Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/6a8f0c-57a3-4496-9f9e-28653cc12368/1/jEu_xxsXCN-aOR4EdfskAexRTgs.roa
File: jEu_xxsXCN-aOR4EdfskAexRTgs.roa (raw, json)
Hash identifier: sFTYOosrm/J4S2ZE38zYLC2NFre8AR7BErxUKuEjVLk=
Subject key identifier: 8C:4B:BF:C7:1B:17:08:DF:9A:39:1E:04:75:FB:24:01:EC:51:4E:0B
Certificate issuer: /CN=b2fba356186c1dc5031c2fb20bc635491f878637
Certificate serial: 018C6927B9DCD834A14A6357550E7E591E80
Authority key identifier: B2:FB:A3:56:18:6C:1D:C5:03:1C:2F:B2:0B:C6:35:49:1F:87:86:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/svujVhhsHcUDHC-yC8Y1SR-Hhjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/6a8f0c-57a3-4496-9f9e-28653cc12368/1/jEu_xxsXCN-aOR4EdfskAexRTgs.roa
Signing time: Thu 14 Dec 2023 16:27:40 +0000
ROA not before: Thu 14 Dec 2023 16:27:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41827
IP address blocks: 185.168.164.0/22 maxlen: 24
185.95.132.0/22 maxlen: 24
2a05:f340::/29 maxlen: 29
2a0b:ea00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:69:27:b9:dc:d8:34:a1:4a:63:57:55:0e:7e:59:1e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2fba356186c1dc5031c2fb20bc635491f878637
Validity
Not Before: Dec 14 16:27:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c4bbfc71b1708df9a391e0475fb2401ec514e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:dc:a6:bd:99:28:60:16:a2:76:1c:15:ae:6d:
cc:0c:24:25:de:63:d8:72:10:8b:1c:57:92:62:9f:
a9:ec:81:7f:3c:33:02:02:b6:d6:91:09:3f:3f:a7:
3d:10:71:f2:2f:eb:b0:09:fa:8a:20:58:5c:36:1e:
8c:71:71:ba:b3:b3:24:7e:10:bf:98:ec:7d:5c:34:
14:27:76:76:f4:95:b1:c1:f1:2d:d5:23:f3:aa:d9:
79:c1:33:55:c7:17:4e:7c:a4:3e:bc:3e:39:97:19:
a0:85:d9:b1:fb:da:46:16:7c:f6:74:72:bd:82:36:
72:6e:a9:59:14:18:04:9f:9a:7f:8b:6e:f6:5d:01:
87:9f:3c:da:f8:24:cb:d3:eb:0c:22:dc:34:77:9a:
09:2a:3d:0e:93:a5:f4:00:3c:d6:f4:1b:03:82:8e:
59:39:8a:37:c0:f2:a6:69:65:ac:3f:f7:bf:9b:77:
e5:2f:87:b7:b6:53:4f:a5:a6:f6:b2:4d:48:ff:b2:
87:40:c7:14:c2:d1:ae:6d:95:c1:5b:b3:43:a3:35:
ed:2f:f6:09:04:15:b8:8e:64:ac:05:a4:40:dc:67:
a3:be:7f:e0:8e:19:cc:a8:c9:0d:41:b0:84:d1:e2:
91:53:99:69:83:ce:c7:dd:fd:a5:b3:d6:c9:3f:53:
b9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:4B:BF:C7:1B:17:08:DF:9A:39:1E:04:75:FB:24:01:EC:51:4E:0B
X509v3 Authority Key Identifier:
keyid:B2:FB:A3:56:18:6C:1D:C5:03:1C:2F:B2:0B:C6:35:49:1F:87:86:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/svujVhhsHcUDHC-yC8Y1SR-Hhjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/6a8f0c-57a3-4496-9f9e-28653cc12368/1/jEu_xxsXCN-aOR4EdfskAexRTgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/6a8f0c-57a3-4496-9f9e-28653cc12368/1/svujVhhsHcUDHC-yC8Y1SR-Hhjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.132.0/22
