Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/Jj6XNynzvddAsPdF1FGuRdhAamo.roa
File: Jj6XNynzvddAsPdF1FGuRdhAamo.roa (raw, json)
Hash identifier: oUMEFMtLZ2vJ0poqtuwTBF2ugItn3dAvAeHAtpKxpsA=
Subject key identifier: 26:3E:97:37:29:F3:BD:D7:40:B0:F7:45:D4:51:AE:45:D8:40:6A:6A
Certificate issuer: /CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
Certificate serial: 01856D13D9F0C350F3E5D9FD477C0ADA0661
Authority key identifier: 31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/Jj6XNynzvddAsPdF1FGuRdhAamo.roa
Signing time: Sun 01 Jan 2023 11:24:55 +0000
ROA not before: Sun 01 Jan 2023 11:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211656
IP address blocks: 185.165.228.0/22 maxlen: 24
185.117.252.0/22 maxlen: 24
2a10:ad40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 22 May 2023 11:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:d9:f0:c3:50:f3:e5:d9:fd:47:7c:0a:da:06:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
Validity
Not Before: Jan 1 11:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=263e973729f3bdd740b0f745d451ae45d8406a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0c:cb:dd:06:68:d9:44:01:bb:3f:62:9c:b7:
ed:3c:46:1f:d4:fc:ed:34:cc:ad:4f:64:7e:13:34:
99:df:ba:44:85:1d:de:7a:87:e5:0b:bb:02:78:a5:
d7:eb:f7:1b:3c:44:5b:40:7d:c0:0c:20:aa:0a:1c:
bc:89:86:8e:b4:d6:dc:6c:6a:bc:62:90:c2:d3:6f:
ec:23:f9:7d:40:81:76:80:4c:72:e9:85:95:7f:11:
66:62:d4:21:6c:cf:0e:4d:ec:d6:2c:15:3d:99:c4:
26:6b:64:c0:c6:96:6a:ff:6c:18:53:ce:8f:c1:83:
f8:44:e9:25:ed:82:58:ca:53:90:ee:91:b1:d4:6c:
9f:3b:05:f7:c9:aa:82:9c:4d:5e:07:49:d3:e8:79:
ab:d5:10:c7:6e:41:d1:1b:64:f1:5a:df:40:3c:5e:
f8:de:d0:1b:34:28:3b:48:a3:5f:0a:24:9c:f8:17:
a0:68:72:26:0e:42:68:50:2d:d7:85:57:de:94:a5:
4d:a5:39:94:b6:fb:c7:a7:18:be:78:a9:b3:c5:74:
90:1c:3b:21:20:21:50:69:77:3b:49:3a:d2:a0:e2:
ab:d9:a5:dc:0a:c4:eb:8c:22:ad:ed:fe:de:4a:67:
51:46:4c:5e:06:34:7a:be:82:db:5a:76:4c:c3:1c:
6a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3E:97:37:29:F3:BD:D7:40:B0:F7:45:D4:51:AE:45:D8:40:6A:6A
X509v3 Authority Key Identifier:
keyid:31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/Jj6XNynzvddAsPdF1FGuRdhAamo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/MdTuSv_1XmdETUfUm1Eqg2i_nvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.252.0/22
185.165.228.0/22
IPv6:
2a10:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
5c:9f:87:fe:fa:65:38:4a:ac:84:c1:95:15:f3:ac:92:d3:3f:
57:21:9f:37:4a:5b:f7:44:dc:d6:9e:9d:a2:62:10:16:f1:cf:
26:42:e6:f4:21:7e:f3:18:70:ed:73:a0:dd:f3:cd:77:8c:8f:
82:ea:d4:ea:4e:75:3b:f1:c0:94:cd:82:48:6e:52:18:22:b6:
8e:6e:64:60:ba:99:c7:45:69:10:30:95:80:90:5d:82:b2:ad:
3b:08:8f:72:92:7d:28:b9:c2:23:e3:0d:28:dc:7e:9d:90:fc:
30:62:dc:59:a5:a0:f3:9f:5e:2f:64:6a:a3:ca:d7:b7:17:26:
e5:8f:ed:53:28:32:7e:2c:4b:6b:d8:d4:dd:f5:e8:95:b5:2b:
99:2e:cb:50:82:89:63:9f:d0:2b:5d:6b:91:77:b5:41:dc:d0:
ee:9f:ec:a4:8c:b7:22:39:27:30:c3:d9:99:3a:0b:47:24:b0:
80:ed:5c:74:1c:0f:53:79:2b:ab:79:df:56:a5:32:60:8c:9d:
5b:91:b2:16:ed:5e:d4:0f:6a:b8:fa:17:78:7b:59:cf:19:71:
e6:74:98:6f:62:af:01:d3:de:34:2c:5f:d4:c0:f7:ad:33:fb:
37:49:a1:0d:84:06:40:30:1d:2c:e0:3e:04:ac:34:e7:50:ba:
bd:f4:bc:25
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtE9nww1Dz5dn9R3wK2gZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDRlZTRhZmZmNTVlNjc0NDRkNDdkNDliNTEyYTgzNjhi
ZjllZjYwHhcNMjMwMTAxMTEyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjNlOTczNzI5ZjNiZGQ3NDBiMGY3NDVkNDUxYWU0NWQ4NDA2YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwzL3QZo2UQBuz9inLftPEYf1Pzt
NMytT2R+EzSZ37pEhR3eeoflC7sCeKXX6/cbPERbQH3ADCCqChy8iYaOtNbcbGq8
YpDC02/sI/l9QIF2gExy6YWVfxFmYtQhbM8OTezWLBU9mcQma2TAxpZq/2wYU86P
wYP4ROkl7YJYylOQ7pGx1GyfOwX3yaqCnE1eB0nT6Hmr1RDHbkHRG2TxWt9APF74
3tAbNCg7SKNfCiSc+BegaHImDkJoUC3XhVfelKVNpTmUtvvHpxi+eKmzxXSQHDsh
ICFQaXc7STrSoOKr2aXcCsTrjCKt7f7eSmdRRkxeBjR6voLbWnZMwxxqgQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCY+lzcp873XQLD3RdRRrkXYQGpqMB8GA1UdIwQY
MBaAFDHU7kr/9V5nRE1H1JtRKoNov572MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRUdVN2XzFYbWRFVFVmVW0xRXFnMmlfbnZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lNDRkZWEtOGQ1MS00NDBhLWJjMDIt
YmFiNTc2ZTIwMzkzLzEvSmo2WE55bnp2ZGRBc1BkRjFGR3VSZGhBYW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lNDRkZWEtOGQ1MS00NDBhLWJjMDItYmFiNTc2ZTIwMzkz
LzEvTWRUdVN2XzFYbWRFVFVmVW0xRXFnMmlfbnZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXX8AwQC
uaXkMA0EAgACMAcDBQMqEK1AMA0GCSqGSIb3DQEBCwUAA4IBAQBcn4f++mU4SqyE
wZUV86yS0z9XIZ83Slv3RNzWnp2iYhAW8c8mQub0IX7zGHDtc6Dd8813jI+C6tTq
TnU78cCUzYJIblIYIraObmRgupnHRWkQMJWAkF2Csq07CI9ykn0oucIj4w0o3H6d
kPwwYtxZpaDzn14vZGqjyte3Fyblj+1TKDJ+LEtr2NTd9eiVtSuZLstQgoljn9Ar
XWuRd7VB3NDun+ykjLciOScww9mZOgtHJLCA7Vx0HA9TeSured9WpTJgjJ1bkbIW
7V7UD2q4+hd4e1nPGXHmdJhvYq8B0940LF/UwPetM/s3SaENhAZAMB0s4D4ErDTn
ULq99Lwl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:01 2024 by rpki-client on console-ams.rpki-client.org