Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/JbyY8qOTpyLmcm_fHl5ascSxjzY.roa
File: JbyY8qOTpyLmcm_fHl5ascSxjzY.roa (raw, json)
Hash identifier: IkLOgDhCJ1Pxu0aDaluMAMDbkRQyz8ZYFZG/eJxIOXk=
Subject key identifier: 25:BC:98:F2:A3:93:A7:22:E6:72:6F:DF:1E:5E:5A:B1:C4:B1:8F:36
Certificate issuer: /CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Certificate serial: 018D4072F35E5B2BB3E6B58129FAA4D54515
Authority key identifier: A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/JbyY8qOTpyLmcm_fHl5ascSxjzY.roa
Signing time: Thu 25 Jan 2024 11:48:11 +0000
ROA not before: Thu 25 Jan 2024 11:48:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200019
IP address blocks: 91.208.162.0/24 maxlen: 24
91.208.184.0/24 maxlen: 24
91.208.197.0/24 maxlen: 24
91.208.206.0/24 maxlen: 24
2a0f:5f40::/29 maxlen: 29
2a0f:5f40::/48 maxlen: 48
2a0f:5f40:1::/48 maxlen: 48
2a0f:5f47::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 10 May 2024 09:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:72:f3:5e:5b:2b:b3:e6:b5:81:29:fa:a4:d5:45:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Validity
Not Before: Jan 25 11:48:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25bc98f2a393a722e6726fdf1e5e5ab1c4b18f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:96:50:25:b3:cd:b9:97:b3:b7:e7:1c:75:
48:f0:7d:77:8d:8f:34:6a:21:66:b3:d3:6a:ea:d6:
5c:d9:bb:b0:a2:46:9c:d6:54:cb:19:1d:35:8f:79:
2c:a4:fc:70:76:c8:07:0e:b4:9f:f7:4b:46:7b:a6:
87:41:32:a4:35:20:dc:4b:f0:77:ab:97:d7:b5:37:
a9:89:07:d9:bc:87:0c:c8:45:8a:4d:59:5f:16:27:
f7:1f:a0:10:be:c3:9a:73:73:b2:f3:f5:3e:7d:b6:
33:5e:b8:7f:bb:72:5e:5f:9d:2e:a2:55:f2:ce:c3:
0e:50:fa:e4:c2:07:cc:b7:11:8d:87:9f:8c:94:a9:
95:ad:75:23:5f:32:2d:19:36:ec:a8:fa:af:07:c5:
a1:70:41:2a:ff:3d:e4:5a:38:cf:8b:eb:17:07:ba:
d8:f1:97:0a:3c:6e:f4:32:9e:00:b0:16:dc:14:93:
a6:7c:c6:35:42:69:a1:7d:a6:6e:d2:77:cf:f8:fa:
7a:18:cb:b3:fb:db:6c:33:78:a7:b3:92:c8:41:ff:
d5:d9:3e:db:af:be:6a:e2:07:3a:9f:f0:49:c1:85:
65:4e:e9:2c:1f:06:af:ca:e3:a9:d3:32:2c:15:2f:
27:74:2b:92:0c:aa:1e:0c:31:63:dd:3b:2d:eb:f0:
31:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BC:98:F2:A3:93:A7:22:E6:72:6F:DF:1E:5E:5A:B1:C4:B1:8F:36
X509v3 Authority Key Identifier:
keyid:A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/JbyY8qOTpyLmcm_fHl5ascSxjzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/pu1EK5HU6Dpt45-2eXGh55xrHtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.162.0/24
91.208.184.0/24
91.208.197.0/24
