Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/JjXjLJJmVWMeHUxwcIobplqvZqk.roa
File: JjXjLJJmVWMeHUxwcIobplqvZqk.roa (raw, json)
Hash identifier: 2eY/blXbjnsTwvnfHWryny0Ko3jqMsutM8hJyyVoypQ=
Subject key identifier: 26:35:E3:2C:92:66:55:63:1E:1D:4C:70:70:8A:1B:A6:5A:AF:66:A9
Certificate issuer: /CN=d8073d06b58652f849fa8bcf3cec6b950909bd68
Certificate serial: 0187C6EAFB9FE8A781F9CEFFA6FA4E99D81E
Authority key identifier: D8:07:3D:06:B5:86:52:F8:49:FA:8B:CF:3C:EC:6B:95:09:09:BD:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/JjXjLJJmVWMeHUxwcIobplqvZqk.roa
Signing time: Fri 28 Apr 2023 08:11:41 +0000
ROA not before: Fri 28 Apr 2023 08:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61121
IP address blocks: 185.18.4.0/23 maxlen: 24
185.18.4.0/22 maxlen: 24
185.18.4.0/24 maxlen: 24
185.18.7.0/24 maxlen: 24
185.18.5.0/24 maxlen: 24
185.18.6.0/24 maxlen: 24
185.18.6.0/23 maxlen: 24
2a03:f1c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c6:ea:fb:9f:e8:a7:81:f9:ce:ff:a6:fa:4e:99:d8:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8073d06b58652f849fa8bcf3cec6b950909bd68
Validity
Not Before: Apr 28 08:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2635e32c926655631e1d4c70708a1ba65aaf66a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1d:df:d5:ed:c4:86:73:ca:69:c2:5f:2b:08:
cd:59:9a:8e:8e:bf:56:b0:4c:b6:35:d1:e8:36:d1:
eb:06:b3:db:27:d3:13:06:da:b8:9e:a9:95:f6:82:
c2:85:3b:f6:01:26:d6:e4:4c:3a:f6:b9:13:4a:d5:
9e:60:a8:bc:0a:3e:85:ad:ba:ac:8e:f7:ad:c3:47:
f0:58:f1:61:3e:85:e8:e9:72:3a:97:d7:4d:12:ec:
2d:8d:cc:63:2b:3b:8a:e9:d2:3a:70:33:8b:40:45:
5f:40:39:dc:8c:14:1c:f3:06:2e:c5:13:e3:c1:bc:
0f:a9:6b:ef:30:0f:7a:d5:39:b2:d1:ea:72:ba:94:
a8:d7:96:4a:0c:c7:d3:53:74:9d:79:60:a0:03:62:
5f:35:cd:c2:a7:c2:71:dc:eb:dd:20:72:04:18:0e:
84:82:92:52:42:b4:7b:cb:32:18:97:fd:27:17:90:
b8:d2:65:94:65:f6:ca:e9:6d:62:c5:91:4c:d8:bc:
ff:d2:52:d7:07:ef:67:49:6d:07:38:88:ac:fa:48:
9d:a9:32:d0:94:d7:5c:38:c0:ef:0a:61:b2:78:68:
97:07:47:10:e3:76:08:7a:11:52:2d:eb:0d:31:25:
e2:aa:9e:53:5a:19:9c:ac:f3:a7:aa:8f:a9:14:7a:
fc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:35:E3:2C:92:66:55:63:1E:1D:4C:70:70:8A:1B:A6:5A:AF:66:A9
X509v3 Authority Key Identifier:
keyid:D8:07:3D:06:B5:86:52:F8:49:FA:8B:CF:3C:EC:6B:95:09:09:BD:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/JjXjLJJmVWMeHUxwcIobplqvZqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.4.0/22
IPv6:
2a03:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
