Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/cd7047-0816-4821-8dea-6078efd0785e/1/JG9kyEdZVn2SqhYkEew99UI0yAk.roa
File: JG9kyEdZVn2SqhYkEew99UI0yAk.roa (raw, json)
Hash identifier: K61B+Mb5yEzn0UeqXLZlkPz4+Sm7q6e3hpOc5nji10w=
Subject key identifier: 24:6F:64:C8:47:59:56:7D:92:AA:16:24:11:EC:3D:F5:42:34:C8:09
Certificate issuer: /CN=0b78b2d3f62700fe67e593b5a33d1cf91789252f
Certificate serial: 0185729EEAE447AF36E82E9A43D0E97803C9
Authority key identifier: 0B:78:B2:D3:F6:27:00:FE:67:E5:93:B5:A3:3D:1C:F9:17:89:25:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C3iy0_YnAP5n5ZO1oz0c-ReJJS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/cd7047-0816-4821-8dea-6078efd0785e/1/JG9kyEdZVn2SqhYkEew99UI0yAk.roa
Signing time: Mon 02 Jan 2023 13:14:55 +0000
ROA not before: Mon 02 Jan 2023 13:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50359
IP address blocks: 82.146.15.0/24 maxlen: 24
212.72.206.0/24 maxlen: 24
176.113.92.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:ea:e4:47:af:36:e8:2e:9a:43:d0:e9:78:03:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b78b2d3f62700fe67e593b5a33d1cf91789252f
Validity
Not Before: Jan 2 13:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=246f64c84759567d92aa162411ec3df54234c809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:94:19:e3:09:d0:6d:33:19:db:e7:75:94:48:
4d:c3:13:81:bd:9c:70:ca:7d:15:15:61:9d:49:20:
53:ea:71:0d:02:f2:8a:f6:74:83:0f:f6:10:40:c5:
30:41:e0:78:04:1f:94:7e:8c:8a:70:ae:d4:c4:25:
3b:63:24:21:dc:be:f9:e5:75:df:28:03:ca:44:a8:
98:f9:9c:5f:5e:5b:39:e3:be:f7:02:40:b2:ba:bf:
6c:29:46:73:c1:c9:f5:01:65:c2:3b:f2:b7:b8:a4:
83:5d:3f:65:9f:94:03:35:d6:9f:f9:e7:5b:41:04:
82:33:8d:84:1a:34:e9:65:f7:cd:69:be:59:af:22:
19:ba:ff:6f:4b:8d:3e:10:c0:b3:85:e7:d0:74:dd:
6f:56:2a:77:19:5a:1d:98:12:2e:50:69:81:ee:51:
dd:48:b8:9c:bb:22:d9:39:27:56:fd:f6:4f:5c:28:
da:ed:9d:1c:30:5c:90:c4:76:10:dc:b9:2b:df:ab:
fe:bf:0c:6b:3f:98:6e:34:70:81:08:6a:67:b5:a0:
f1:a4:ce:03:35:af:2a:b1:20:49:7c:a4:bd:ca:f7:
aa:b1:df:4f:bc:0c:67:43:f7:da:41:e2:6b:dc:cb:
4c:a6:85:9b:45:e1:a8:b4:76:f4:d8:b5:e8:1f:4f:
53:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:6F:64:C8:47:59:56:7D:92:AA:16:24:11:EC:3D:F5:42:34:C8:09
X509v3 Authority Key Identifier:
keyid:0B:78:B2:D3:F6:27:00:FE:67:E5:93:B5:A3:3D:1C:F9:17:89:25:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C3iy0_YnAP5n5ZO1oz0c-ReJJS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/cd7047-0816-4821-8dea-6078efd0785e/1/JG9kyEdZVn2SqhYkEew99UI0yAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/cd7047-0816-4821-8dea-6078efd0785e/1/C3iy0_YnAP5n5ZO1oz0c-ReJJS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.15.0/24
