Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/jgE-UwmXo-DIunGMN4R3nfwQbo4.roa
File: jgE-UwmXo-DIunGMN4R3nfwQbo4.roa (raw, json)
Hash identifier: why+5seXrQqkUAWHaBCNxu+/7FtssEkt5UfTIGPSGJk=
Subject key identifier: 8E:01:3E:53:09:97:A3:E0:C8:BA:71:8C:37:84:77:9D:FC:10:6E:8E
Certificate issuer: /CN=0cbbd0114d97196750d48c5e1256ed055a5e9e2c
Certificate serial: 01856C4A497B7A43B5E28473851F9D381540
Authority key identifier: 0C:BB:D0:11:4D:97:19:67:50:D4:8C:5E:12:56:ED:05:5A:5E:9E:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/jgE-UwmXo-DIunGMN4R3nfwQbo4.roa
Signing time: Sun 01 Jan 2023 07:44:45 +0000
ROA not before: Sun 01 Jan 2023 07:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60671
IP address blocks: 185.27.41.0/24 maxlen: 24
185.27.40.0/24 maxlen: 24
185.27.40.0/23 maxlen: 23
2a04:33c0::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:49:7b:7a:43:b5:e2:84:73:85:1f:9d:38:15:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cbbd0114d97196750d48c5e1256ed055a5e9e2c
Validity
Not Before: Jan 1 07:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e013e530997a3e0c8ba718c3784779dfc106e8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9b:d1:cd:c3:5e:19:f9:2b:d5:c4:db:83:46:
02:3e:47:04:34:67:e9:62:a7:91:98:ba:42:16:0e:
66:e7:e8:32:2e:92:be:7a:af:52:88:f2:08:3e:17:
98:41:8a:ff:e5:cb:10:fc:b3:35:cf:4f:4a:b1:61:
5f:0e:43:48:90:8c:34:88:4e:55:37:be:7f:89:84:
b1:19:2b:28:ed:ce:10:d5:86:d0:b5:c3:5f:99:6c:
bd:9e:49:db:2f:c2:5a:fc:db:7c:1c:c0:56:bb:28:
41:90:e6:8e:fd:07:45:e4:41:3f:6d:ff:50:41:e7:
0a:27:ec:48:f7:cc:fa:25:94:26:30:6e:1f:b5:07:
f9:57:f2:8d:55:be:86:f2:a5:94:4a:fc:31:48:49:
7f:ab:ad:45:a1:84:9b:02:5d:53:d5:d1:e0:21:9c:
85:32:ff:a9:56:3c:f0:ef:9f:a3:a2:66:8a:4b:6b:
34:d6:30:22:05:6e:7e:9b:95:76:83:cd:f0:9b:42:
a8:c6:88:61:cd:01:48:53:e8:13:0c:f8:cf:03:a5:
bb:31:ad:81:6b:12:6e:3f:0c:41:58:c0:6c:08:53:
19:4f:85:5d:64:74:3f:36:24:31:fa:b2:8c:4d:9b:
44:c5:31:02:ff:10:15:0a:8f:61:9f:05:73:5e:55:
20:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:01:3E:53:09:97:A3:E0:C8:BA:71:8C:37:84:77:9D:FC:10:6E:8E
X509v3 Authority Key Identifier:
keyid:0C:BB:D0:11:4D:97:19:67:50:D4:8C:5E:12:56:ED:05:5A:5E:9E:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/jgE-UwmXo-DIunGMN4R3nfwQbo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/DLvQEU2XGWdQ1IxeElbtBVpeniw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.40.0/23
IPv6:
2a04:33c0::/40
Signature Algorithm: sha256WithRSAEncryption
4e:47:3c:88:fd:ec:b9:75:07:fa:eb:e8:74:ed:5b:99:45:ff:
2c:80:9b:67:b3:4b:2d:47:f1:26:4c:f8:e9:cd:17:ce:7a:ae:
5a:66:f2:8e:92:53:ed:61:48:45:8e:cc:4a:83:8a:cf:31:2e:
fc:b0:2e:da:19:43:64:4a:07:8f:3f:1e:bf:e3:36:95:20:c1:
b2:39:3c:3b:e4:a5:70:95:f2:15:59:16:c1:a2:fd:7a:f1:31:
6a:c5:95:08:0f:9d:a2:5b:e4:4b:db:2f:b2:28:7e:16:ed:d1:
69:21:31:04:63:6a:7d:2d:81:69:00:68:b1:78:38:7c:f5:60:
3c:9b:11:20:a0:ee:5a:cb:4b:a7:7a:7c:14:06:04:2f:dc:51:
9b:46:14:4b:24:ab:ca:35:8d:a9:93:ee:f2:a8:51:6a:3c:8c:
51:39:59:4a:3f:56:1f:dc:1e:32:71:3a:e5:24:5a:6f:06:cf:
e2:e2:4b:62:e2:43:da:6a:9f:89:7e:09:22:e8:51:98:9e:6b:
20:17:e5:38:b4:34:34:ae:22:8f:09:fb:21:76:bd:3e:9e:20:
52:a5:31:f3:10:2b:b5:2c:6b:44:67:96:56:fa:9a:46:22:b2:
b5:93:31:93:6f:5b:dc:a8:d4:fe:e4:ec:9a:3c:e6:7a:ba:0b:
88:24:61:0e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVsSkl7ekO14oRzhR+dOBVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjYmJkMDExNGQ5NzE5Njc1MGQ0OGM1ZTEyNTZlZDA1NWE1
ZTllMmMwHhcNMjMwMTAxMDc0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTAxM2U1MzA5OTdhM2UwYzhiYTcxOGMzNzg0Nzc5ZGZjMTA2ZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZvRzcNeGfkr1cTbg0YCPkcENGfp
YqeRmLpCFg5m5+gyLpK+eq9SiPIIPheYQYr/5csQ/LM1z09KsWFfDkNIkIw0iE5V
N75/iYSxGSso7c4Q1YbQtcNfmWy9nknbL8Ja/Nt8HMBWuyhBkOaO/QdF5EE/bf9Q
QecKJ+xI98z6JZQmMG4ftQf5V/KNVb6G8qWUSvwxSEl/q61FoYSbAl1T1dHgIZyF
Mv+pVjzw75+jomaKS2s01jAiBW5+m5V2g83wm0KoxohhzQFIU+gTDPjPA6W7Ma2B
axJuPwxBWMBsCFMZT4VdZHQ/NiQx+rKMTZtExTEC/xAVCo9hnwVzXlUg+QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFI4BPlMJl6PgyLpxjDeEd538EG6OMB8GA1UdIwQY
MBaAFAy70BFNlxlnUNSMXhJW7QVaXp4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREx2UUVVMlhHV2RRMUl4ZUVsYnRCVnBlbml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yYTFiNGUtZDc1NC00NDNjLWEzNjAt
YWZiNTY2Y2RmYWM2LzEvamdFLVV3bVhvLURJdW5HTU40UjNuZndRYm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yYTFiNGUtZDc1NC00NDNjLWEzNjAtYWZiNTY2Y2RmYWM2
LzEvREx2UUVVMlhHV2RRMUl4ZUVsYnRCVnBlbml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuRsoMA4E
AgACMAgDBgAqBDPAADANBgkqhkiG9w0BAQsFAAOCAQEATkc8iP3suXUH+uvodO1b
mUX/LICbZ7NLLUfxJkz46c0XznquWmbyjpJT7WFIRY7MSoOKzzEu/LAu2hlDZEoH
jz8ev+M2lSDBsjk8O+SlcJXyFVkWwaL9evExasWVCA+dolvkS9svsih+Fu3RaSEx
BGNqfS2BaQBosXg4fPVgPJsRIKDuWstLp3p8FAYEL9xRm0YUSySryjWNqZPu8qhR
ajyMUTlZSj9WH9weMnE65SRabwbP4uJLYuJD2mqfiX4JIuhRmJ5rIBflOLQ0NK4i
jwn7IXa9Pp4gUqUx8xArtSxrRGeWVvqaRiKytZMxk29b3KjU/uTsmjzmeroLiCRh
Dg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:47 2024 by rpki-client on console-ams.rpki-client.org