Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/jsjX56hC8f6UhYZL9NTFtHuXbuI.roa
File: jsjX56hC8f6UhYZL9NTFtHuXbuI.roa (raw, json)
Hash identifier: Tv70R0q/qUg1JJxX2sC+MtHnvabOKPJXMWDvJOfHF34=
Subject key identifier: 8E:C8:D7:E7:A8:42:F1:FE:94:85:86:4B:F4:D4:C5:B4:7B:97:6E:E2
Certificate issuer: /CN=faf814df8575986dd904a98687583c138768a114
Certificate serial: 018CC349070FE60A1AB92B601F6B8E115050
Authority key identifier: FA:F8:14:DF:85:75:98:6D:D9:04:A9:86:87:58:3C:13:87:68:A1:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/jsjX56hC8f6UhYZL9NTFtHuXbuI.roa
Signing time: Mon 01 Jan 2024 04:29:52 +0000
ROA not before: Mon 01 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21217
IP address blocks: 185.254.152.0/24 maxlen: 24
185.254.152.0/22 maxlen: 24
185.254.154.0/24 maxlen: 24
185.254.155.0/24 maxlen: 24
185.247.8.0/22 maxlen: 24
185.254.153.0/24 maxlen: 24
80.80.224.0/21 maxlen: 24
80.80.232.0/22 maxlen: 24
80.80.236.0/23 maxlen: 24
80.80.238.0/24 maxlen: 24
185.169.92.0/22 maxlen: 24
2001:40c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 25 Mar 2024 16:31:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:07:0f:e6:0a:1a:b9:2b:60:1f:6b:8e:11:50:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faf814df8575986dd904a98687583c138768a114
Validity
Not Before: Jan 1 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ec8d7e7a842f1fe9485864bf4d4c5b47b976ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:be:f6:78:38:56:4b:9b:9a:a9:8d:46:5b:f8:
32:0e:ab:b6:a0:15:ab:ff:b9:0c:ad:a8:47:ab:12:
5c:19:32:df:7e:be:48:db:37:ce:22:33:aa:db:a5:
f7:e6:c0:3a:61:04:52:0d:8d:bd:ca:55:bb:2b:40:
7c:af:21:ee:a5:26:be:35:54:b4:8e:0b:f5:f5:77:
3b:93:f4:aa:a8:dd:6b:47:ec:61:fc:d1:9c:3b:0b:
f5:d6:65:e0:64:7e:04:95:d1:f4:bd:03:4c:c6:22:
6e:1a:19:c8:82:da:41:5c:58:76:cb:75:18:23:0a:
38:f7:29:57:cd:8a:9c:65:9f:b0:0f:0a:bb:93:f7:
78:b9:9d:9d:e2:5c:7b:45:79:45:6a:92:23:b4:0c:
1c:fc:01:56:b8:1e:37:f2:f7:72:b0:d4:b6:72:81:
ba:71:c6:31:5e:a7:36:05:c8:01:0b:97:30:9f:8e:
f3:d8:c0:35:b2:17:03:4f:21:e2:39:c7:15:e2:de:
55:45:72:12:93:0a:f3:b9:6e:f4:48:06:67:77:f9:
6d:50:db:c2:ed:64:76:40:78:06:83:11:53:9e:e2:
49:97:05:d4:dc:8f:16:79:3f:56:d1:5a:7d:69:dd:
fd:b7:d5:35:db:83:ea:a1:73:e6:0e:db:72:24:c9:
cf:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C8:D7:E7:A8:42:F1:FE:94:85:86:4B:F4:D4:C5:B4:7B:97:6E:E2
X509v3 Authority Key Identifier:
keyid:FA:F8:14:DF:85:75:98:6D:D9:04:A9:86:87:58:3C:13:87:68:A1:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/jsjX56hC8f6UhYZL9NTFtHuXbuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.80.224.0-80.80.238.255
185.169.92.0/22
185.247.8.0/22
185.254.152.0/22
IPv6:
