Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JeKe-Pkx8uuIQ-EjpS2UrR2DRzQ.roa
File: JeKe-Pkx8uuIQ-EjpS2UrR2DRzQ.roa (raw, json)
Hash identifier: nx89v0HDoi6m/mhPBESvIZLl3J+gf41ZSLppfXGhng0=
Subject key identifier: 25:E2:9E:F8:F9:31:F2:EB:88:43:E1:23:A5:2D:94:AD:1D:83:47:34
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BFB0133864BF4C295C87BAF1B78421A47
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JeKe-Pkx8uuIQ-EjpS2UrR2DRzQ.roa
Signing time: Thu 23 Nov 2023 07:07:21 +0000
ROA not before: Thu 23 Nov 2023 07:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 78.142.242.0/23 maxlen: 24
78.142.241.0/24 maxlen: 24
178.239.204.0/24 maxlen: 24
93.114.195.0/24 maxlen: 24
203.0.9.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 17:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:01:33:86:4b:f4:c2:95:c8:7b:af:1b:78:42:1a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 23 07:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25e29ef8f931f2eb8843e123a52d94ad1d834734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2a:55:fc:db:d9:9d:ed:4a:64:d4:22:2a:0f:
df:aa:34:e2:98:b3:51:80:7d:f2:86:28:58:23:0a:
ad:c3:dd:dd:fa:51:0e:35:f0:c7:ef:09:fd:8d:08:
97:a0:17:05:6d:86:d0:2f:64:bd:1e:b6:99:4a:f8:
0c:2e:a5:df:ea:d2:82:df:06:83:3e:0c:7b:6d:4b:
5c:71:b9:5f:6f:67:40:f8:e0:ef:a4:ec:71:a1:c9:
22:5f:76:73:39:bc:36:b2:4b:71:4d:9e:fa:75:32:
3c:a1:3d:06:ae:66:50:a3:19:94:2f:77:7e:df:38:
68:a3:4d:55:25:1f:c3:9b:ea:98:79:4f:8b:44:a3:
77:b4:03:4d:d7:04:0a:08:8c:82:2d:b0:1a:61:6a:
73:fb:02:c5:32:f6:80:c4:72:d0:12:4f:be:0a:76:
cf:46:ed:d1:e5:b3:29:bc:c1:33:4f:e1:f0:72:5e:
16:8d:a6:bb:5e:81:2d:52:e0:0b:42:6c:8c:86:ca:
eb:b6:b4:96:31:00:61:82:3d:91:8d:08:65:9a:14:
61:3a:06:be:75:aa:6f:a8:af:ea:be:9d:40:a5:84:
b8:56:47:a8:01:ed:54:18:db:28:c3:b0:f8:84:17:
c3:a3:ad:c2:55:73:74:1e:b7:0c:a2:29:aa:81:3d:
d4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E2:9E:F8:F9:31:F2:EB:88:43:E1:23:A5:2D:94:AD:1D:83:47:34
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JeKe-Pkx8uuIQ-EjpS2UrR2DRzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.241.0-78.142.243.255
89.47.89.0/24
93.114.195.0/24
103.212.82.0/24
178.239.204.0/24
203.0.8.0/23
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:c2:d8:59:04:96:68:5b:72:a2:81:41:1e:80:0a:d8:0b:67:
92:46:e2:0d:c0:19:72:ef:aa:83:92:7e:7b:52:46:37:0c:aa:
b4:b0:c1:a9:d3:47:ce:a5:78:fe:1a:3e:29:70:cc:e4:0b:eb:
d2:fd:c1:e8:08:85:49:e9:85:04:18:a1:7e:4d:98:d1:1c:de:
c0:83:e2:ab:69:ce:20:8b:3f:0f:1a:b3:31:92:8e:51:c0:1c:
52:64:aa:2a:66:96:65:09:9d:1c:d4:55:05:93:84:13:55:60:
0f:75:6c:3a:df:ef:57:5f:fa:f3:0c:ac:23:d3:58:ee:83:82:
6e:df:7a:ed:01:9b:90:87:60:34:13:4c:5a:71:cf:d5:7d:f1:
5e:9c:18:33:79:05:be:9a:f7:e7:9b:84:ba:a7:a7:0f:4c:e1:
5b:06:b5:9f:11:e3:e2:ea:03:04:e7:43:ee:19:ff:3c:7a:55:
b6:0e:ef:37:51:c4:21:fe:03:3e:6e:66:8e:81:77:a6:57:b7:
78:08:2a:29:35:38:f9:c9:37:1b:b0:8e:17:5c:05:2e:69:c1:
bf:04:bc:6e:db:92:10:82:04:d4:2f:54:e9:f9:03:3a:75:45:
75:03:ff:b8:8e:37:25:a8:6b:a2:41:0f:88:5f:5f:ae:4d:a1:
4b:ea:8e:ac
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYv7ATOGS/TClch7rxt4QhpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTIzMDcwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWUyOWVmOGY5MzFmMmViODg0M2UxMjNhNTJkOTRhZDFkODM0NzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzipV/NvZne1KZNQiKg/fqjTimLNR
gH3yhihYIwqtw93d+lEONfDH7wn9jQiXoBcFbYbQL2S9HraZSvgMLqXf6tKC3waD
Pgx7bUtccblfb2dA+ODvpOxxockiX3ZzObw2sktxTZ76dTI8oT0GrmZQoxmUL3d+
3zhoo01VJR/Dm+qYeU+LRKN3tANN1wQKCIyCLbAaYWpz+wLFMvaAxHLQEk++CnbP
Ru3R5bMpvMEzT+Hwcl4Wjaa7XoEtUuALQmyMhsrrtrSWMQBhgj2RjQhlmhRhOga+
dapvqK/qvp1ApYS4VkeoAe1UGNsow7D4hBfDo63CVXN0HrcMoimqgT3USQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCXinvj5MfLriEPhI6UtlK0dg0c0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSmVLZS1Qa3g4dXVJUS1FanBTMlVyUjJEUnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBABOjvED
BAJOjvADBABZL1kDBABdcsMDBABn1FIDBACy78wDBAHLAAgDBADfG3IwDQYJKoZI
hvcNAQELBQADggEBAH/C2FkElmhbcqKBQR6ACtgLZ5JG4g3AGXLvqoOSfntSRjcM
qrSwwanTR86leP4aPilwzOQL69L9wegIhUnphQQYoX5NmNEc3sCD4qtpziCLPw8a
szGSjlHAHFJkqipmlmUJnRzUVQWThBNVYA91bDrf71df+vMMrCPTWO6Dgm7feu0B
m5CHYDQTTFpxz9V98V6cGDN5Bb6a9+ebhLqnpw9M4VsGtZ8R4+LqAwTnQ+4Z/zx6
VbYO7zdRxCH+Az5uZo6Bd6ZXt3gIKik1OPnJNxuwjhdcBS5pwb8EvG7bkhCCBNQv
VOn5Azp1RXUD/7iONyWoa6JBD4hfX65NoUvqjqw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org