Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/552dd8-ceb4-4617-9e9c-0f7ef4e97458/1/Jyu-iPGjPrC1stZXXW-1grZo2GQ.roa
File: Jyu-iPGjPrC1stZXXW-1grZo2GQ.roa (raw, json)
Hash identifier: V6qvYUXULFKdTEMFd4Ik4TPEVrETkz2hg6ztepW1z1Q=
Subject key identifier: 27:2B:BE:88:F1:A3:3E:B0:B5:B2:D6:57:5D:6F:B5:82:B6:68:D8:64
Certificate issuer: /CN=854c10240f850dfc0d5957a8d5ad4e184adb0057
Certificate serial: 018CB4F3AF6ED482C11CD0452A132C64B424
Authority key identifier: 85:4C:10:24:0F:85:0D:FC:0D:59:57:A8:D5:AD:4E:18:4A:DB:00:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUwQJA-FDfwNWVeo1a1OGErbAFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/552dd8-ceb4-4617-9e9c-0f7ef4e97458/1/Jyu-iPGjPrC1stZXXW-1grZo2GQ.roa
Signing time: Fri 29 Dec 2023 09:41:58 +0000
ROA not before: Fri 29 Dec 2023 09:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59456
IP address blocks: 212.52.3.0/24 maxlen: 24
185.55.24.0/22 maxlen: 22
2a01:8cc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:f3:af:6e:d4:82:c1:1c:d0:45:2a:13:2c:64:b4:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c10240f850dfc0d5957a8d5ad4e184adb0057
Validity
Not Before: Dec 29 09:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=272bbe88f1a33eb0b5b2d6575d6fb582b668d864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bc:94:ac:da:68:6f:b6:33:ff:9b:0c:c2:83:
68:ae:23:6f:b3:af:d1:87:c1:b9:08:60:ac:29:c0:
d6:fc:ca:47:00:26:fe:28:61:45:2c:9a:86:90:e0:
a8:0f:ad:97:ed:b9:8e:aa:59:33:a6:6a:fd:fa:75:
d6:3d:f2:a5:33:82:62:be:1a:be:05:f7:83:fe:3b:
f8:1b:02:5b:df:d0:9d:8e:35:a1:f2:ea:31:f1:4d:
83:4c:4f:03:a7:65:db:71:be:ad:b7:c9:d6:36:05:
75:50:68:e7:65:12:9e:a6:1c:33:9d:2e:d6:35:4b:
3f:20:eb:b7:e3:2d:e0:57:3e:8c:be:68:94:c5:31:
40:5d:3d:01:1f:02:0b:2e:d8:26:ac:3d:4b:8a:23:
22:08:18:51:7a:56:3c:ab:8f:bc:b9:d4:3d:e1:53:
4e:d3:c1:3a:77:36:0f:83:00:58:9a:f9:aa:f1:39:
1c:dc:e9:17:53:8c:4f:a9:3e:d3:04:8c:6b:8b:ab:
76:e9:39:6a:94:11:f4:24:ae:0b:57:60:f7:01:2d:
18:26:d8:b2:ab:58:9a:d0:3f:27:e0:94:03:0a:ab:
88:9b:a9:d5:e2:b2:c8:65:43:0d:03:9d:18:a2:e1:
7c:e8:bb:d0:50:6f:f9:ee:f5:9e:2d:a6:45:6f:3b:
b0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:2B:BE:88:F1:A3:3E:B0:B5:B2:D6:57:5D:6F:B5:82:B6:68:D8:64
X509v3 Authority Key Identifier:
keyid:85:4C:10:24:0F:85:0D:FC:0D:59:57:A8:D5:AD:4E:18:4A:DB:00:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUwQJA-FDfwNWVeo1a1OGErbAFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/552dd8-ceb4-4617-9e9c-0f7ef4e97458/1/Jyu-iPGjPrC1stZXXW-1grZo2GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/552dd8-ceb4-4617-9e9c-0f7ef4e97458/1/hUwQJA-FDfwNWVeo1a1OGErbAFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.24.0/22