2001:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
0e:21:b0:7f:bc:ff:75:a5:da:a7:54:01:4d:9f:21:16:80:31:
3f:84:78:44:78:0a:b3:46:51:97:bc:94:cb:ec:68:e0:1a:cf:
4f:21:af:32:e5:65:dd:34:eb:58:fe:22:f6:8a:a9:75:ba:3b:
a9:ca:78:68:07:8a:ec:c2:4d:c0:ba:b1:65:01:e9:49:6d:be:
31:33:49:ce:97:d1:3c:6f:7c:4f:01:5a:eb:82:cd:e6:7a:48:
81:4a:db:a6:ea:03:5f:40:74:90:be:61:84:7d:0f:36:10:dd:
4d:fd:18:40:1e:84:25:3d:39:33:5c:c7:a6:28:c5:4d:b8:c1:
eb:d1:dc:79:3d:8c:11:50:22:c7:4a:2f:91:54:a3:99:e2:de:
d0:22:fb:ef:7a:76:60:0d:ee:73:3a:0c:b5:73:b0:e1:b2:2b:
77:b1:df:a9:8c:db:72:58:a3:bc:50:d5:8d:63:77:cb:6f:9e:
ce:10:d1:d5:66:9f:87:70:c4:6a:88:e9:29:ed:4a:64:c7:63:
be:f2:9f:2b:6e:b4:d7:cd:3c:de:f6:89:47:0b:2c:71:4c:49:
1b:e8:32:b0:3c:e7:a2:ad:51:a0:76:80:fc:7e:c8:94:f9:19:
c0:01:04:8a:b7:26:43:8b:23:3c:18:11:85:63:ef:db:73:f8:
d2:3d:dc:0e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzDSQcP5goauStgH2uOEVBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZjgxNGRmODU3NTk4NmRkOTA0YTk4Njg3NTgzYzEzODc2
OGExMTQwHhcNMjQwMTAxMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWM4ZDdlN2E4NDJmMWZlOTQ4NTg2NGJmNGQ0YzViNDdiOTc2ZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL72eDhWS5uaqY1GW/gyDqu2oBWr
/7kMrahHqxJcGTLffr5I2zfOIjOq26X35sA6YQRSDY29ylW7K0B8ryHupSa+NVS0
jgv19Xc7k/SqqN1rR+xh/NGcOwv11mXgZH4EldH0vQNMxiJuGhnIgtpBXFh2y3UY
Iwo49ylXzYqcZZ+wDwq7k/d4uZ2d4lx7RXlFapIjtAwc/AFWuB438vdysNS2coG6
ccYxXqc2BcgBC5cwn47z2MA1shcDTyHiOccV4t5VRXISkwrzuW70SAZnd/ltUNvC
7WR2QHgGgxFTnuJJlwXU3I8WeT9W0Vp9ad39t9U124PqoXPmDttyJMnP3wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFI7I1+eoQvH+lIWGS/TUxbR7l27iMB8GA1UdIwQY
MBaAFPr4FN+FdZht2QSphodYPBOHaKEUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS12Z1UzNFYxbUczWkJLbUdoMWc4RTRkb29SUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEvNmZiYmVkLTg3MWYtNDg1Yi1hZDFh
LTQ2MjY5ZDE3ZTlmMS8xL2pzalg1NmhDOGY2VWhZWkw5TlRGdEh1WGJ1SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWEvNmZiYmVkLTg3MWYtNDg1Yi1hZDFhLTQ2MjY5ZDE3ZTlm
MS8xLzEtdmdVMzRWMW1HM1pCS21HaDFnOEU0ZG9vUlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSgYIKwYBBQUHAQcBAf8EOzA5MCYEAgABMCAwDAMEBVBQ
4AMEAFBQ7gMEArmpXAMEArn3CAMEArn+mDAPBAIAAjAJAwcAIAFAwAAAMA0GCSqG
SIb3DQEBCwUAA4IBAQAOIbB/vP91pdqnVAFNnyEWgDE/hHhEeAqzRlGXvJTL7Gjg
Gs9PIa8y5WXdNOtY/iL2iql1ujupynhoB4rswk3AurFlAelJbb4xM0nOl9E8b3xP
AVrrgs3mekiBStum6gNfQHSQvmGEfQ82EN1N/RhAHoQlPTkzXMemKMVNuMHr0dx5
PYwRUCLHSi+RVKOZ4t7QIvvvenZgDe5zOgy1c7Dhsit3sd+pjNtyWKO8UNWNY3fL
b57OENHVZp+HcMRqiOkp7Upkx2O+8p8rbrTXzTze9olHCyxxTEkb6DKwPOeirVGg
doD8fsiU+RnAAQSKtyZDiyM8GBGFY+/bc/jSPdwO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:39 2024 by rpki-client on console-ams.rpki-client.org