Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/jB21p4b-BKR2m6WszZQc0n24DDk.roa
File: jB21p4b-BKR2m6WszZQc0n24DDk.roa (raw, json)
Hash identifier: KJBilRY8ZPQkeua261fBu1O6K3kxbR+N5MCPo5ubvMM=
Subject key identifier: 8C:1D:B5:A7:86:FE:04:A4:76:9B:A5:AC:CD:94:1C:D2:7D:B8:0C:39
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 018BD83C730376C578031BE1BBE3E740989D
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/jB21p4b-BKR2m6WszZQc0n24DDk.roa
Signing time: Thu 16 Nov 2023 13:05:21 +0000
ROA not before: Thu 16 Nov 2023 13:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49632
IP address blocks: 188.125.174.0/24 maxlen: 24
188.125.160.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
188.125.163.0/24 maxlen: 24
188.125.166.0/24 maxlen: 24
188.125.170.0/24 maxlen: 24
188.125.169.0/24 maxlen: 24
188.125.168.0/24 maxlen: 24
188.125.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:3c:73:03:76:c5:78:03:1b:e1:bb:e3:e7:40:98:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Nov 16 13:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c1db5a786fe04a4769ba5accd941cd27db80c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5a:f5:03:af:ea:28:e4:c1:7a:12:1b:c0:35:
7a:b1:b3:91:7d:0c:1d:3f:b6:e6:7b:6a:1c:f9:c7:
00:9f:bd:16:a8:8a:fc:94:4c:be:1d:32:94:9e:f2:
e9:9d:a9:5b:8b:db:0d:56:b4:2b:ed:30:68:80:16:
35:98:5d:b5:a2:62:bb:0b:e5:f1:3f:50:32:80:f6:
b4:ea:f4:bb:86:8e:c3:68:71:ea:bc:f5:95:fd:bf:
96:e7:a1:d9:20:6f:63:4d:a6:de:a8:f7:58:3d:95:
77:0b:c0:82:d0:04:2a:cf:a8:d2:96:65:a3:d0:fa:
1c:1a:1d:fc:96:b0:17:70:6d:7d:08:11:31:ed:32:
bf:dd:88:a4:63:16:9f:3f:2e:1e:bd:ab:cd:aa:36:
d9:63:80:35:d7:bc:cb:b3:78:2e:b9:a5:8b:22:f6:
7d:b7:e0:55:9a:e3:6f:c0:3c:da:b7:c1:a6:d3:d5:
7c:01:01:68:65:81:07:af:39:2b:c4:54:a7:10:cc:
34:b5:92:e8:26:5d:73:03:fa:77:af:fb:df:78:6f:
87:1a:61:59:1c:47:4d:80:f0:0c:93:fe:ad:7c:f9:
2c:0e:60:ee:f7:43:97:19:5d:39:19:d8:1a:05:22:
56:5d:85:45:2f:33:82:0d:d2:33:87:8f:58:a8:c9:
4b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:1D:B5:A7:86:FE:04:A4:76:9B:A5:AC:CD:94:1C:D2:7D:B8:0C:39
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/jB21p4b-BKR2m6WszZQc0n24DDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.160.0/24
188.125.163.0-188.125.170.255
188.125.174.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:eb:05:89:51:a7:dc:4c:48:dd:78:50:66:ed:e8:7e:2a:98:
c5:1d:13:2c:6a:c4:df:fd:8a:35:9e:01:77:f1:76:74:74:9f:
8e:1e:75:0e:69:fe:4c:4c:4a:ea:05:63:b5:d1:ad:77:84:a6:
88:41:f9:e4:e3:07:24:97:60:3c:34:4d:fb:68:b2:62:95:fa:
5f:f4:58:72:7f:df:f6:d9:a7:33:5a:6e:f6:83:30:33:c9:71:
f5:50:23:2e:45:ec:c6:2a:fe:ab:e2:ea:c5:ac:8a:84:9a:c4:
b7:f1:b0:b8:db:40:48:24:b6:27:3d:21:b5:74:09:4a:74:bf:
6a:63:f3:51:13:ff:ce:9c:02:8a:84:f3:4c:5a:6f:3a:68:a8:
ef:14:92:c6:cb:b0:25:db:4b:90:76:24:a4:75:91:eb:aa:9b:
b2:91:7b:0d:ab:7f:c9:a5:df:f5:ec:16:1e:3f:4e:7a:53:d9:
0d:29:8c:03:3d:21:ac:34:70:7e:f7:6d:72:14:e8:4d:a7:0c:
af:08:50:d0:66:80:c3:d4:95:53:0a:cb:54:ae:79:5e:58:85:
12:26:c3:45:c4:6a:8d:62:90:a7:ad:f9:28:90:4a:be:1c:af:
8a:8b:30:52:6d:13:8d:66:51:ea:81:cd:60:7b:92:8c:2c:ee:
82:1b:54:8d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYvYPHMDdsV4Axvhu+PnQJidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjMxMTE2MTMwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzFkYjVhNzg2ZmUwNGE0NzY5YmE1YWNjZDk0MWNkMjdkYjgwYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVr1A6/qKOTBehIbwDV6sbORfQwd
P7bme2oc+ccAn70WqIr8lEy+HTKUnvLpnalbi9sNVrQr7TBogBY1mF21omK7C+Xx
P1AygPa06vS7ho7DaHHqvPWV/b+W56HZIG9jTabeqPdYPZV3C8CC0AQqz6jSlmWj
0PocGh38lrAXcG19CBEx7TK/3YikYxafPy4evavNqjbZY4A117zLs3guuaWLIvZ9
t+BVmuNvwDzat8Gm09V8AQFoZYEHrzkrxFSnEMw0tZLoJl1zA/p3r/vfeG+HGmFZ
HEdNgPAMk/6tfPksDmDu90OXGV05GdgaBSJWXYVFLzOCDdIzh49YqMlL9QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIwdtaeG/gSkdpulrM2UHNJ9uAw5MB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvakIyMXA0Yi1CS1IybTZXc3paUWMwbjI0RERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAvH2gMAwD
BAC8faMDBAC8faoDBAC8fa4wDQYJKoZIhvcNAQELBQADggEBABzrBYlRp9xMSN14
UGbt6H4qmMUdEyxqxN/9ijWeAXfxdnR0n44edQ5p/kxMSuoFY7XRrXeEpohB+eTj
BySXYDw0TftosmKV+l/0WHJ/3/bZpzNabvaDMDPJcfVQIy5F7MYq/qvi6sWsioSa
xLfxsLjbQEgktic9IbV0CUp0v2pj81ET/86cAoqE80xabzpoqO8UksbLsCXbS5B2
JKR1keuqm7KRew2rf8ml3/XsFh4/TnpT2Q0pjAM9Iaw0cH73bXIU6E2nDK8IUNBm
gMPUlVMKy1SueV5YhRImw0XEao1ikKet+SiQSr4cr4qLMFJtE41mUeqBzWB7kows
7oIbVI0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:25 2024 by rpki-client on console-ams.rpki-client.org