Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/JRIlSxQrNUWacCjuaRMPfRqQgls.roa
File: JRIlSxQrNUWacCjuaRMPfRqQgls.roa (raw, json)
Hash identifier: nAe47EomUZ+SLwhekkUk68TgqzSQj0uzJNX4DAN5wFk=
Subject key identifier: 25:12:25:4B:14:2B:35:45:9A:70:28:EE:69:13:0F:7D:1A:90:82:5B
Certificate issuer: /CN=46f01771d1cc8fd114c46a616206aa4c59dbdc19
Certificate serial: 0186133F2022804C759CCA89C2A47314A138
Authority key identifier: 46:F0:17:71:D1:CC:8F:D1:14:C4:6A:61:62:06:AA:4C:59:DB:DC:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/JRIlSxQrNUWacCjuaRMPfRqQgls.roa
Signing time: Thu 02 Feb 2023 17:49:09 +0000
ROA not before: Thu 02 Feb 2023 17:49:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213038
IP address blocks: 89.40.170.0/24 maxlen: 24
185.145.253.0/24 maxlen: 24
185.145.252.0/24 maxlen: 24
185.145.255.0/24 maxlen: 24
185.145.254.0/24 maxlen: 24
31.220.151.0/24 maxlen: 24
89.42.24.0/24 maxlen: 24
89.36.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:13:3f:20:22:80:4c:75:9c:ca:89:c2:a4:73:14:a1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46f01771d1cc8fd114c46a616206aa4c59dbdc19
Validity
Not Before: Feb 2 17:49:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2512254b142b35459a7028ee69130f7d1a90825b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b0:44:2c:bc:31:a8:ee:41:0c:65:f6:73:da:
b9:3b:c3:90:71:1f:b7:db:d0:cf:3e:f7:ad:8c:4a:
35:33:b9:1a:8f:38:0c:48:02:e9:96:c9:d0:ba:f5:
f4:7e:c0:17:84:a8:79:44:a7:de:30:15:28:4d:6e:
86:52:55:c4:4f:b1:a9:db:37:50:99:5a:84:e6:ad:
6f:2b:72:9c:96:b1:2a:37:9f:7f:5b:fe:74:a0:0d:
c7:f4:72:be:ce:66:c2:ed:fb:f4:75:d6:10:e4:59:
64:46:49:10:a0:5f:8c:46:97:27:a1:ec:64:51:a9:
6d:c0:b7:c1:d5:64:01:18:6d:73:14:e5:e2:75:d0:
3d:fa:4b:ff:05:aa:89:90:3a:7d:81:7c:d8:43:6f:
e2:69:dd:d9:0e:73:7d:b6:02:7e:3a:ed:4c:34:8b:
df:eb:43:0d:99:77:34:c2:82:ff:2b:ed:f8:be:57:
7f:8d:a1:60:e8:a9:c7:ae:e9:50:4c:5e:b0:c8:6a:
b6:3a:2e:e6:ad:da:63:91:c6:51:88:6b:ef:2a:c8:
6f:28:fe:49:e4:15:a6:a7:1a:b2:4f:bb:2c:1b:f0:
3f:b7:45:15:90:90:f6:7f:5c:66:cb:5f:d3:55:43:
f7:d8:01:fd:56:3b:1d:ed:65:52:16:25:c4:2e:cd:
2c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:12:25:4B:14:2B:35:45:9A:70:28:EE:69:13:0F:7D:1A:90:82:5B
X509v3 Authority Key Identifier:
keyid:46:F0:17:71:D1:CC:8F:D1:14:C4:6A:61:62:06:AA:4C:59:DB:DC:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/JRIlSxQrNUWacCjuaRMPfRqQgls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/RvAXcdHMj9EUxGphYgaqTFnb3Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.151.0/24
89.36.197.0/24
89.40.170.0/24
89.42.24.0/24
185.145.252.0/22
