Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/JXwr-NtsvguqHlOJi6cgiGUQeYM.roa
File: JXwr-NtsvguqHlOJi6cgiGUQeYM.roa (raw, json)
Hash identifier: 92YKO6XmxYYXHNxZtyT50DUWPTG8d/GXvt1MDlEwe1c=
Subject key identifier: 25:7C:2B:F8:DB:6C:BE:0B:AA:1E:53:89:8B:A7:20:88:65:10:79:83
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 018B7075962572CEB542CE5FCBBE96409B10
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/JXwr-NtsvguqHlOJi6cgiGUQeYM.roa
Signing time: Fri 27 Oct 2023 09:27:15 +0000
ROA not before: Fri 27 Oct 2023 09:27:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.92.0/23 maxlen: 24
80.246.225.0/24 maxlen: 24
80.246.229.0/24 maxlen: 24
80.246.231.0/24 maxlen: 24
80.246.232.0/24 maxlen: 24
80.246.233.0/24 maxlen: 24
80.246.236.0/24 maxlen: 24
80.246.236.0/22 maxlen: 24
80.246.237.0/24 maxlen: 24
80.246.238.0/24 maxlen: 24
80.246.239.0/24 maxlen: 24
80.246.234.0/24 maxlen: 24
80.246.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:75:96:25:72:ce:b5:42:ce:5f:cb:be:96:40:9b:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Oct 27 09:27:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=257c2bf8db6cbe0baa1e53898ba7208865107983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:12:77:0b:38:ae:a7:7f:f0:eb:64:cf:ec:41:
8f:84:dc:4e:c2:3e:ef:cd:8c:e6:37:bb:d5:1a:58:
b3:55:36:e4:f6:33:93:d6:6e:67:22:85:5b:d0:ec:
92:a8:54:52:5d:c5:ca:16:7f:7c:fd:a7:07:22:7e:
64:cc:01:e5:ee:96:48:8b:e7:4e:0d:be:f9:89:6a:
ef:83:9f:3a:15:fe:a7:f9:ec:52:2d:ed:d2:5f:35:
a2:3b:97:d8:7e:ae:bf:3c:97:c0:7d:86:ea:50:b9:
e1:0d:d1:a4:0e:90:0b:7a:15:0c:20:9f:37:70:ba:
0c:c1:a1:8b:64:ed:2a:43:92:fb:c9:d5:a1:d1:d5:
87:8d:6d:88:8f:2f:ff:db:fa:1b:18:78:78:aa:0e:
ed:55:21:78:f3:0f:49:e7:b6:4b:39:30:7c:0d:b1:
ac:c9:da:f2:64:a1:60:37:30:67:ae:17:41:53:9a:
6e:01:cf:2f:bd:83:47:e3:b5:94:13:97:e3:16:ae:
80:fe:c9:40:a2:d9:d8:41:09:d2:f7:17:94:f2:f9:
59:e5:00:51:9b:6b:76:c7:44:9a:ab:66:75:50:78:
60:ba:a7:88:ca:c6:53:8f:73:55:bc:16:a9:eb:d8:
1d:2e:bb:db:88:d4:50:28:fd:d8:4e:13:fe:1f:0a:
cf:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7C:2B:F8:DB:6C:BE:0B:AA:1E:53:89:8B:A7:20:88:65:10:79:83
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/JXwr-NtsvguqHlOJi6cgiGUQeYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.92.0/23
80.246.225.0/24
80.246.229.0/24
80.246.231.0-80.246.239.255
Signature Algorithm: sha256WithRSAEncryption
6c:a6:40:6b:86:62:ff:07:8a:62:04:02:5e:e3:8c:d3:c3:a0:
b7:ff:8c:3c:1f:64:5c:43:65:6b:ca:14:44:fa:1a:c0:30:04:
ff:28:d2:e4:b7:ab:dc:a7:09:8f:7e:99:d1:b9:96:f5:41:3e:
6c:01:88:92:3a:92:09:96:b7:a0:0f:fa:2f:da:67:83:78:04:
45:a9:46:3d:9d:a7:bd:5a:53:89:6f:15:b5:36:ba:cc:69:19:
74:f5:3c:5b:ae:10:26:12:27:b4:b4:72:a4:eb:16:14:7a:08:
1b:ef:30:5f:e9:72:cf:75:98:1a:2e:9f:0d:51:d2:e1:7d:f4:
e1:68:94:b2:0b:f8:12:a7:b5:94:6b:69:15:ba:08:e3:ef:44:
12:d1:a1:73:61:29:af:aa:9c:9c:41:72:d9:2e:b9:5f:91:6f:
a4:9a:f1:81:bb:76:81:1d:3c:99:28:a8:86:8b:7a:4e:66:20:
cc:c3:ef:61:1b:0e:56:92:71:3a:fa:1b:f3:ea:b3:2c:40:16:
c1:6d:18:45:ed:76:6e:1a:c6:9f:92:45:c2:bd:26:53:37:f1:
30:2d:22:51:9a:1d:b1:4c:ef:c7:6a:13:61:d7:66:50:1d:25:
8e:e3:20:a8:2a:9a:9e:ba:d5:eb:4a:e8:6c:e4:4c:ed:2a:e5:
97:ff:8a:3e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYtwdZYlcs61Qs5fy76WQJsQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMxMDI3MDkyNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdjMmJmOGRiNmNiZTBiYWExZTUzODk4YmE3MjA4ODY1MTA3OTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBJ3Cziup3/w62TP7EGPhNxOwj7v
zYzmN7vVGlizVTbk9jOT1m5nIoVb0OySqFRSXcXKFn98/acHIn5kzAHl7pZIi+dO
Db75iWrvg586Ff6n+exSLe3SXzWiO5fYfq6/PJfAfYbqULnhDdGkDpALehUMIJ83
cLoMwaGLZO0qQ5L7ydWh0dWHjW2Ijy//2/obGHh4qg7tVSF48w9J57ZLOTB8DbGs
ydryZKFgNzBnrhdBU5puAc8vvYNH47WUE5fjFq6A/slAotnYQQnS9xeU8vlZ5QBR
m2t2x0Saq2Z1UHhguqeIysZTj3NVvBap69gdLrvbiNRQKP3YThP+HwrPSwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCV8K/jbbL4Lqh5TiYunIIhlEHmDMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvSlh3ci1OdHN2Z3VxSGxPSmk2Y2dpR1VRZVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLZVcAwQA
UPbhAwQAUPblMAwDBABQ9ucDBARQ9uAwDQYJKoZIhvcNAQELBQADggEBAGymQGuG
Yv8HimIEAl7jjNPDoLf/jDwfZFxDZWvKFET6GsAwBP8o0uS3q9ynCY9+mdG5lvVB
PmwBiJI6kgmWt6AP+i/aZ4N4BEWpRj2dp71aU4lvFbU2usxpGXT1PFuuECYSJ7S0
cqTrFhR6CBvvMF/pcs91mBounw1R0uF99OFolLIL+BKntZRraRW6COPvRBLRoXNh
Ka+qnJxBctkuuV+Rb6Sa8YG7doEdPJkoqIaLek5mIMzD72EbDlaScTr6G/PqsyxA
FsFtGEXtdm4axp+SRcK9JlM38TAtIlGaHbFM78dqE2HXZlAdJY7jIKgqmp661etK
6GzkTO0q5Zf/ij4=
-----END CERTIFICATE-----
Generated at Tue Oct 31 09:52:41 2023 by rpki-client on console-ams.rpki-client.org