Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/424dcb-1221-4e42-ba0e-a4dc5559d449/1/J8eYdc8_fkNkLVC5E4g5hZEKdXw.roa
File: J8eYdc8_fkNkLVC5E4g5hZEKdXw.roa (raw, json)
Hash identifier: ZchHKOHp8+UBr2E3i86jpNl3jkd4tAa8eMFzycNpWko=
Subject key identifier: 27:C7:98:75:CF:3F:7E:43:64:2D:50:B9:13:88:39:85:91:0A:75:7C
Certificate issuer: /CN=2f9cc6a3f4c2381930ba8d1af0d95abec09681e4
Certificate serial: 0185714C31CAB54426A10015CFA999B47078
Authority key identifier: 2F:9C:C6:A3:F4:C2:38:19:30:BA:8D:1A:F0:D9:5A:BE:C0:96:81:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5zGo_TCOBkwuo0a8NlavsCWgeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/424dcb-1221-4e42-ba0e-a4dc5559d449/1/J8eYdc8_fkNkLVC5E4g5hZEKdXw.roa
Signing time: Mon 02 Jan 2023 07:04:56 +0000
ROA not before: Mon 02 Jan 2023 07:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62416
IP address blocks: 185.32.188.0/22 maxlen: 24
185.222.8.0/22 maxlen: 24
2a00:c560::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:31:ca:b5:44:26:a1:00:15:cf:a9:99:b4:70:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f9cc6a3f4c2381930ba8d1af0d95abec09681e4
Validity
Not Before: Jan 2 07:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27c79875cf3f7e43642d50b913883985910a757c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:47:24:33:00:39:bd:1b:3b:2f:d6:bf:cc:1f:
36:43:ab:83:cd:0c:b3:6a:78:94:41:cb:ae:26:3c:
03:3d:02:99:f9:54:bf:2e:39:ec:0a:7a:fa:d0:f8:
b9:27:94:3e:1b:16:90:42:53:e5:a7:2e:64:b5:69:
51:32:e8:13:92:a3:05:70:7e:ef:24:8a:11:8f:9d:
0e:99:4d:81:42:36:1e:9d:87:de:91:d1:99:7d:ee:
b9:4b:4f:06:91:91:de:05:e3:e5:21:c0:a3:8d:ab:
49:20:0f:43:5c:bb:40:f5:38:8a:81:12:8d:61:2d:
ac:0a:ef:62:c8:c9:ff:9b:d4:fc:e6:1a:9f:a9:e3:
15:7c:da:79:e0:58:6e:4b:4d:72:d1:7b:5a:0e:e6:
a0:83:e9:87:33:6f:68:cb:4f:5c:b5:0a:d5:d3:d9:
96:14:73:83:eb:4d:0a:6c:5e:fe:ca:d1:29:bf:c3:
30:fc:ef:46:b7:08:b4:29:77:ce:ea:4a:52:8f:04:
87:cd:67:5d:22:44:1c:19:f9:09:24:3e:ff:64:a5:
77:b5:cf:1e:e6:c8:09:f4:f9:b6:93:84:f4:cd:89:
fd:e8:ab:22:fb:c7:64:6e:5e:0d:6f:7a:71:e4:0d:
0e:a3:c6:fc:b4:51:27:0a:a1:85:16:10:77:0b:fa:
6f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C7:98:75:CF:3F:7E:43:64:2D:50:B9:13:88:39:85:91:0A:75:7C
X509v3 Authority Key Identifier:
keyid:2F:9C:C6:A3:F4:C2:38:19:30:BA:8D:1A:F0:D9:5A:BE:C0:96:81:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5zGo_TCOBkwuo0a8NlavsCWgeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/424dcb-1221-4e42-ba0e-a4dc5559d449/1/J8eYdc8_fkNkLVC5E4g5hZEKdXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/424dcb-1221-4e42-ba0e-a4dc5559d449/1/L5zGo_TCOBkwuo0a8NlavsCWgeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.188.0/22
