Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/97744d-5988-46ae-82f1-64187e30435b/1/JcIh2V40HcDknJbOSn6E_KvyhwY.roa
File: JcIh2V40HcDknJbOSn6E_KvyhwY.roa (raw, json)
Hash identifier: cbDM5KUSh4fwosHDgG8EqwbP7eQu3IlR/rgl3Oxj8/4=
Subject key identifier: 25:C2:21:D9:5E:34:1D:C0:E4:9C:96:CE:4A:7E:84:FC:AB:F2:87:06
Certificate issuer: /CN=be2f2ccf1baa39033ec76a586f846a36218f209d
Certificate serial: 01856C6F2CA9EDDD467C9486D07620B7AB00
Authority key identifier: BE:2F:2C:CF:1B:AA:39:03:3E:C7:6A:58:6F:84:6A:36:21:8F:20:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vi8szxuqOQM-x2pYb4RqNiGPIJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/97744d-5988-46ae-82f1-64187e30435b/1/JcIh2V40HcDknJbOSn6E_KvyhwY.roa
Signing time: Sun 01 Jan 2023 08:25:03 +0000
ROA not before: Sun 01 Jan 2023 08:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39382
IP address blocks: 159.255.200.0/21 maxlen: 21
195.234.116.0/22 maxlen: 22
2a03:8680::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:2c:a9:ed:dd:46:7c:94:86:d0:76:20:b7:ab:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be2f2ccf1baa39033ec76a586f846a36218f209d
Validity
Not Before: Jan 1 08:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25c221d95e341dc0e49c96ce4a7e84fcabf28706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4b:e7:50:82:37:58:ed:06:b1:20:74:b1:6e:
e5:bb:cd:0e:a8:72:2d:ec:d1:da:6c:75:b2:c7:a7:
29:0e:ac:73:57:8c:96:7a:a5:54:a8:2f:24:b8:dc:
41:97:9b:24:53:99:d6:17:7b:66:9e:cc:89:1e:df:
bf:b1:41:ad:9b:41:03:db:52:21:40:aa:a4:82:0f:
0d:14:31:80:d2:98:2c:06:9d:b9:46:6c:3f:46:bb:
70:97:c2:9b:85:d0:94:8e:32:77:f1:8e:ca:73:8c:
8a:5e:79:91:72:21:9e:d0:5b:e5:1b:68:d0:b5:73:
c0:59:23:2a:bd:e5:98:ac:a3:97:23:20:60:68:85:
2a:7c:81:ad:9f:f5:11:72:31:0e:34:f7:fb:3a:3f:
4a:bd:a3:3d:c1:c9:90:50:56:3c:db:bc:a3:04:c5:
f9:30:a6:3d:92:65:70:f6:9b:bb:82:b1:c8:b2:cd:
91:c0:d7:43:90:05:45:11:33:46:2e:2b:a8:38:02:
6e:7e:13:df:8a:21:a1:36:b2:0d:8e:6f:a4:09:82:
31:f9:f2:e8:0b:07:f3:7c:8d:0f:cb:ed:33:63:9e:
b6:fe:bc:c3:4c:b2:95:9c:ac:c7:bf:37:3b:22:5c:
cd:ea:b5:2d:08:d3:aa:b7:11:18:d1:de:75:3b:aa:
58:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C2:21:D9:5E:34:1D:C0:E4:9C:96:CE:4A:7E:84:FC:AB:F2:87:06
X509v3 Authority Key Identifier:
keyid:BE:2F:2C:CF:1B:AA:39:03:3E:C7:6A:58:6F:84:6A:36:21:8F:20:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vi8szxuqOQM-x2pYb4RqNiGPIJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/97744d-5988-46ae-82f1-64187e30435b/1/JcIh2V40HcDknJbOSn6E_KvyhwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/97744d-5988-46ae-82f1-64187e30435b/1/vi8szxuqOQM-x2pYb4RqNiGPIJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.200.0/21
