Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/JRk5bLKVsmtQ3616fMocoBSgGDY.roa
File: JRk5bLKVsmtQ3616fMocoBSgGDY.roa (raw, json)
Hash identifier: xGB8i+iomzZxx8qqLK5uDMw0Qp2TvP5SEsoCfkJzvdg=
Subject key identifier: 25:19:39:6C:B2:95:B2:6B:50:DF:AD:7A:7C:CA:1C:A0:14:A0:18:36
Certificate issuer: /CN=58d2a356a5478155beaa8bc6256a86f6d5b3f73c
Certificate serial: 01856C53BEFC1D7132A2D0414E3011E24279
Authority key identifier: 58:D2:A3:56:A5:47:81:55:BE:AA:8B:C6:25:6A:86:F6:D5:B3:F7:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNKjVqVHgVW-qovGJWqG9tWz9zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/JRk5bLKVsmtQ3616fMocoBSgGDY.roa
Signing time: Sun 01 Jan 2023 07:55:05 +0000
ROA not before: Sun 01 Jan 2023 07:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16218
IP address blocks: 217.113.32.0/20 maxlen: 20
185.60.208.0/22 maxlen: 22
2a02:ea0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:be:fc:1d:71:32:a2:d0:41:4e:30:11:e2:42:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2a356a5478155beaa8bc6256a86f6d5b3f73c
Validity
Not Before: Jan 1 07:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2519396cb295b26b50dfad7a7cca1ca014a01836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4b:9f:68:b8:62:24:88:a5:27:c4:4b:f8:15:
20:2a:95:e0:06:f0:63:86:aa:38:ec:42:a0:9e:a6:
13:c9:ee:5e:80:2d:01:37:4b:a7:08:16:38:b9:67:
16:e1:5e:df:44:2d:7b:fa:82:d2:88:da:ca:77:76:
c0:c5:22:f9:2f:48:a8:6b:bc:4e:15:bd:9e:d4:18:
ed:79:01:8c:63:ea:ec:9b:d1:67:01:05:9c:35:c6:
d2:2a:32:f3:d8:56:2b:37:f7:95:7c:8d:12:dd:87:
bd:72:fc:d9:0b:d8:2b:70:4f:55:90:fb:a7:23:df:
93:6c:72:d4:03:9b:8e:66:ae:b2:b9:07:7c:bd:b9:
ad:c9:31:10:ce:7a:44:e6:e5:d3:34:50:d2:d8:76:
2a:7b:fd:0e:a0:32:f0:f3:1f:d7:c4:51:ac:3c:df:
6e:4f:f1:3e:81:9c:9d:4c:29:2d:cb:d8:03:0b:94:
9c:4d:4b:d9:85:a8:12:dc:b9:0a:0e:01:8b:9a:d5:
99:27:01:f8:22:78:61:2d:cf:b5:c3:6f:bf:11:59:
c5:e4:7c:4c:42:c8:71:39:86:38:38:0c:da:59:59:
a5:f8:a2:8c:39:07:48:22:b2:f1:01:91:06:8f:bf:
c0:58:dc:e1:93:e3:82:d9:e5:1a:e8:b2:dc:8e:e6:
d3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:19:39:6C:B2:95:B2:6B:50:DF:AD:7A:7C:CA:1C:A0:14:A0:18:36
X509v3 Authority Key Identifier:
keyid:58:D2:A3:56:A5:47:81:55:BE:AA:8B:C6:25:6A:86:F6:D5:B3:F7:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNKjVqVHgVW-qovGJWqG9tWz9zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/JRk5bLKVsmtQ3616fMocoBSgGDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/WNKjVqVHgVW-qovGJWqG9tWz9zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.208.0/22
217.113.32.0/20
IPv6:
2a02:ea0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:03:60:cd:9d:45:94:e4:ac:e1:83:5c:30:0f:a4:6b:a0:7c:
ab:7a:60:cb:f0:ae:fc:5f:92:f8:e0:15:ef:41:d7:19:69:ed:
fa:35:e1:93:85:86:08:a5:29:c4:04:c9:3c:33:26:cd:ce:3b:
6a:27:ca:21:8e:a8:8a:4e:a6:82:40:79:44:15:73:72:4a:d8:
ec:e0:27:38:90:f5:b7:ba:92:ea:5e:93:24:40:69:57:16:3c:
8b:e0:68:60:5c:17:82:71:7f:de:01:5a:87:5f:aa:5d:f7:91:
32:d2:9d:b1:89:94:8f:5f:0f:34:84:84:a9:d5:6c:38:0c:69:
b1:3f:33:42:ef:85:45:c5:0f:52:9d:5f:0d:ed:b5:f9:13:0f:
2b:8b:40:43:fb:7d:41:92:44:6d:aa:73:ed:6b:a2:27:23:90:
0d:88:6c:10:2a:36:bb:21:f3:9e:d0:c9:7d:f7:33:4d:90:8f:
e2:e7:22:15:1c:3a:1c:6a:1c:05:0b:b6:84:f8:7b:fc:a2:e4:
32:28:95:84:35:07:5d:c1:7f:01:c0:ee:6e:49:56:88:37:d4:
c2:11:0e:28:4e:d2:c3:de:e7:26:85:49:20:b9:f2:6a:6a:5a:
54:46:1d:36:eb:f7:ff:03:34:76:a4:d0:45:55:bf:51:16:45:
96:d7:a5:58
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsU778HXEyotBBTjAR4kJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZDJhMzU2YTU0NzgxNTViZWFhOGJjNjI1NmE4NmY2ZDVi
M2Y3M2MwHhcNMjMwMTAxMDc1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTE5Mzk2Y2IyOTViMjZiNTBkZmFkN2E3Y2NhMWNhMDE0YTAxODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0ufaLhiJIilJ8RL+BUgKpXgBvBj
hqo47EKgnqYTye5egC0BN0unCBY4uWcW4V7fRC17+oLSiNrKd3bAxSL5L0ioa7xO
Fb2e1BjteQGMY+rsm9FnAQWcNcbSKjLz2FYrN/eVfI0S3Ye9cvzZC9grcE9VkPun
I9+TbHLUA5uOZq6yuQd8vbmtyTEQznpE5uXTNFDS2HYqe/0OoDLw8x/XxFGsPN9u
T/E+gZydTCkty9gDC5ScTUvZhagS3LkKDgGLmtWZJwH4InhhLc+1w2+/EVnF5HxM
QshxOYY4OAzaWVml+KKMOQdIIrLxAZEGj7/AWNzhk+OC2eUa6LLcjubTFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCUZOWyylbJrUN+tenzKHKAUoBg2MB8GA1UdIwQY
MBaAFFjSo1alR4FVvqqLxiVqhvbVs/c8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV05LalZxVkhnVlctcW92R0pXcUc5dFd6OXp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kNWFmYzItYjA0Yy00NDZkLTlhMDQt
OTA1MzA1NGE1Y2FiLzEvSlJrNWJMS1ZzbXRRMzYxNmZNb2NvQlNnR0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9kNWFmYzItYjA0Yy00NDZkLTlhMDQtOTA1MzA1NGE1Y2Fi
LzEvV05LalZxVkhnVlctcW92R0pXcUc5dFd6OXp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTzQAwQE
2XEgMA0EAgACMAcDBQMqAg6gMA0GCSqGSIb3DQEBCwUAA4IBAQCiA2DNnUWU5Kzh
g1wwD6RroHyremDL8K78X5L44BXvQdcZae36NeGThYYIpSnEBMk8MybNzjtqJ8oh
jqiKTqaCQHlEFXNyStjs4Cc4kPW3upLqXpMkQGlXFjyL4GhgXBeCcX/eAVqHX6pd
95Ey0p2xiZSPXw80hISp1Ww4DGmxPzNC74VFxQ9SnV8N7bX5Ew8ri0BD+31BkkRt
qnPta6InI5ANiGwQKja7IfOe0Ml99zNNkI/i5yIVHDocahwFC7aE+Hv8ouQyKJWE
NQddwX8BwO5uSVaIN9TCEQ4oTtLD3ucmhUkgufJqalpURh026/f/AzR2pNBFVb9R
FkWW16VY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:43 2024 by rpki-client on console-ams.rpki-client.org