Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/jg53Hag-D0-aFZ7pKxpARNkrRFg.roa
File: jg53Hag-D0-aFZ7pKxpARNkrRFg.roa (raw, json)
Hash identifier: EnzoQH0uY5MHpYD/sPP/cY0n/zXWtI1ksUpW7xy95Uc=
Subject key identifier: 8E:0E:77:1D:A8:3E:0F:4F:9A:15:9E:E9:2B:1A:40:44:D9:2B:44:58
Certificate issuer: /CN=36fe3a91263e2e8319c2a678e629851d09e77f0d
Certificate serial: 01879086BA819D1040538B51F8F56C06FAD8
Authority key identifier: 36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/jg53Hag-D0-aFZ7pKxpARNkrRFg.roa
Signing time: Mon 17 Apr 2023 18:42:41 +0000
ROA not before: Mon 17 Apr 2023 18:42:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199319
IP address blocks: 185.228.140.0/22 maxlen: 22
185.38.224.0/22 maxlen: 22
2a00:fb20:8000::/33 maxlen: 33
2a00:fb20::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:90:86:ba:81:9d:10:40:53:8b:51:f8:f5:6c:06:fa:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36fe3a91263e2e8319c2a678e629851d09e77f0d
Validity
Not Before: Apr 17 18:42:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e0e771da83e0f4f9a159ee92b1a4044d92b4458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f8:80:4e:72:84:68:81:ea:5e:52:da:bc:9d:
60:4d:09:c5:56:38:60:c6:7d:86:88:d4:ca:6f:a3:
66:69:22:38:e9:75:5b:cd:63:70:58:a4:0e:1f:48:
5f:5f:18:8b:08:da:22:e0:86:9c:10:df:7c:90:54:
f9:0d:5e:ab:3b:c4:e3:f0:2f:e6:7c:fd:d8:0e:ce:
07:8d:50:81:a0:bc:47:1d:5e:1a:8d:f2:5a:6c:50:
60:98:27:05:aa:99:dd:19:09:a3:82:ae:0f:14:fa:
a4:df:9e:c1:68:61:d5:c5:02:4e:c3:ea:d9:1a:6f:
97:5d:54:27:6f:20:d2:e7:b7:6c:e3:94:8f:c2:0e:
fe:ba:a5:10:dd:08:ce:cb:c0:3d:54:d0:b0:ad:18:
f1:dc:4c:7d:e5:d3:d9:21:0c:a2:93:b0:ff:88:79:
f7:f8:e6:f0:9c:8f:34:93:e8:f7:d5:61:df:15:42:
5d:37:ae:0f:32:25:ae:af:4c:0f:3e:40:2d:e0:5a:
ac:4b:e0:35:35:91:84:f2:06:07:ee:ec:5c:c4:2f:
e7:a3:57:62:d4:7a:b1:d8:f4:e5:4f:8e:d1:b5:b3:
03:0d:01:01:eb:d4:36:bc:88:32:f0:ac:3e:2c:e0:
0b:bb:49:33:eb:76:59:f9:f2:c4:f5:80:44:d1:3f:
f6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:0E:77:1D:A8:3E:0F:4F:9A:15:9E:E9:2B:1A:40:44:D9:2B:44:58
X509v3 Authority Key Identifier:
keyid:36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/jg53Hag-D0-aFZ7pKxpARNkrRFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.224.0/22
185.228.140.0/22
IPv6:
2a00:fb20::/32
Signature Algorithm: sha256WithRSAEncryption
