Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/Jbcd3KZvIO4gpdz7fKyYZ0xeedU.roa
File: Jbcd3KZvIO4gpdz7fKyYZ0xeedU.roa (raw, json)
Hash identifier: NG4/pmy/Lwf/qd1hP44dRfcQ4rfqt8ULkS7DmtN4dmA=
Subject key identifier: 25:B7:1D:DC:A6:6F:20:EE:20:A5:DC:FB:7C:AC:98:67:4C:5E:79:D5
Certificate issuer: /CN=971533cb7a6796ac5c382b38dcf459f9176931f4
Certificate serial: 018C6383889D552E2B26EC80BC67E9229BF6
Authority key identifier: 97:15:33:CB:7A:67:96:AC:5C:38:2B:38:DC:F4:59:F9:17:69:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/Jbcd3KZvIO4gpdz7fKyYZ0xeedU.roa
Signing time: Wed 13 Dec 2023 14:10:13 +0000
ROA not before: Wed 13 Dec 2023 14:10:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47242
IP address blocks: 149.62.184.0/21 maxlen: 24
81.31.144.0/20 maxlen: 24
185.201.64.0/22 maxlen: 24
185.84.96.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:83:88:9d:55:2e:2b:26:ec:80:bc:67:e9:22:9b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971533cb7a6796ac5c382b38dcf459f9176931f4
Validity
Not Before: Dec 13 14:10:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25b71ddca66f20ee20a5dcfb7cac98674c5e79d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ea:8b:54:a7:d8:e1:a7:d5:7a:f9:d1:1b:f9:
66:25:9f:26:49:e1:56:e9:41:e5:19:be:e0:93:b9:
95:a7:4b:d4:78:63:9a:96:4d:ee:94:55:ec:46:97:
d6:1a:09:fa:ec:2f:1c:99:be:0f:2f:80:0a:57:2d:
fb:be:f0:94:11:d8:f5:a3:36:02:e4:f2:c0:4d:db:
b9:1d:52:19:74:f5:33:06:1a:4a:db:c3:68:eb:26:
5c:e5:67:82:93:0b:b8:d4:39:bf:94:dc:12:38:29:
20:c6:41:86:64:4e:89:83:29:12:6c:8a:e4:ac:f0:
d7:9a:ae:e2:36:43:3a:14:42:d9:a1:67:ca:9f:3b:
8d:36:45:f1:ee:99:49:b0:8a:91:2d:b8:51:e0:f3:
e4:9e:72:ae:70:2a:37:d7:ac:08:7e:9c:cc:29:10:
b8:aa:c1:5e:ad:f8:29:a3:39:c4:ad:54:00:9b:32:
e6:fa:81:a6:fb:71:74:a5:f3:3a:a6:97:f6:d5:e2:
9f:d4:a8:62:2c:1b:5e:83:e8:62:c6:00:74:da:67:
b5:d5:e2:0a:5c:c8:48:80:64:28:c2:ad:b8:5d:a8:
f3:ab:78:6b:42:de:2d:f9:23:32:82:64:32:12:59:
e5:03:a9:4c:d1:b5:e5:41:06:4f:ff:39:07:e6:23:
7a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:B7:1D:DC:A6:6F:20:EE:20:A5:DC:FB:7C:AC:98:67:4C:5E:79:D5
X509v3 Authority Key Identifier:
keyid:97:15:33:CB:7A:67:96:AC:5C:38:2B:38:DC:F4:59:F9:17:69:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/Jbcd3KZvIO4gpdz7fKyYZ0xeedU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.144.0/20
149.62.184.0/21
185.84.96.0/22
185.201.64.0/22
Signature Algorithm: sha256WithRSAEncryption
27:e9:04:0f:84:0a:51:5b:21:26:7d:96:67:a6:36:a5:e3:fd:
ba:bb:83:b1:da:ea:4e:ee:d5:1e:98:1c:86:54:07:ec:02:9f:
a8:ef:b4:bf:23:f7:ef:f8:38:7b:e8:0d:87:bc:74:b1:3b:bf:
5f:e5:ec:0a:ce:40:70:c0:06:d6:46:c7:f7:f8:36:d4:c7:64:
5e:3a:81:91:50:4f:83:95:00:76:39:22:e7:fe:4e:0d:e0:cc:
67:2e:44:18:fd:2a:bd:9c:af:1f:4b:fb:a3:34:2a:7a:21:ea:
36:35:6f:84:eb:f0:41:4a:f8:d7:cc:42:18:31:e1:de:15:4c:
f8:2b:a8:26:93:80:1f:57:70:25:b1:e6:97:ae:25:07:c6:f3:
06:01:ca:6c:c4:03:04:9a:4c:19:ef:66:72:5b:12:82:c0:75:
12:8f:7e:42:33:b8:26:4b:31:c3:20:66:54:7e:84:fe:d5:e4:
c8:86:29:da:d5:eb:d4:2d:a4:eb:8a:d8:7d:80:d9:5f:6f:18:
2d:4b:57:67:cf:2d:dc:4c:70:fe:42:c3:13:15:e1:b1:07:65:
25:13:61:16:73:d2:f5:02:c3:aa:7d:dd:b3:06:60:95:8a:77:
e6:57:0f:18:ab:20:d4:64:25:7f:76:3c:ef:5b:22:2b:d6:8c:
50:37:f2:0c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxjg4idVS4rJuyAvGfpIpv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MTUzM2NiN2E2Nzk2YWM1YzM4MmIzOGRjZjQ1OWY5MTc2
OTMxZjQwHhcNMjMxMjEzMTQxMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWI3MWRkY2E2NmYyMGVlMjBhNWRjZmI3Y2FjOTg2NzRjNWU3OWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+qLVKfY4afVevnRG/lmJZ8mSeFW
6UHlGb7gk7mVp0vUeGOalk3ulFXsRpfWGgn67C8cmb4PL4AKVy37vvCUEdj1ozYC
5PLATdu5HVIZdPUzBhpK28No6yZc5WeCkwu41Dm/lNwSOCkgxkGGZE6JgykSbIrk
rPDXmq7iNkM6FELZoWfKnzuNNkXx7plJsIqRLbhR4PPknnKucCo316wIfpzMKRC4
qsFerfgpoznErVQAmzLm+oGm+3F0pfM6ppf21eKf1KhiLBteg+hixgB02me11eIK
XMhIgGQowq24Xajzq3hrQt4t+SMygmQyElnlA6lM0bXlQQZP/zkH5iN6LwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCW3HdymbyDuIKXc+3ysmGdMXnnVMB8GA1UdIwQY
MBaAFJcVM8t6Z5asXDgrONz0WfkXaTH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhVenkzcG5scXhjT0NzNDNQUlotUmRwTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kNjU3N2QtZjJkMi00NTMwLWI5ZDIt
MzllY2E0NzI2NjhiLzEvSmJjZDNLWnZJTzRncGR6N2ZLeVlaMHhlZWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kNjU3N2QtZjJkMi00NTMwLWI5ZDItMzllY2E0NzI2Njhi
LzEvbHhVenkzcG5scXhjT0NzNDNQUlotUmRwTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUR+QAwQD
lT64AwQCuVRgAwQCuclAMA0GCSqGSIb3DQEBCwUAA4IBAQAn6QQPhApRWyEmfZZn
pjal4/26u4Ox2upO7tUemByGVAfsAp+o77S/I/fv+Dh76A2HvHSxO79f5ewKzkBw
wAbWRsf3+DbUx2ReOoGRUE+DlQB2OSLn/k4N4MxnLkQY/Sq9nK8fS/ujNCp6Ieo2
NW+E6/BBSvjXzEIYMeHeFUz4K6gmk4AfV3AlseaXriUHxvMGAcpsxAMEmkwZ72Zy
WxKCwHUSj35CM7gmSzHDIGZUfoT+1eTIhina1evULaTrith9gNlfbxgtS1dnzy3c
THD+QsMTFeGxB2UlE2EWc9L1AsOqfd2zBmCVinfmVw8YqyDUZCV/djzvWyIr1oxQ
N/IM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:13 2024 by rpki-client on console-fra.rpki-client.org