Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/JxEsedhtv7ypDqm_yvPE-ra3D8I.roa
File: JxEsedhtv7ypDqm_yvPE-ra3D8I.roa (raw, json)
Hash identifier: sot0CYE09wXXDy8b9xKJLTFiOB8qPrM6PdpqEyxxytU=
Subject key identifier: 27:11:2C:79:D8:6D:BF:BC:A9:0E:A9:BF:CA:F3:C4:FA:B6:B7:0F:C2
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0185723A2DE4FD615DF896F0450E4729D393
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/JxEsedhtv7ypDqm_yvPE-ra3D8I.roa
Signing time: Mon 02 Jan 2023 11:24:53 +0000
ROA not before: Mon 02 Jan 2023 11:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 139.156.0.0/16 maxlen: 16
213.162.160.0/19 maxlen: 19
145.54.0.0/16 maxlen: 16
195.190.224.0/19 maxlen: 19
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:2d:e4:fd:61:5d:f8:96:f0:45:0e:47:29:d3:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 11:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27112c79d86dbfbca90ea9bfcaf3c4fab6b70fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:74:d8:ea:fb:a2:ad:59:b2:7f:47:a5:85:2d:
1a:42:23:ac:6d:3e:d8:5d:5b:2a:e6:c2:fe:cf:b7:
e6:63:78:1e:fc:0a:9e:35:b1:e6:49:c5:e0:2d:6a:
ba:4d:2f:9d:5d:71:ab:9f:90:00:41:ca:45:16:78:
82:5d:89:70:eb:b3:69:56:99:ca:74:96:15:e7:a0:
90:d8:8b:89:26:01:ce:95:cc:cc:b1:bc:77:f3:bf:
ba:6d:b2:81:f4:2a:a3:df:0e:e0:78:cb:f6:a6:57:
5a:0a:59:0a:65:49:ad:70:28:f9:b2:92:bd:6d:62:
ca:cd:79:60:06:52:56:e4:7b:df:a8:26:13:e3:cd:
34:ec:30:c9:0a:71:1e:9e:f7:e9:18:cb:81:ac:e6:
45:df:bf:31:22:2f:be:80:69:8e:98:9b:10:91:37:
16:54:5d:0d:ac:aa:80:20:c8:0c:cd:1d:fa:36:3c:
e9:e0:97:01:af:f9:4a:bc:83:e6:c8:ec:7e:5a:d4:
52:8a:70:ac:5a:13:0a:f7:e1:3b:38:62:5d:13:45:
54:bb:c7:3e:7a:0f:8f:c6:d1:fd:02:87:fe:ee:6b:
e9:e5:9b:f3:b1:61:bd:b2:29:13:a6:a9:b2:78:f1:
93:cf:33:b8:57:39:f5:1a:30:e8:e9:95:96:86:0f:
d1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:11:2C:79:D8:6D:BF:BC:A9:0E:A9:BF:CA:F3:C4:FA:B6:B7:0F:C2
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/JxEsedhtv7ypDqm_yvPE-ra3D8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.156.0.0/16
145.54.0.0/16
195.190.224.0/19
213.162.160.0/19
Signature Algorithm: sha256WithRSAEncryption
3a:02:6c:fd:05:d9:a9:8e:62:c8:75:3e:13:7d:95:3e:3c:34:
64:3c:93:55:cb:7d:eb:c0:48:c8:f1:76:0b:fe:05:81:64:ef:
c0:23:c6:06:99:5c:de:ed:72:b9:93:e9:66:ee:bf:7f:e5:a9:
ab:ca:04:3e:bd:10:b9:7f:ff:8b:03:71:3e:d2:8b:24:b5:be:
23:bb:b3:e4:73:21:1b:bb:d3:4e:5f:f9:03:d6:b1:a1:d1:80:
22:0d:a8:0b:1c:4f:a2:d9:20:99:a6:f5:d7:0b:8f:ff:8c:ba:
1c:0c:a7:a8:0b:17:b8:99:51:71:70:b8:24:ff:80:32:47:9c:
6c:e5:64:68:93:85:8b:88:0d:84:3a:2e:44:95:e3:22:ca:3b:
f9:4e:3a:d3:b6:63:28:23:d3:4c:4a:3e:4d:9e:47:1b:04:71:
a4:44:20:e0:71:98:e5:65:0b:75:f4:e5:04:c4:ed:af:95:f2:
3c:7f:73:61:eb:91:c2:1f:78:9e:23:2d:ca:2b:d2:d1:7a:d3:
74:12:d7:06:7a:54:d1:eb:62:15:fd:72:15:f9:31:c2:df:ec:
44:a8:bc:32:70:e8:2b:3f:05:9d:d5:e4:b4:4a:8d:4d:d7:45:
0c:0e:f4:10:d4:6f:a3:8c:8d:5c:1d:95:5b:28:41:de:99:86:
91:f3:0c:02
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVyOi3k/WFd+JbwRQ5HKdOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjMwMTAyMTEyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzExMmM3OWQ4NmRiZmJjYTkwZWE5YmZjYWYzYzRmYWI2YjcwZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonTY6vuirVmyf0elhS0aQiOsbT7Y
XVsq5sL+z7fmY3ge/AqeNbHmScXgLWq6TS+dXXGrn5AAQcpFFniCXYlw67NpVpnK
dJYV56CQ2IuJJgHOlczMsbx387+6bbKB9Cqj3w7geMv2pldaClkKZUmtcCj5spK9
bWLKzXlgBlJW5HvfqCYT48007DDJCnEenvfpGMuBrOZF378xIi++gGmOmJsQkTcW
VF0NrKqAIMgMzR36Njzp4JcBr/lKvIPmyOx+WtRSinCsWhMK9+E7OGJdE0VUu8c+
eg+PxtH9Aof+7mvp5ZvzsWG9sikTpqmyePGTzzO4Vzn1GjDo6ZWWhg/RuQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCcRLHnYbb+8qQ6pv8rzxPq2tw/CMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvSnhFc2VkaHR2N3lwRHFtX3l2UEUtcmEzRDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwMAi5wDAwCR
NgMEBcO+4AMEBdWioDANBgkqhkiG9w0BAQsFAAOCAQEAOgJs/QXZqY5iyHU+E32V
Pjw0ZDyTVct968BIyPF2C/4FgWTvwCPGBplc3u1yuZPpZu6/f+Wpq8oEPr0QuX//
iwNxPtKLJLW+I7uz5HMhG7vTTl/5A9axodGAIg2oCxxPotkgmab11wuP/4y6HAyn
qAsXuJlRcXC4JP+AMkecbOVkaJOFi4gNhDouRJXjIso7+U4607ZjKCPTTEo+TZ5H
GwRxpEQg4HGY5WULdfTlBMTtr5XyPH9zYeuRwh94niMtyivS0XrTdBLXBnpU0eti
Ff1yFfkxwt/sRKi8MnDoKz8FndXktEqNTddFDA70ENRvo4yNXB2VWyhB3pmGkfMM
Ag==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:13 2024 by rpki-client on console-fra.rpki-client.org