Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-jJNSZzIVBsA4joTsl79XFlwHP4.roa
File: 1-jJNSZzIVBsA4joTsl79XFlwHP4.roa (raw, json)
Hash identifier: 8xd1zi1rm1mmzGJ90Ny97Zg3z2hS/M1CQCoD4kMbwFI=
Subject key identifier: FA:32:4D:49:9C:C8:54:1B:00:E2:3A:13:B2:5E:FD:5C:59:70:1C:FE
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018AAE10CA423ACCD970840F2CDAE642AFF6
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-jJNSZzIVBsA4joTsl79XFlwHP4.roa
Signing time: Tue 19 Sep 2023 15:30:50 +0000
ROA not before: Tue 19 Sep 2023 15:30:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208392
IP address blocks: 185.112.80.0/24 maxlen: 24
185.112.100.0/24 maxlen: 24
82.115.222.0/24 maxlen: 24
185.17.1.0/24 maxlen: 24
185.114.75.0/24 maxlen: 24
185.114.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Dec 2023 20:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ae:10:ca:42:3a:cc:d9:70:84:0f:2c:da:e6:42:af:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 19 15:30:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa324d499cc8541b00e23a13b25efd5c59701cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:88:cc:ca:00:2b:cc:43:7b:53:ab:b8:0d:ff:
f7:af:06:5f:18:0d:aa:60:3d:e9:d6:a5:c9:86:e8:
bf:d2:23:69:0f:3d:d8:38:9d:ad:12:5a:1c:3c:c7:
79:9c:13:2b:41:52:06:a7:b1:eb:90:ef:a8:cf:03:
d3:ac:c3:5c:cb:1c:11:f2:fb:c5:c4:bd:3c:8e:a4:
0b:2c:4c:e1:80:3c:8a:0b:27:39:95:57:73:b9:a3:
bd:33:90:9d:91:52:09:63:cf:d6:3b:63:f3:7c:3b:
67:bc:ab:2d:99:09:2a:2d:07:4f:72:d3:49:0a:0a:
0e:b7:dd:26:bb:c6:2a:3a:8b:c5:8b:7f:67:be:75:
81:c9:82:3d:ea:d5:42:5d:1b:ad:a8:e0:3e:f2:3a:
12:a0:ea:24:bb:9b:10:5b:53:54:5c:05:25:90:c5:
8c:2a:25:4e:d8:08:e1:8a:8a:05:66:49:87:c1:31:
5b:46:6b:81:e6:8d:87:14:35:12:6d:29:91:00:ff:
ca:33:8c:62:a1:2b:84:87:6b:44:89:06:67:0c:97:
8e:d0:32:6d:63:fa:c7:b7:51:d0:ee:4a:aa:c1:b8:
0d:6c:b8:85:be:81:91:18:43:3b:bd:2e:da:58:aa:
59:99:af:49:b0:b3:32:21:2b:5e:98:4d:f1:97:1e:
90:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:32:4D:49:9C:C8:54:1B:00:E2:3A:13:B2:5E:FD:5C:59:70:1C:FE
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-jJNSZzIVBsA4joTsl79XFlwHP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.222.0/24
185.17.1.0/24
185.112.80.0/24
185.112.100.0/24
185.114.74.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:84:c7:e5:fe:ff:3e:10:d6:1e:c2:69:8a:96:d1:98:8c:df:
07:31:36:8c:8e:10:c3:68:3e:d0:f7:b8:ac:dc:5d:48:76:79:
8f:8b:95:90:17:85:48:69:ab:58:21:b5:ab:d4:83:86:4c:af:
bc:b3:0e:f1:dd:76:f1:a2:10:fb:c4:57:81:27:1e:f1:30:ef:
2c:1e:8d:b5:62:da:5a:69:27:63:c5:91:83:07:17:42:d6:ed:
58:df:5e:96:f6:ef:17:9b:90:42:a7:37:1d:92:5e:cb:57:bc:
32:0d:5d:ff:8e:62:6a:9f:54:74:13:90:4b:d3:5e:25:f9:e5:
84:d9:fe:39:bc:33:b1:41:c4:54:df:79:73:63:60:c4:5e:53:
38:40:68:09:e0:28:53:7d:b1:87:13:5b:50:53:a2:fd:d6:d0:
9a:38:e7:98:8d:bf:44:a7:d5:45:ff:6a:9c:9f:54:fe:2f:06:
6b:12:21:03:e8:ca:ac:61:30:12:6b:3d:5b:9d:69:aa:7f:44:
b2:27:78:a0:ee:c8:9a:d0:77:fd:dc:fc:86:97:3f:6d:4e:c1:
10:76:3e:7c:16:1c:cd:3f:81:03:5e:c0:45:06:71:93:28:6b:
0d:01:ac:47:78:ce:27:d1:ec:72:55:df:89:03:9a:97:35:12:
07:78:65:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYquEMpCOszZcIQPLNrmQq/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwOTE5MTUzMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTMyNGQ0OTljYzg1NDFiMDBlMjNhMTNiMjVlZmQ1YzU5NzAxY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYjMygArzEN7U6u4Df/3rwZfGA2q
YD3p1qXJhui/0iNpDz3YOJ2tElocPMd5nBMrQVIGp7HrkO+ozwPTrMNcyxwR8vvF
xL08jqQLLEzhgDyKCyc5lVdzuaO9M5CdkVIJY8/WO2PzfDtnvKstmQkqLQdPctNJ
CgoOt90mu8YqOovFi39nvnWByYI96tVCXRutqOA+8joSoOoku5sQW1NUXAUlkMWM
KiVO2AjhiooFZkmHwTFbRmuB5o2HFDUSbSmRAP/KM4xioSuEh2tEiQZnDJeO0DJt
Y/rHt1HQ7kqqwbgNbLiFvoGRGEM7vS7aWKpZma9JsLMyIStemE3xlx6QnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPoyTUmcyFQbAOI6E7Je/VxZcBz+MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMS1qSk5TWnpJVkJzQTRqb1RzbDc5WEZsd0hQNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2Nk
Mi8xL3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFJz3gME
ALkRAQMEALlwUAMEALlwZAMEAblySjANBgkqhkiG9w0BAQsFAAOCAQEAnITH5f7/
PhDWHsJpipbRmIzfBzE2jI4Qw2g+0Pe4rNxdSHZ5j4uVkBeFSGmrWCG1q9SDhkyv
vLMO8d128aIQ+8RXgSce8TDvLB6NtWLaWmknY8WRgwcXQtbtWN9elvbvF5uQQqc3
HZJey1e8Mg1d/45iap9UdBOQS9NeJfnlhNn+ObwzsUHEVN95c2NgxF5TOEBoCeAo
U32xhxNbUFOi/dbQmjjnmI2/RKfVRf9qnJ9U/i8GaxIhA+jKrGEwEms9W51pqn9E
sid4oO7ImtB3/dz8hpc/bU7BEHY+fBYczT+BA17ARQZxkyhrDQGsR3jOJ9HsclXf
iQOalzUSB3hl5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org