06:cf:01:a5:ee:7d:a4:40:16:f6:48:81:dd:7c:ae:7e:8b:fb:
23:06:d6:5a:c8:b5:b2:b1:93:03:f8:b2:b3:ea:a3:c1:0a:f5:
d8:d6:e9:ed:4d:ea:64:53:c3:c7:41:c6:21:7b:b1:e6:3a:d3:
44:ca:c6:78:9a:62:a9:3a:82:19:19:0b:4c:54:9b:f4:fc:06:
df:4d:9b:ac:46:3e:fe:05:a4:9e:60:87:de:d9:43:43:cd:63:
c3:12:5e:de:fd:35:f9:35:52:a2:cd:e1:4f:dd:7e:36:11:ba:
d5:79:f8:9f:ad:37:ed:ad:91:4a:a8:e6:b1:c0:0c:6f:03:cb:
3a:5a:ef:dd:30:3d:6e:ad:8c:85:d0:56:ba:9a:57:e4:04:49:
33:f6:9b:38:75:11:22:89:4e:96:bd:fb:f7:f7:d4:c4:75:33:
11:cd:9b:1f:27:90:a4:e1:4c:c0:c6:55:fd:6c:d2:a2:60:74:
e6:67:55:ac:8b:12:18:88:5a:8e:a7:24:70:a5:f2:91:a2:a4:
5c:ba:ff:a4:24:6f:71:90:8a:9b:5f:36:3a:93:ec:6f:10:83:
01:3b:3d:47:4f:6c:92:00:90:e4:3d:d8:42:b4:67:e6:82:73:
2a:cb:8e:9a:a9:1a:11:13:4d:4c:1e:87:84:25:1f:02:d7:96:
30:37:07:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfG6vuf6KeB+c7/pvpOmdgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDczZDA2YjU4NjUyZjg0OWZhOGJjZjNjZWM2Yjk1MDkw
OWJkNjgwHhcNMjMwNDI4MDgxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjM1ZTMyYzkyNjY1NTYzMWUxZDRjNzA3MDhhMWJhNjVhYWY2NmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR3f1e3EhnPKacJfKwjNWZqOjr9W
sEy2NdHoNtHrBrPbJ9MTBtq4nqmV9oLChTv2ASbW5Ew69rkTStWeYKi8Cj6Frbqs
jvetw0fwWPFhPoXo6XI6l9dNEuwtjcxjKzuK6dI6cDOLQEVfQDncjBQc8wYuxRPj
wbwPqWvvMA961Tmy0epyupSo15ZKDMfTU3SdeWCgA2JfNc3Cp8Jx3OvdIHIEGA6E
gpJSQrR7yzIYl/0nF5C40mWUZfbK6W1ixZFM2Lz/0lLXB+9nSW0HOIis+kidqTLQ
lNdcOMDvCmGyeGiXB0cQ43YIehFSLesNMSXiqp5TWhmcrPOnqo+pFHr8FQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCY14yySZlVjHh1McHCKG6Zar2apMB8GA1UdIwQY
MBaAFNgHPQa1hlL4SfqLzzzsa5UJCb1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFjOUJyV0dVdmhKLW92UFBPeHJsUWtKdldnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MjE5MjAtOTM5Yi00MTJiLWEzYzUt
MjMyOWQ3OWM0YWUzLzEvSmpYakxKSm1WV01lSFV4d2NJb2JwbHF2WnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MjE5MjAtOTM5Yi00MTJiLWEzYzUtMjMyOWQ3OWM0YWUz
LzEvMkFjOUJyV0dVdmhKLW92UFBPeHJsUWtKdldnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRIEMA0E
AgACMAcDBQAqA/HAMA0GCSqGSIb3DQEBCwUAA4IBAQAGzwGl7n2kQBb2SIHdfK5+
i/sjBtZayLWysZMD+LKz6qPBCvXY1untTepkU8PHQcYhe7HmOtNEysZ4mmKpOoIZ
GQtMVJv0/AbfTZusRj7+BaSeYIfe2UNDzWPDEl7e/TX5NVKizeFP3X42EbrVefif
rTftrZFKqOaxwAxvA8s6Wu/dMD1urYyF0Fa6mlfkBEkz9ps4dREiiU6Wvfv399TE
dTMRzZsfJ5Ck4UzAxlX9bNKiYHTmZ1WsixIYiFqOpyRwpfKRoqRcuv+kJG9xkIqb
XzY6k+xvEIMBOz1HT2ySAJDkPdhCtGfmgnMqy46aqRoRE01MHoeEJR8C15YwNwcy
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:05 2024 by rpki-client on console-ams.rpki-client.org