185.168.164.0/22
IPv6:
2a05:f340::/29
2a0b:ea00::/32
Signature Algorithm: sha256WithRSAEncryption
07:af:bf:16:0c:82:9b:18:fb:84:1c:bd:b7:e0:79:ff:c0:41:
09:a4:c4:f9:87:c3:b4:82:8b:b7:ef:1d:de:09:55:e2:78:d7:
83:4d:f4:66:eb:ba:3f:d8:e4:52:b5:0c:f0:0b:98:d2:8a:5f:
1f:9d:fc:6d:aa:ef:60:ba:73:07:79:2f:d8:bd:10:73:1e:a3:
95:af:66:6c:e9:f7:8e:1a:69:39:4c:15:79:fc:1a:59:33:05:
23:68:a9:fd:8d:a6:b7:5c:32:13:16:12:46:11:c0:00:00:61:
c3:f8:e9:cd:56:9f:89:be:f4:a4:8a:26:ef:18:fd:b0:6f:2c:
2b:f0:f4:7f:e0:eb:36:0d:a7:36:af:63:73:00:b1:8c:66:00:
1f:8e:ea:28:2e:b9:3f:fd:de:41:6a:a8:e2:73:b7:c2:d3:40:
c0:14:b4:92:60:bd:b3:5b:f6:9e:07:d5:f9:46:ed:1a:73:9e:
62:1b:96:fc:47:11:1a:d4:6a:68:af:44:8f:29:9e:1b:ec:a7:
af:78:24:ca:d8:4c:94:94:3d:bc:25:19:14:95:27:ae:50:52:
f9:04:43:2e:ce:80:1b:17:88:87:f9:69:b6:cb:95:e3:1e:37:
65:a8:e2:f6:ca:42:24:b9:5c:0f:90:a1:35:04:37:73:19:35:
3e:50:ba:82
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYxpJ7nc2DShSmNXVQ5+WR6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZmJhMzU2MTg2YzFkYzUwMzFjMmZiMjBiYzYzNTQ5MWY4
Nzg2MzcwHhcNMjMxMjE0MTYyNzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzRiYmZjNzFiMTcwOGRmOWEzOTFlMDQ3NWZiMjQwMWVjNTE0ZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdymvZkoYBaidhwVrm3MDCQl3mPY
chCLHFeSYp+p7IF/PDMCArbWkQk/P6c9EHHyL+uwCfqKIFhcNh6McXG6s7MkfhC/
mOx9XDQUJ3Z29JWxwfEt1SPzqtl5wTNVxxdOfKQ+vD45lxmghdmx+9pGFnz2dHK9
gjZybqlZFBgEn5p/i272XQGHnzza+CTL0+sMItw0d5oJKj0Ok6X0ADzW9BsDgo5Z
OYo3wPKmaWWsP/e/m3flL4e3tlNPpab2sk1I/7KHQMcUwtGubZXBW7NDozXtL/YJ
BBW4jmSsBaRA3Gejvn/gjhnMqMkNQbCE0eKRU5lpg87H3f2ls9bJP1O5ywIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIxLv8cbFwjfmjkeBHX7JAHsUU4LMB8GA1UdIwQY
MBaAFLL7o1YYbB3FAxwvsgvGNUkfh4Y3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Z1alZoaHNIY1VESEMteUM4WTFTUi1IaGpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82YThmMGMtNTdhMy00NDk2LTlmOWUt
Mjg2NTNjYzEyMzY4LzEvakV1X3h4c1hDTi1hT1I0RWRmc2tBZXhSVGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82YThmMGMtNTdhMy00NDk2LTlmOWUtMjg2NTNjYzEyMzY4
LzEvc3Z1alZoaHNIY1VESEMteUM4WTFTUi1IaGpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuV+EAwQC
uaikMBQEAgACMA4DBQMqBfNAAwUAKgvqADANBgkqhkiG9w0BAQsFAAOCAQEAB6+/
FgyCmxj7hBy9t+B5/8BBCaTE+YfDtIKLt+8d3glV4njXg030Zuu6P9jkUrUM8AuY
0opfH538barvYLpzB3kv2L0Qcx6jla9mbOn3jhppOUwVefwaWTMFI2ip/Y2mt1wy
ExYSRhHAAABhw/jpzVafib70pIom7xj9sG8sK/D0f+DrNg2nNq9jcwCxjGYAH47q
KC65P/3eQWqo4nO3wtNAwBS0kmC9s1v2ngfV+UbtGnOeYhuW/EcRGtRqaK9Ejyme
G+ynr3gkythMlJQ9vCUZFJUnrlBS+QRDLs6AGxeIh/lptsuV4x43Zaji9spCJLlc
D5ChNQQ3cxk1PlC6gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:35 2024 by rpki-client on console-fra.rpki-client.org