Signature Algorithm: sha256WithRSAEncryption
04:48:0e:ea:19:c1:a7:bf:d3:8e:16:96:9c:d4:1b:52:66:c0:
8b:0a:58:39:72:11:1e:03:56:5d:2c:10:c7:69:48:66:53:2e:
66:eb:9f:55:36:f2:c5:e5:ba:be:11:6c:69:18:65:d5:2d:83:
92:3e:72:c2:6b:7a:35:d8:98:b1:57:b2:dd:ac:b3:2b:10:d8:
f6:2b:6b:1f:02:63:4d:ee:4e:ba:c5:73:bb:7f:2e:bb:cc:ae:
91:55:d6:03:38:b7:c3:d9:69:57:58:c0:f4:3f:d1:a2:2d:25:
9f:43:2b:a9:21:f2:f6:c1:4d:ad:c4:1c:8c:e0:39:da:df:8c:
a8:03:29:c7:28:03:5e:fc:27:80:fc:bb:a1:2e:12:90:60:f2:
d8:e5:36:16:b5:52:df:a0:0c:d4:3b:21:26:27:b3:cc:4a:13:
ac:4e:7a:83:ae:55:7c:7e:8c:e4:94:6f:65:23:02:2a:06:f2:
5a:3c:4a:81:e2:9e:23:ff:df:70:ca:6a:88:72:ea:c6:a6:b6:
cd:6e:fd:31:fd:79:c4:62:37:1e:ba:74:51:30:61:63:4b:29:
37:c4:3b:18:8f:38:44:60:d5:67:49:9c:df:cb:dc:49:ab:0e:
6e:f6:e1:a9:08:ae:d4:c6:ad:88:00:0e:3e:d1:7f:b7:e5:15:
c2:26:0b:18
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYTPyAigEx1nMqJwqRzFKE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZjAxNzcxZDFjYzhmZDExNGM0NmE2MTYyMDZhYTRjNTlk
YmRjMTkwHhcNMjMwMjAyMTc0OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTEyMjU0YjE0MmIzNTQ1OWE3MDI4ZWU2OTEzMGY3ZDFhOTA4MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirBELLwxqO5BDGX2c9q5O8OQcR+3
29DPPvetjEo1M7kajzgMSALplsnQuvX0fsAXhKh5RKfeMBUoTW6GUlXET7Gp2zdQ
mVqE5q1vK3KclrEqN59/W/50oA3H9HK+zmbC7fv0ddYQ5FlkRkkQoF+MRpcnoexk
UaltwLfB1WQBGG1zFOXiddA9+kv/BaqJkDp9gXzYQ2/iad3ZDnN9tgJ+Ou1MNIvf
60MNmXc0woL/K+34vld/jaFg6KnHrulQTF6wyGq2Oi7mrdpjkcZRiGvvKshvKP5J
5BWmpxqyT7ssG/A/t0UVkJD2f1xmy1/TVUP32AH9Vjsd7WVSFiXELs0snQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCUSJUsUKzVFmnAo7mkTD30akIJbMB8GA1UdIwQY
MBaAFEbwF3HRzI/RFMRqYWIGqkxZ29wZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnZBWGNkSE1qOUVVeEdwaFlnYXFURm5iM0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ZTU3YTMtYTE4MS00NWRmLWI0YWUt
MzE2ZjZkYWJmZmJmLzEvSlJJbFN4UXJOVVdhY0NqdWFSTVBmUnFRZ2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ZTU3YTMtYTE4MS00NWRmLWI0YWUtMzE2ZjZkYWJmZmJm
LzEvUnZBWGNkSE1qOUVVeEdwaFlnYXFURm5iM0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH9yXAwQA
WSTFAwQAWSiqAwQAWSoYAwQCuZH8MA0GCSqGSIb3DQEBCwUAA4IBAQAESA7qGcGn
v9OOFpac1BtSZsCLClg5chEeA1ZdLBDHaUhmUy5m659VNvLF5bq+EWxpGGXVLYOS
PnLCa3o12JixV7LdrLMrENj2K2sfAmNN7k66xXO7fy67zK6RVdYDOLfD2WlXWMD0
P9GiLSWfQyupIfL2wU2txByM4Dna34yoAynHKANe/CeA/LuhLhKQYPLY5TYWtVLf
oAzUOyEmJ7PMShOsTnqDrlV8fozklG9lIwIqBvJaPEqB4p4j/99wymqIcurGprbN
bv0x/XnEYjceunRRMGFjSyk3xDsYjzhEYNVnSZzfy9xJqw5u9uGpCK7Uxq2IAA4+
0X+35RXCJgsY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:59 2024 by rpki-client on console-fra.rpki-client.org