Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/jkNGCziItcuOdAfD1ohGxim--PQ.roa
File: jkNGCziItcuOdAfD1ohGxim--PQ.roa (raw, json)
Hash identifier: cPBq00gqILlWB3ktvKK/elZF+yxFWGIvEZy/Y4YghTw=
Subject key identifier: 8E:43:46:0B:38:88:B5:CB:8E:74:07:C3:D6:88:46:C6:29:BE:F8:F4
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 01856D7870D1917BB23DD6747A24B4D8385B
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/jkNGCziItcuOdAfD1ohGxim--PQ.roa
Signing time: Sun 01 Jan 2023 13:14:47 +0000
ROA not before: Sun 01 Jan 2023 13:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13193
IP address blocks: 62.212.112.0/24 maxlen: 24
213.41.128.0/17 maxlen: 17
213.215.0.0/18 maxlen: 18
185.33.40.0/22 maxlen: 22
185.43.68.0/22 maxlen: 22
194.79.128.0/18 maxlen: 18
194.146.224.0/22 maxlen: 22
80.248.208.0/20 maxlen: 20
62.212.96.0/19 maxlen: 19
80.65.224.0/20 maxlen: 20
178.132.16.0/20 maxlen: 20
79.170.216.0/21 maxlen: 21
194.242.112.0/22 maxlen: 22
5.23.40.0/21 maxlen: 21
171.25.208.0/22 maxlen: 22
93.184.32.0/20 maxlen: 20
78.40.48.0/21 maxlen: 21
2001:7a8::/32 maxlen: 32
2a01:68::/32 maxlen: 32
2001:7a8:3440::/44 maxlen: 44
2a01:6460::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 05 Jul 2023 09:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:70:d1:91:7b:b2:3d:d6:74:7a:24:b4:d8:38:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Jan 1 13:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e43460b3888b5cb8e7407c3d68846c629bef8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2c:b6:f6:5b:0a:cc:a7:08:99:21:6e:f0:b1:
ab:03:79:a7:93:f3:9d:73:3b:1c:c4:5b:1f:a8:da:
69:b3:be:56:f4:d5:4d:63:20:1e:a7:7c:99:3f:91:
03:f5:af:59:94:4a:ab:9f:75:a8:fd:d1:d4:7d:c5:
b5:f9:76:ac:b9:ce:9e:c2:73:b4:4c:29:4a:ab:d1:
a9:64:75:05:94:b3:bc:63:87:99:ff:ef:48:37:7a:
43:00:58:7b:a1:b5:2b:6f:c8:a9:e3:92:d9:3f:ab:
d4:10:42:e5:aa:6f:10:70:f1:71:a8:e6:92:c3:48:
02:fb:a2:50:ac:3b:61:6f:33:44:bc:fb:69:06:cb:
cb:f3:45:78:e6:15:c1:48:b4:3e:4b:74:47:be:d1:
a3:b7:00:af:86:a1:e7:e7:8f:70:9d:4e:bc:c4:4c:
8f:6e:24:e0:1c:07:33:8e:3c:70:a3:0d:7c:11:e5:
03:25:ff:39:55:53:80:90:a2:d0:a1:66:3b:6f:f2:
a7:04:ed:4c:aa:b4:2e:73:1d:5a:c2:65:05:a5:77:
ba:97:e7:40:bf:b6:c6:e5:64:57:56:f3:c6:7c:bb:
f3:01:d3:3f:b3:2f:87:4e:df:13:6f:85:0b:78:62:
60:75:5c:b8:c2:b5:6a:03:8f:50:79:b7:e1:0e:ad:
d5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:43:46:0B:38:88:B5:CB:8E:74:07:C3:D6:88:46:C6:29:BE:F8:F4
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/jkNGCziItcuOdAfD1ohGxim--PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.40.0/21
62.212.96.0/19
78.40.48.0/21
79.170.216.0/21
80.65.224.0/20
80.248.208.0/20
93.184.32.0/20
171.25.208.0/22