212.52.3.0/24
IPv6:
2a01:8cc0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:d5:df:06:bc:bb:dd:23:66:9b:c8:ea:eb:d2:b2:76:ff:ad:
74:09:ee:c6:55:9b:07:25:e9:ae:86:c8:97:81:bb:76:1c:8d:
4c:5f:bf:00:4b:05:b1:35:43:03:56:4a:9e:42:8a:ad:02:2c:
94:f7:54:23:e0:7f:78:97:44:c2:a0:43:ac:72:e3:af:12:ac:
ae:e8:cf:0c:49:7e:e6:ce:41:11:03:ca:f5:67:61:14:d9:fe:
a2:be:d5:c9:c8:c5:47:7f:5c:07:37:bb:8d:57:3c:65:03:3f:
cd:d5:91:04:f1:05:80:ec:73:e2:85:ed:41:79:58:c9:13:9c:
66:17:6f:66:1a:4e:f6:a7:7e:bd:d9:95:ef:47:df:23:9d:fb:
cb:50:e4:a3:31:d8:04:bd:44:cd:11:85:64:86:3b:c8:05:19:
df:ec:79:47:cf:3c:74:78:8e:b9:5e:dd:93:d3:fd:88:03:98:
27:32:80:40:3f:c8:41:f2:b4:58:e7:86:fe:48:67:85:e3:9d:
ed:bf:45:57:77:ea:a7:40:6c:9d:f8:9e:8e:22:6b:10:ac:a2:
62:90:3e:c9:d3:f7:b7:bb:61:0d:3a:41:d2:f8:9b:a4:b3:c8:
5c:4d:75:3b:7b:0f:db:ed:13:8e:25:ab:68:3d:d1:54:36:00:
d5:12:59:3f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYy0869u1ILBHNBFKhMsZLQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGMxMDI0MGY4NTBkZmMwZDU5NTdhOGQ1YWQ0ZTE4NGFk
YjAwNTcwHhcNMjMxMjI5MDk0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzJiYmU4OGYxYTMzZWIwYjViMmQ2NTc1ZDZmYjU4MmI2NjhkODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7yUrNpob7Yz/5sMwoNoriNvs6/R
h8G5CGCsKcDW/MpHACb+KGFFLJqGkOCoD62X7bmOqlkzpmr9+nXWPfKlM4Jivhq+
BfeD/jv4GwJb39CdjjWh8uox8U2DTE8Dp2Xbcb6tt8nWNgV1UGjnZRKephwznS7W
NUs/IOu34y3gVz6MvmiUxTFAXT0BHwILLtgmrD1LiiMiCBhRelY8q4+8udQ94VNO
08E6dzYPgwBYmvmq8Tkc3OkXU4xPqT7TBIxri6t26TlqlBH0JK4LV2D3AS0YJtiy
q1ia0D8n4JQDCquIm6nV4rLIZUMNA50YouF86LvQUG/57vWeLaZFbzuwGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCcrvojxoz6wtbLWV11vtYK2aNhkMB8GA1UdIwQY
MBaAFIVMECQPhQ38DVlXqNWtThhK2wBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV3UUpBLUZEZndOV1ZlbzFhMU9HRXJiQUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy81NTJkZDgtY2ViNC00NjE3LTllOWMt
MGY3ZWY0ZTk3NDU4LzEvSnl1LWlQR2pQckMxc3RaWFhXLTFnclpvMkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy81NTJkZDgtY2ViNC00NjE3LTllOWMtMGY3ZWY0ZTk3NDU4
LzEvaFV3UUpBLUZEZndOV1ZlbzFhMU9HRXJiQUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTcYAwQA
1DQDMA0EAgACMAcDBQAqAYzAMA0GCSqGSIb3DQEBCwUAA4IBAQC81d8GvLvdI2ab
yOrr0rJ2/610Ce7GVZsHJemuhsiXgbt2HI1MX78ASwWxNUMDVkqeQoqtAiyU91Qj
4H94l0TCoEOscuOvEqyu6M8MSX7mzkERA8r1Z2EU2f6ivtXJyMVHf1wHN7uNVzxl
Az/N1ZEE8QWA7HPihe1BeVjJE5xmF29mGk72p3692ZXvR98jnfvLUOSjMdgEvUTN
EYVkhjvIBRnf7HlHzzx0eI65Xt2T0/2IA5gnMoBAP8hB8rRY54b+SGeF453tv0VX
d+qnQGyd+J6OImsQrKJikD7J0/e3u2ENOkHS+Juks8hcTXU7ew/b7ROOJatoPdFU
NgDVElk/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:03 2024 by rpki-client on console-ams.rpki-client.org