Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Jxfp-gndDF28-pqzX-ZUJ3LXTQ0.roa
File: Jxfp-gndDF28-pqzX-ZUJ3LXTQ0.roa (raw, json)
Hash identifier: hIBrrQkeLuLRh3s0y/n8xVy5pdWZ0qvx39s9f7Xr5ss=
Subject key identifier: 27:17:E9:FA:09:DD:0C:5D:BC:FA:9A:B3:5F:E6:54:27:72:D7:4D:0D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185710311A7CCBD8BB8B6417E5AA2A16653
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Jxfp-gndDF28-pqzX-ZUJ3LXTQ0.roa
Signing time: Mon 02 Jan 2023 05:45:04 +0000
ROA not before: Mon 02 Jan 2023 05:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 194.5.83.0/24 maxlen: 24
45.8.70.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.4.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
194.61.40.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:11:a7:cc:bd:8b:b8:b6:41:7e:5a:a2:a1:66:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2717e9fa09dd0c5dbcfa9ab35fe6542772d74d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:ab:8d:5d:bd:6c:45:77:28:b3:1b:88:dc:
dd:9e:52:c3:81:8d:e8:58:0a:f3:18:09:de:3d:96:
c3:31:28:5b:ca:d4:40:46:f6:1f:e6:db:62:ef:11:
7b:71:9f:15:6b:85:ea:60:83:b9:67:31:7e:a4:a5:
d6:4c:54:3d:e0:13:1b:1d:a6:ef:fa:7b:fe:cd:f9:
e9:da:13:04:b1:65:6b:05:8d:56:0f:5c:4b:14:10:
15:cb:44:f8:85:c0:d6:f1:5e:c6:8b:32:ea:17:4b:
89:12:cd:c3:b6:e5:81:79:6f:c9:37:c2:65:7f:94:
f2:7b:fa:1c:93:09:f4:7d:8b:78:53:bd:f3:de:a8:
ca:00:25:f5:98:be:d0:2d:bb:15:ea:34:25:3c:70:
b7:69:cb:a9:80:54:38:a0:ab:e0:e4:0e:74:52:50:
41:19:3c:74:22:23:95:44:64:20:2e:d9:cb:67:24:
ef:32:98:66:06:17:92:29:97:33:90:77:8d:b9:f0:
3c:77:de:a1:ed:5a:3e:b3:85:2c:38:5f:dd:80:42:
9b:5f:70:ff:38:6e:c3:70:f7:21:9e:25:50:26:7d:
ad:73:2c:58:80:7d:c6:04:8e:2f:90:bd:60:c2:2d:
5f:90:0f:f8:20:75:f3:09:c4:c5:c1:70:27:f6:51:
45:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:17:E9:FA:09:DD:0C:5D:BC:FA:9A:B3:5F:E6:54:27:72:D7:4D:0D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Jxfp-gndDF28-pqzX-ZUJ3LXTQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.130.202.0/23
45.133.4.0/22
194.5.82.0/23
194.61.40.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:db:c6:94:bf:2c:0c:c9:e4:1f:b6:9d:39:5f:d0:41:39:ca:
5b:a1:2d:cb:c7:d4:d4:d2:ee:5e:ab:92:50:10:9d:0a:31:fd:
27:bb:3a:b9:9d:bb:7b:f1:42:63:0d:3e:0e:12:8a:50:48:6c:
71:01:d3:8e:3c:50:55:ff:2e:9a:49:65:e9:87:a5:89:8a:44:
48:7f:13:a6:d6:a0:81:41:24:b2:85:eb:a8:6e:01:b0:d1:4d:
36:59:2a:87:f0:09:8f:ef:66:c9:5d:c8:50:0e:bf:b8:97:d8:
7a:2e:fd:af:95:90:8b:ba:52:5b:1a:f1:19:4c:f5:c1:96:7a:
1d:90:78:47:cc:56:63:ab:53:73:31:31:d3:09:57:7e:07:8a:
68:79:42:81:23:60:3e:6d:83:0c:74:f2:85:6e:f9:b6:d5:a1:
19:0c:9c:47:e5:64:4b:6a:7f:ae:0f:fd:cc:02:8c:9f:40:1d:
c9:98:d8:44:05:96:40:fb:9c:83:e3:9c:5d:ec:a6:ca:a3:b5:
48:3e:63:10:a0:54:d7:c2:2a:f3:61:f7:6d:e8:02:ca:fe:03:
99:32:6c:74:fe:cf:35:5b:e7:8c:bb:09:b5:4f:c5:e6:89:3d:
26:5c:29:1a:81:6c:83:ef:98:a7:c5:d9:ee:65:73:7c:64:5a:
6c:bf:0c:fd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVxAxGnzL2LuLZBflqioWZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzE3ZTlmYTA5ZGQwYzVkYmNmYTlhYjM1ZmU2NTQyNzcyZDc0ZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF2rjV29bEV3KLMbiNzdnlLDgY3o
WArzGAnePZbDMShbytRARvYf5tti7xF7cZ8Va4XqYIO5ZzF+pKXWTFQ94BMbHabv
+nv+zfnp2hMEsWVrBY1WD1xLFBAVy0T4hcDW8V7GizLqF0uJEs3DtuWBeW/JN8Jl
f5Tye/ockwn0fYt4U73z3qjKACX1mL7QLbsV6jQlPHC3acupgFQ4oKvg5A50UlBB
GTx0IiOVRGQgLtnLZyTvMphmBheSKZczkHeNufA8d96h7Vo+s4UsOF/dgEKbX3D/
OG7DcPchniVQJn2tcyxYgH3GBI4vkL1gwi1fkA/4IHXzCcTFwXAn9lFFMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCcX6foJ3QxdvPqas1/mVCdy100NMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSnhmcC1nbmRERjI4LXBxelgtWlVKM0xYVFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQhGAwQB
LYLKAwQCLYUEAwQBwgVSAwQBwj0oMA0GCSqGSIb3DQEBCwUAA4IBAQCN28aUvywM
yeQftp05X9BBOcpboS3Lx9TU0u5eq5JQEJ0KMf0nuzq5nbt78UJjDT4OEopQSGxx
AdOOPFBV/y6aSWXph6WJikRIfxOm1qCBQSSyheuobgGw0U02WSqH8AmP72bJXchQ
Dr+4l9h6Lv2vlZCLulJbGvEZTPXBlnodkHhHzFZjq1NzMTHTCVd+B4poeUKBI2A+
bYMMdPKFbvm21aEZDJxH5WRLan+uD/3MAoyfQB3JmNhEBZZA+5yD45xd7KbKo7VI
PmMQoFTXwirzYfdt6ALK/gOZMmx0/s81W+eMuwm1T8XmiT0mXCkagWyD75inxdnu
ZXN8ZFpsvwz9
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org