Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/JepKVCcYyYVujnVNpAmBLxKqlhQ.roa
File: JepKVCcYyYVujnVNpAmBLxKqlhQ.roa (raw, json)
Hash identifier: HE9CdvJp4Zl1WtUUOd08Lqma61NDJmc4osVU782zejE=
Subject key identifier: 25:EA:4A:54:27:18:C9:85:6E:8E:75:4D:A4:09:81:2F:12:AA:96:14
Certificate issuer: /CN=acf910f36291c3c224ddb596d956543197f163de
Certificate serial: 01856E145232D07CC2459C3DCF9609E9D07E
Authority key identifier: AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/JepKVCcYyYVujnVNpAmBLxKqlhQ.roa
Signing time: Sun 01 Jan 2023 16:05:03 +0000
ROA not before: Sun 01 Jan 2023 16:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 217.147.124.0/22 maxlen: 22
217.147.124.0/24 maxlen: 24
217.147.125.0/24 maxlen: 24
217.147.121.0/24 maxlen: 24
217.147.127.0/24 maxlen: 24
217.147.126.0/24 maxlen: 24
92.249.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:52:32:d0:7c:c2:45:9c:3d:cf:96:09:e9:d0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf910f36291c3c224ddb596d956543197f163de
Validity
Not Before: Jan 1 16:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25ea4a542718c9856e8e754da409812f12aa9614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bf:0e:21:25:e6:db:fc:60:9a:e2:b2:ea:e1:
b8:d8:9e:bd:1a:38:b5:a2:53:8e:23:d2:8e:16:17:
02:ed:4a:c9:72:9c:00:4c:94:10:ad:db:8a:af:52:
f2:ae:29:5c:67:da:b6:7e:b5:e7:94:0d:25:77:a5:
69:1e:f9:a4:b0:16:c8:6c:30:85:88:28:55:72:39:
d0:92:27:87:49:56:0b:3b:90:d2:b4:a8:d3:e8:2d:
20:b9:c0:91:a0:81:66:40:ab:8b:95:f3:f5:98:aa:
68:96:54:88:19:21:c0:75:e9:4f:a9:73:88:a1:37:
eb:5f:0e:38:61:d4:7f:3f:3b:d3:e3:a3:cf:96:b4:
3b:1e:51:77:26:15:67:08:a1:e9:47:5e:a7:37:a6:
db:36:39:80:c9:94:77:8e:2b:26:56:cd:4c:96:39:
12:86:cf:69:3a:57:ae:93:d2:b6:fa:8a:d3:ea:e9:
86:ec:7e:7b:3a:8a:64:40:56:c2:f2:8a:c3:d1:de:
ce:af:a9:78:1d:d5:78:fb:e9:ef:47:31:38:21:d2:
1c:73:3f:6a:72:bc:b8:45:b8:9a:3c:0a:a7:5e:af:
b9:9c:61:5e:2b:d1:7f:fe:74:8f:2d:b8:3f:53:5a:
eb:31:da:2b:da:0e:ea:97:53:da:9e:2c:3b:5f:d5:
87:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EA:4A:54:27:18:C9:85:6E:8E:75:4D:A4:09:81:2F:12:AA:96:14
X509v3 Authority Key Identifier:
keyid:AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/JepKVCcYyYVujnVNpAmBLxKqlhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.5.0/24
217.147.121.0/24
217.147.124.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:85:13:82:7c:7b:77:47:f6:85:65:4e:6f:5d:93:53:24:4b:
3e:66:3d:6f:60:f5:65:1e:f2:79:5d:bf:41:f3:68:76:7b:85:
97:11:3c:a9:03:65:11:b0:28:d3:a5:ad:65:47:d1:7d:08:47:
d5:f3:a9:5e:3c:00:c5:2c:e0:a2:c7:cb:71:b0:6b:ac:de:d3:
24:6f:46:b0:f1:cd:a6:b4:b2:a1:14:1d:6f:99:5b:86:26:9e:
df:b6:66:40:03:21:72:fa:7b:f0:1a:b8:81:5b:74:55:b8:91:
41:4a:d2:63:37:ac:f9:f4:b2:91:fe:0e:13:a0:f3:a0:f1:1a:
cd:6e:a2:af:1d:ba:b1:00:5b:18:15:70:36:90:f1:c9:1e:04:
57:65:84:09:a1:86:db:cb:88:a5:2c:a1:9f:45:d9:86:6a:1e:
4d:ca:8f:a7:09:2f:4a:dc:c5:57:59:db:45:de:ee:16:5f:57:
a8:3a:66:1a:f7:3c:2e:cc:f3:2b:eb:3d:79:aa:e3:6b:b1:97:
60:22:8e:86:29:77:a4:d0:8e:a7:85:75:7d:38:7c:3a:56:a0:
11:de:ec:98:d9:84:bf:41:79:3e:1d:ec:99:88:e7:fb:de:3b:
73:a5:39:2b:cf:56:c1:0d:b5:07:ee:08:13:ff:73:51:10:07:
2e:f1:af:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuFFIy0HzCRZw9z5YJ6dB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjkxMGYzNjI5MWMzYzIyNGRkYjU5NmQ5NTY1NDMxOTdm
MTYzZGUwHhcNMjMwMTAxMTYwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWVhNGE1NDI3MThjOTg1NmU4ZTc1NGRhNDA5ODEyZjEyYWE5NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwb8OISXm2/xgmuKy6uG42J69Gji1
olOOI9KOFhcC7UrJcpwATJQQrduKr1LyrilcZ9q2frXnlA0ld6VpHvmksBbIbDCF
iChVcjnQkieHSVYLO5DStKjT6C0gucCRoIFmQKuLlfP1mKpollSIGSHAdelPqXOI
oTfrXw44YdR/PzvT46PPlrQ7HlF3JhVnCKHpR16nN6bbNjmAyZR3jismVs1MljkS
hs9pOleuk9K2+orT6umG7H57OopkQFbC8orD0d7Or6l4HdV4++nvRzE4IdIccz9q
cry4RbiaPAqnXq+5nGFeK9F//nSPLbg/U1rrMdor2g7ql1Paniw7X9WHuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCXqSlQnGMmFbo51TaQJgS8SqpYUMB8GA1UdIwQY
MBaAFKz5EPNikcPCJN21ltlWVDGX8WPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQt
ZDNiNThmNjk4MTQ4LzEvSmVwS1ZDY1l5WVZ1am5WTnBBbUJMeEtxbGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xZjVlMDctMzJiNi00MTE0LThiMGQtZDNiNThmNjk4MTQ4
LzEvclBrUTgyS1J3OElrM2JXVzJWWlVNWmZ4WTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXPkFAwQA
2ZN5AwQC2ZN8MA0GCSqGSIb3DQEBCwUAA4IBAQCfhROCfHt3R/aFZU5vXZNTJEs+
Zj1vYPVlHvJ5Xb9B82h2e4WXETypA2URsCjTpa1lR9F9CEfV86lePADFLOCix8tx
sGus3tMkb0aw8c2mtLKhFB1vmVuGJp7ftmZAAyFy+nvwGriBW3RVuJFBStJjN6z5
9LKR/g4ToPOg8RrNbqKvHbqxAFsYFXA2kPHJHgRXZYQJoYbby4ilLKGfRdmGah5N
yo+nCS9K3MVXWdtF3u4WX1eoOmYa9zwuzPMr6z15quNrsZdgIo6GKXek0I6nhXV9
OHw6VqAR3uyY2YS/QXk+HeyZiOf73jtzpTkrz1bBDbUH7ggT/3NREAcu8a+O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org