91.208.206.0/24
IPv6:
2a0f:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
0a:32:85:b2:9a:ae:ab:ac:f5:ef:63:7c:ea:aa:31:6b:14:32:
d3:12:4c:8f:2c:a1:df:06:63:75:fd:57:d4:bc:3e:26:1f:6f:
0c:55:84:f7:84:2e:7e:a6:4e:bc:f8:0c:1b:e9:78:01:bb:ab:
db:d9:ff:50:2f:ba:25:37:4a:cf:fd:35:75:ba:40:72:4d:61:
2d:df:c5:b1:49:f4:96:b7:5b:cb:64:ec:ed:17:c4:3e:e0:dd:
79:b1:37:f7:1f:30:44:c3:e6:82:0b:0c:6a:6c:d3:8a:d7:77:
18:1e:93:cf:70:71:ae:c8:fc:c1:c4:8b:14:8f:02:68:f0:a5:
83:ff:96:1b:75:f0:e0:bc:18:40:1d:c6:7c:0c:32:48:d4:ef:
8a:27:4f:55:18:2a:d7:03:c5:5a:70:c1:0a:b1:a6:da:bd:b5:
50:ac:93:54:ea:80:c1:ab:ff:d5:52:8a:02:42:7d:09:cb:80:
0b:0f:20:33:37:06:e0:07:d3:97:d2:a3:26:19:d6:a7:27:89:
29:b4:0a:6f:1b:58:ca:bd:bd:c7:e3:bd:33:c2:d3:f7:6d:8b:
8c:3a:d3:f6:07:1c:68:e4:3c:f7:77:7f:35:7e:be:89:84:69:
38:92:d6:a6:e5:0e:b9:fb:4f:e1:b4:8a:e0:55:ab:af:25:10:
9e:44:f4:48
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY1AcvNeWyuz5rWBKfqk1UUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZWQ0NDJiOTFkNGU4M2E2ZGUzOWZiNjc5NzFhMWU3OWM2
YjFlZDUwHhcNMjQwMTI1MTE0ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWJjOThmMmEzOTNhNzIyZTY3MjZmZGYxZTVlNWFiMWM0YjE4ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl16WUCWzzbmXs7fnHHVI8H13jY80
aiFms9Nq6tZc2buwokac1lTLGR01j3kspPxwdsgHDrSf90tGe6aHQTKkNSDcS/B3
q5fXtTepiQfZvIcMyEWKTVlfFif3H6AQvsOac3Oy8/U+fbYzXrh/u3JeX50uolXy
zsMOUPrkwgfMtxGNh5+MlKmVrXUjXzItGTbsqPqvB8WhcEEq/z3kWjjPi+sXB7rY
8ZcKPG70Mp4AsBbcFJOmfMY1QmmhfaZu0nfP+Pp6GMuz+9tsM3ins5LIQf/V2T7b
r75q4gc6n/BJwYVlTuksHwavyuOp0zIsFS8ndCuSDKoeDDFj3Tst6/AxNwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCW8mPKjk6ci5nJv3x5eWrHEsY82MB8GA1UdIwQY
MBaAFKbtRCuR1Og6beOftnlxoeecax7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQt
OTdjNWQ1OWIwYmJmLzEvSmJ5WThxT1RweUxtY21fZkhsNWFzY1N4anpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQtOTdjNWQ1OWIwYmJm
LzEvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9CiAwQA
W9C4AwQAW9DFAwQAW9DOMA0EAgACMAcDBQMqD19AMA0GCSqGSIb3DQEBCwUAA4IB
AQAKMoWymq6rrPXvY3zqqjFrFDLTEkyPLKHfBmN1/VfUvD4mH28MVYT3hC5+pk68
+Awb6XgBu6vb2f9QL7olN0rP/TV1ukByTWEt38WxSfSWt1vLZOztF8Q+4N15sTf3
HzBEw+aCCwxqbNOK13cYHpPPcHGuyPzBxIsUjwJo8KWD/5YbdfDgvBhAHcZ8DDJI
1O+KJ09VGCrXA8VacMEKsabavbVQrJNU6oDBq//VUooCQn0Jy4ALDyAzNwbgB9OX
0qMmGdanJ4kptApvG1jKvb3H470zwtP3bYuMOtP2Bxxo5Dz3d381fr6JhGk4ktam
5Q65+0/htIrgVauvJRCeRPRI
-----END CERTIFICATE-----
Generated at Fri May 10 13:38:31 2024 by rpki-client on console-fra.rpki-client.org