185.222.8.0/22
IPv6:
2a00:c560::/29
Signature Algorithm: sha256WithRSAEncryption
3c:50:62:31:a4:70:b8:e3:f5:92:30:21:1c:3a:b1:48:b8:44:
0c:d7:2f:79:b3:a9:db:05:6b:5e:e7:fb:19:ba:be:01:90:d1:
c0:d6:95:13:a1:3f:06:b9:60:ff:11:c5:32:22:e3:4d:3e:f8:
a5:0d:63:27:a3:83:a8:74:41:8b:4a:35:69:d0:32:b1:4f:f7:
f7:6d:75:ff:7d:6e:f3:bb:12:0c:7c:0f:eb:71:e3:a1:c5:49:
1e:ec:ba:8c:0d:c3:26:3d:40:4d:bd:ca:a4:4c:b9:74:5e:8e:
6d:10:64:a2:bf:63:40:ef:7d:91:13:90:22:63:b6:7e:56:09:
aa:4a:55:46:bc:69:6f:c4:48:d9:fc:35:42:ba:42:22:0a:f6:
72:33:f3:b4:16:0f:e0:bc:11:6a:36:99:f9:27:7f:6f:66:fd:
c3:3c:dc:c2:f2:a9:fc:cf:2d:02:77:41:fb:df:1e:06:e2:51:
c8:6f:33:1a:b0:73:c9:10:7f:be:3c:4e:0f:96:21:3e:c3:05:
0a:6e:d4:44:8f:67:f0:38:29:42:a1:fa:34:94:f7:1e:88:d1:
ef:43:63:d1:4b:dc:90:eb:2d:90:7c:28:f0:a4:7d:60:82:1e:
57:01:23:e3:ce:de:f8:04:e9:ef:bb:02:e0:dc:52:bd:97:f4:
ca:c1:8c:65
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxTDHKtUQmoQAVz6mZtHB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOWNjNmEzZjRjMjM4MTkzMGJhOGQxYWYwZDk1YWJlYzA5
NjgxZTQwHhcNMjMwMTAyMDcwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2M3OTg3NWNmM2Y3ZTQzNjQyZDUwYjkxMzg4Mzk4NTkxMGE3NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEckMwA5vRs7L9a/zB82Q6uDzQyz
aniUQcuuJjwDPQKZ+VS/LjnsCnr60Pi5J5Q+GxaQQlPlpy5ktWlRMugTkqMFcH7v
JIoRj50OmU2BQjYenYfekdGZfe65S08GkZHeBePlIcCjjatJIA9DXLtA9TiKgRKN
YS2sCu9iyMn/m9T85hqfqeMVfNp54FhuS01y0XtaDuagg+mHM29oy09ctQrV09mW
FHOD600KbF7+ytEpv8Mw/O9Gtwi0KXfO6kpSjwSHzWddIkQcGfkJJD7/ZKV3tc8e
5sgJ9Pm2k4T0zYn96Ksi+8dkbl4Nb3px5A0Oo8b8tFEnCqGFFhB3C/pvpwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCfHmHXPP35DZC1QuROIOYWRCnV8MB8GA1UdIwQY
MBaAFC+cxqP0wjgZMLqNGvDZWr7AloHkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDV6R29fVENPQmt3dW8wYThObGF2c0NXZ2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80MjRkY2ItMTIyMS00ZTQyLWJhMGUt
YTRkYzU1NTlkNDQ5LzEvSjhlWWRjOF9ma05rTFZDNUU0ZzVoWkVLZFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80MjRkY2ItMTIyMS00ZTQyLWJhMGUtYTRkYzU1NTlkNDQ5
LzEvTDV6R29fVENPQmt3dW8wYThObGF2c0NXZ2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSC8AwQC
ud4IMA0EAgACMAcDBQMqAMVgMA0GCSqGSIb3DQEBCwUAA4IBAQA8UGIxpHC44/WS
MCEcOrFIuEQM1y95s6nbBWte5/sZur4BkNHA1pUToT8GuWD/EcUyIuNNPvilDWMn
o4OodEGLSjVp0DKxT/f3bXX/fW7zuxIMfA/rceOhxUke7LqMDcMmPUBNvcqkTLl0
Xo5tEGSiv2NA732RE5AiY7Z+VgmqSlVGvGlvxEjZ/DVCukIiCvZyM/O0Fg/gvBFq
Npn5J39vZv3DPNzC8qn8zy0Cd0H73x4G4lHIbzMasHPJEH++PE4PliE+wwUKbtRE
j2fwOClCofo0lPceiNHvQ2PRS9yQ6y2QfCjwpH1ggh5XASPjzt74BOnvuwLg3FK9
l/TKwYxl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:44 2024 by rpki-client on console-fra.rpki-client.org