8b:bf:b6:e3:e7:f7:1a:3a:bc:af:99:4c:9b:92:26:5f:9a:a4:
56:88:86:52:c7:ec:81:7f:30:ac:08:6f:82:fb:2d:76:7a:39:
bc:24:1a:30:a3:55:36:65:95:50:d5:66:f9:c9:a3:6b:b5:b7:
31:cf:37:c7:43:15:5b:cf:22:1d:fc:7e:85:81:96:31:f0:de:
22:25:ad:95:13:75:16:d9:82:18:f0:59:05:c0:2f:be:9d:59:
a2:48:08:e9:75:6b:49:00:03:fd:bf:33:f9:11:04:0f:dd:84:
92:df:c9:ee:28:2e:62:c0:99:cf:19:10:a5:f3:f0:e7:fa:fa:
b3:0a:22:9d:6d:68:9b:dc:ca:0a:53:86:8f:35:5f:d1:06:6c:
7e:7e:57:4b:91:d6:42:e0:5a:8c:d7:de:2b:47:7f:bd:4c:e1:
78:0a:52:85:24:9c:df:13:9d:3f:08:97:89:f1:69:07:08:23:
cf:b8:04:cf:1e:05:ed:72:17:e1:64:16:dc:95:53:78:c2:27:
09:24:f3:54:bc:22:50:80:e6:29:1b:24:45:d2:eb:8b:e7:6b:
a5:56:d4:4c:78:cc:d5:bb:8c:40:e4:e7:1c:8d:bf:69:d2:84:
50:c5:f6:cc:53:d2:99:81:10:49:13:65:a7:fc:e9:ca:c4:36:
95:02:62:21
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYeQhrqBnRBAU4tR+PVsBvrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZmUzYTkxMjYzZTJlODMxOWMyYTY3OGU2Mjk4NTFkMDll
NzdmMGQwHhcNMjMwNDE3MTg0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTBlNzcxZGE4M2UwZjRmOWExNTllZTkyYjFhNDA0NGQ5MmI0NDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfiATnKEaIHqXlLavJ1gTQnFVjhg
xn2GiNTKb6NmaSI46XVbzWNwWKQOH0hfXxiLCNoi4IacEN98kFT5DV6rO8Tj8C/m
fP3YDs4HjVCBoLxHHV4ajfJabFBgmCcFqpndGQmjgq4PFPqk357BaGHVxQJOw+rZ
Gm+XXVQnbyDS57ds45SPwg7+uqUQ3QjOy8A9VNCwrRjx3Ex95dPZIQyik7D/iHn3
+ObwnI80k+j31WHfFUJdN64PMiWur0wPPkAt4FqsS+A1NZGE8gYH7uxcxC/no1di
1Hqx2PTlT47RtbMDDQEB69Q2vIgy8Kw+LOALu0kz63ZZ+fLE9YBE0T/2AQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI4Odx2oPg9PmhWe6SsaQETZK0RYMB8GA1UdIwQY
MBaAFDb+OpEmPi6DGcKmeOYphR0J538NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYt
ZmEzZTA5MDFmMjQwLzEvamc1M0hhZy1EMC1hRlo3cEt4cEFSTmtyUkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYtZmEzZTA5MDFmMjQw
LzEvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSbgAwQC
ueSMMA0EAgACMAcDBQAqAPsgMA0GCSqGSIb3DQEBCwUAA4IBAQCLv7bj5/caOryv
mUybkiZfmqRWiIZSx+yBfzCsCG+C+y12ejm8JBowo1U2ZZVQ1Wb5yaNrtbcxzzfH
QxVbzyId/H6FgZYx8N4iJa2VE3UW2YIY8FkFwC++nVmiSAjpdWtJAAP9vzP5EQQP
3YSS38nuKC5iwJnPGRCl8/Dn+vqzCiKdbWib3MoKU4aPNV/RBmx+fldLkdZC4FqM
194rR3+9TOF4ClKFJJzfE50/CJeJ8WkHCCPPuATPHgXtchfhZBbclVN4wicJJPNU
vCJQgOYpGyRF0uuL52ulVtRMeMzVu4xA5Occjb9p0oRQxfbMU9KZgRBJE2Wn/OnK
xDaVAmIh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:35 2024 by rpki-client on console-ams.rpki-client.org