176.113.92.0/23
212.72.206.0/24
Signature Algorithm: sha256WithRSAEncryption
20:87:4c:57:84:e1:c8:9f:1d:14:cb:d2:f3:12:13:a9:a3:32:
7e:bf:01:09:a0:2a:be:3f:ad:b8:12:f7:77:6f:de:a8:94:0c:
bc:5e:79:53:10:eb:06:57:51:af:ad:69:c2:62:58:36:c4:7e:
1f:fb:6d:f2:de:14:6b:5b:81:34:5e:ef:0e:37:53:96:20:18:
43:4f:1a:43:11:cb:60:1d:8c:d5:78:85:20:76:f8:16:2c:44:
51:d0:40:9c:74:95:ee:11:42:c7:42:b7:48:8f:4b:8c:1d:07:
9d:46:b4:3a:ca:e3:01:04:72:e6:3d:60:9f:b9:08:76:fc:b7:
0a:66:41:6c:52:d5:88:e8:3a:5f:56:ba:65:90:1f:fc:79:c9:
f9:d7:d1:36:88:a8:51:75:01:93:ad:5e:a9:3a:ed:2e:1f:06:
2e:e0:00:b8:86:68:10:b2:99:77:7c:df:cc:aa:4e:0c:da:90:
e6:8b:37:ed:ea:81:10:73:0f:d3:cd:ad:9c:5a:e5:ba:f7:9b:
bb:1c:9d:7c:68:2f:f7:65:b8:4e:12:96:33:53:55:91:d9:c0:
60:80:48:8a:d9:a3:06:21:89:d2:7a:51:ac:92:86:ac:64:fc:
a1:a2:24:d8:71:92:4a:78:4a:20:93:25:c0:cd:58:45:f3:5e:
80:f5:8d:44
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVynurkR6826C6aQ9DpeAPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNzhiMmQzZjYyNzAwZmU2N2U1OTNiNWEzM2QxY2Y5MTc4
OTI1MmYwHhcNMjMwMTAyMTMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDZmNjRjODQ3NTk1NjdkOTJhYTE2MjQxMWVjM2RmNTQyMzRjODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJQZ4wnQbTMZ2+d1lEhNwxOBvZxw
yn0VFWGdSSBT6nENAvKK9nSDD/YQQMUwQeB4BB+UfoyKcK7UxCU7YyQh3L755XXf
KAPKRKiY+ZxfXls54773AkCyur9sKUZzwcn1AWXCO/K3uKSDXT9ln5QDNdaf+edb
QQSCM42EGjTpZffNab5ZryIZuv9vS40+EMCzhefQdN1vVip3GVodmBIuUGmB7lHd
SLicuyLZOSdW/fZPXCja7Z0cMFyQxHYQ3Lkr36v+vwxrP5huNHCBCGpntaDxpM4D
Na8qsSBJfKS9yveqsd9PvAxnQ/faQeJr3MtMpoWbReGotHb02LXoH09TPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCRvZMhHWVZ9kqoWJBHsPfVCNMgJMB8GA1UdIwQY
MBaAFAt4stP2JwD+Z+WTtaM9HPkXiSUvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzNpeTBfWW5BUDVuNVpPMW96MGMtUmVKSlM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jZDcwNDctMDgxNi00ODIxLThkZWEt
NjA3OGVmZDA3ODVlLzEvSkc5a3lFZFpWbjJTcWhZa0Vldzk5VUkweUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jZDcwNDctMDgxNi00ODIxLThkZWEtNjA3OGVmZDA3ODVl
LzEvQzNpeTBfWW5BUDVuNVpPMW96MGMtUmVKSlM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpIPAwQB
sHFcAwQA1EjOMA0GCSqGSIb3DQEBCwUAA4IBAQAgh0xXhOHInx0Uy9LzEhOpozJ+
vwEJoCq+P624Evd3b96olAy8XnlTEOsGV1GvrWnCYlg2xH4f+23y3hRrW4E0Xu8O
N1OWIBhDTxpDEctgHYzVeIUgdvgWLERR0ECcdJXuEULHQrdIj0uMHQedRrQ6yuMB
BHLmPWCfuQh2/LcKZkFsUtWI6DpfVrplkB/8ecn519E2iKhRdQGTrV6pOu0uHwYu
4AC4hmgQspl3fN/Mqk4M2pDmizft6oEQcw/Tza2cWuW695u7HJ18aC/3ZbhOEpYz
U1WR2cBggEiK2aMGIYnSelGskoasZPyhoiTYcZJKeEogkyXAzVhF816A9Y1E
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:41 2024 by rpki-client on console-ams.rpki-client.org