l/KTRvnRVTxcMg4wN1l
ihJPj6Pu+hRuxVW8VJ4Tz7QY9P3Qu1OA04Pt7JrXFYxBUg06DgVXUlxLpEFvtlai
WSmd34BadxTzPhl89UeE22ts1SOlWd2ndF7zOX9ZMoE/afvMiOgCvKbaZ+eHPQAg
bMtOi5WkQ2WAgfJAf+epvKRi9GKvtt2L
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:36 2024 by rpki-client on console-ams.rpki-client.org