178.132.16.0/20
185.33.40.0/22
185.43.68.0/22
194.79.128.0/18
194.146.224.0/22
194.242.112.0/22
213.41.128.0/17
213.215.0.0/18
IPv6:
2001:7a8::/32
2a01:68::/32
2a01:6460::/32
Signature Algorithm: sha256WithRSAEncryption
98:5b:64:73:7e:bc:ab:06:ca:62:56:c1:32:c6:59:d1:6d:ac:
b1:92:45:89:9e:29:68:ce:0c:44:3b:10:f1:7c:d2:0b:cc:ba:
eb:c2:17:9f:06:5d:cc:88:2c:8f:fe:e3:06:e6:20:d9:9f:78:
b6:04:85:fc:59:e5:8a:38:29:52:56:b9:82:a6:6c:b8:94:be:
6a:ee:93:e6:ad:a8:1c:d0:70:85:85:4a:e9:d7:ba:5b:6f:01:
fd:0e:9d:3e:95:4d:31:c9:14:ad:65:89:7d:ee:cd:8e:8a:4d:
ce:40:5e:b2:32:98:1e:34:fb:c6:4a:96:13:3f:9d:f1:eb:6a:
56:e9:1e:e8:bf:2b:6e:36:31:85:13:c7:85:68:48:20:d3:ff:
b9:36:c6:d4:1f:8f:99:ee:95:d9:39:e7:2d:a9:cf:60:0c:a1:
e9:af:a9:c9:4c:be:1a:c5:f4:84:36:71:d5:74:84:34:a3:42:
58:95:3a:ec:ce:2c:63:1a:b6:fb:f9:95:e2:40:14:f2:e1:0b:
15:aa:a4:8b:a0:eb:73:96:c2:e6:18:5e:da:c8:ff:77:be:db:
1d:b4:4c:6f:ef:97:80:b7:86:e6:e4:ce:e1:e8:79:03:83:10:
b1:ae:3d:2e:c0:bd:50:fc:7a:35:72:f4:aa:62:61:5c:08:f1:
b8:2e:14:3f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYVteHDRkXuyPdZ0eiS02DhbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4
NWNkYmEwHhcNMjMwMTAxMTMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTQzNDYwYjM4ODhiNWNiOGU3NDA3YzNkNjg4NDZjNjI5YmVmOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCy29lsKzKcImSFu8LGrA3mnk/Od
czscxFsfqNpps75W9NVNYyAep3yZP5ED9a9ZlEqrn3Wo/dHUfcW1+Xasuc6ewnO0
TClKq9GpZHUFlLO8Y4eZ/+9IN3pDAFh7obUrb8ip45LZP6vUEELlqm8QcPFxqOaS
w0gC+6JQrDthbzNEvPtpBsvL80V45hXBSLQ+S3RHvtGjtwCvhqHn549wnU68xEyP
biTgHAczjjxwow18EeUDJf85VVOAkKLQoWY7b/KnBO1MqrQucx1awmUFpXe6l+dA
v7bG5WRXVvPGfLvzAdM/sy+HTt8Tb4ULeGJgdVy4wrVqA49QebfhDq3VDQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFI5DRgs4iLXLjnQHw9aIRsYpvvj0MB8GA1UdIwQY
MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt
NzgxOGE4OTQ1NmNiLzEvamtOR0N6aUl0Y3VPZEFmRDFvaEd4aW0tLVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEtNzgxOGE4OTQ1NmNi
LzEvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBmBAIAATBgAwQDBRco
AwQFPtRgAwQDTigwAwQDT6rYAwQEUEHgAwQEUPjQAwQEXbggAwQCqxnQAwQEsoQQ
AwQCuSEoAwQCuStEAwQGwk+AAwQCwpLgAwQCwvJwAwQH1SmAAwQG1dcAMBsEAgAC
MBUDBQAgAQeoAwUAKgEAaAMFACoBZGAwDQYJKoZIhvcNAQELBQADggEBAJhbZHN+
vKsGymJWwTLGWdFtrLGSRYmeKWjODEQ7EPF80gvMuuvCF58GXcyILI/+4wbmINmf
eLYEhfxZ5Yo4KVJWuYKmbLiUvmruk+atqBzQcIWFSunXultvAf0OnT6VTTHJFK1l
iX3uzY6KTc5AXrIymB40+8ZKlhM/nfHralbpHui/K242MYUTx4VoSCDT/7k2xtQf
j5nuldk55y2pz2AMoemvqclMvhrF9IQ2cdV0hDSjQliVOuzOLGMatvv5leJAFPLh
CxWqpIug63OWwuYYXtrI/3e+2x20TG/vl4C3hubkzuHoeQODELGuPS7AvVD8ejVy
9KpiYVwI8bguFD8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:23 2024 by rpki-client on console-ams.rpki-client.org