195.234.116.0/22
IPv6:
2a03:8680::/32
Signature Algorithm: sha256WithRSAEncryption
54:1a:3e:d8:55:12:f3:d1:9a:fd:1c:87:67:14:7a:8a:53:10:
00:fa:60:d1:d6:a4:6a:72:aa:bc:20:1d:6a:ec:db:9c:08:27:
0a:42:5a:81:2f:2e:87:72:3b:fe:ca:aa:f3:0d:b1:ea:86:c2:
95:82:02:1a:4d:27:ad:12:db:44:a7:0a:53:2a:fd:18:08:73:
45:47:63:9a:cd:70:3d:0f:b6:f8:ca:a7:b7:e0:09:98:87:1b:
41:fb:1f:76:ac:23:e3:04:6b:10:f0:9f:4a:5c:ad:fe:07:42:
4f:cc:54:c0:d3:37:46:45:69:5a:c8:91:64:99:96:c6:55:6d:
18:9a:14:29:e8:ba:2c:17:c5:6c:68:97:cd:b8:bb:c8:dc:16:
ac:f9:eb:42:e3:ac:07:c8:e4:83:f4:25:de:26:fc:03:ef:44:
46:56:c7:b8:d4:a6:b6:03:12:30:50:9a:88:3f:ef:78:20:ca:
7c:2f:2c:02:22:51:d8:fe:3a:4f:1a:31:78:d4:5c:04:d4:06:
4c:5c:4c:c6:7e:13:fa:14:06:fd:f5:fa:cb:e5:13:45:05:38:
94:b8:6e:64:96:58:9d:3b:4e:a1:67:a0:40:1c:5b:23:20:33:
be:04:36:31:98:41:c2:e7:64:29:0e:56:42:61:8b:c1:ba:80:
96:8c:ce:7e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsbyyp7d1GfJSG0HYgt6sAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMmYyY2NmMWJhYTM5MDMzZWM3NmE1ODZmODQ2YTM2MjE4
ZjIwOWQwHhcNMjMwMTAxMDgyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWMyMjFkOTVlMzQxZGMwZTQ5Yzk2Y2U0YTdlODRmY2FiZjI4NzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kvnUII3WO0GsSB0sW7lu80OqHIt
7NHabHWyx6cpDqxzV4yWeqVUqC8kuNxBl5skU5nWF3tmnsyJHt+/sUGtm0ED21Ih
QKqkgg8NFDGA0pgsBp25Rmw/Rrtwl8KbhdCUjjJ38Y7Kc4yKXnmRciGe0FvlG2jQ
tXPAWSMqveWYrKOXIyBgaIUqfIGtn/URcjEONPf7Oj9KvaM9wcmQUFY827yjBMX5
MKY9kmVw9pu7grHIss2RwNdDkAVFETNGLiuoOAJufhPfiiGhNrINjm+kCYIx+fLo
CwfzfI0Py+0zY562/rzDTLKVnKzHvzc7IlzN6rUtCNOqtxEY0d51O6pYtQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCXCIdleNB3A5JyWzkp+hPyr8ocGMB8GA1UdIwQY
MBaAFL4vLM8bqjkDPsdqWG+EajYhjyCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmk4c3p4dXFPUU0teDJwWWI0UnFOaUdQSUowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85Nzc0NGQtNTk4OC00NmFlLTgyZjEt
NjQxODdlMzA0MzViLzEvSmNJaDJWNDBIY0RrbkpiT1NuNkVfS3Z5aHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85Nzc0NGQtNTk4OC00NmFlLTgyZjEtNjQxODdlMzA0MzVi
LzEvdmk4c3p4dXFPUU0teDJwWWI0UnFOaUdQSUowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDn//IAwQC
w+p0MA0EAgACMAcDBQAqA4aAMA0GCSqGSIb3DQEBCwUAA4IBAQBUGj7YVRLz0Zr9
HIdnFHqKUxAA+mDR1qRqcqq8IB1q7NucCCcKQlqBLy6Hcjv+yqrzDbHqhsKVggIa
TSetEttEpwpTKv0YCHNFR2OazXA9D7b4yqe34AmYhxtB+x92rCPjBGsQ8J9KXK3+
B0JPzFTA0zdGRWlayJFkmZbGVW0YmhQp6LosF8VsaJfNuLvI3Bas+etC46wHyOSD
9CXeJvwD70RGVse41Ka2AxIwUJqIP+94IMp8LywCIlHY/jpPGjF41FwE1AZMXEzG
fhP6FAb99frL5RNFBTiUuG5kllidO06hZ6BAHFsjIDO+BDYxmEHC52QpDlZCYYvB
uoCWjM5+
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:35 2024 by rpki-client on console-ams.rpki-client.org