Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/J-ALaORSvuwxN9u1OHPmGr5wo8s.roa
File: J-ALaORSvuwxN9u1OHPmGr5wo8s.roa (raw, json)
Hash identifier: o5DDz9FJuVbPiLECJTK/Ecbh2JGiSHKIrlVsm5lnQbk=
Subject key identifier: 27:E0:0B:68:E4:52:BE:EC:31:37:DB:B5:38:73:E6:1A:BE:70:A3:CB
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018963C8336BE1EAF376FF385C6FC1748C0F
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/J-ALaORSvuwxN9u1OHPmGr5wo8s.roa
Signing time: Mon 17 Jul 2023 12:16:52 +0000
ROA not before: Mon 17 Jul 2023 12:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.110.63.0/24 maxlen: 24
141.98.139.0/24 maxlen: 24
141.98.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jul 2023 08:42:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:c8:33:6b:e1:ea:f3:76:ff:38:5c:6f:c1:74:8c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Jul 17 12:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27e00b68e452beec3137dbb53873e61abe70a3cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bf:33:e0:69:a5:4b:be:b5:72:2f:5e:bd:8b:
2e:b0:8f:20:95:47:11:59:0a:66:00:e1:18:4d:69:
27:28:c9:e6:5e:52:a1:18:23:6b:ce:62:23:a8:ef:
ea:e9:5c:35:f2:ce:62:98:63:5b:f9:89:fe:02:b0:
12:41:9e:37:fb:f4:c5:f1:f1:29:35:4c:08:33:cd:
e9:73:ad:91:87:9d:81:19:e2:4d:1f:6d:8a:49:24:
3c:25:c3:bf:59:a6:c0:8a:5b:9c:3e:36:b4:b0:ea:
eb:dd:87:70:37:6d:2f:dc:87:bc:19:f3:23:74:db:
d1:04:b2:9f:37:46:4a:d0:dc:94:52:d5:59:54:46:
e6:71:9b:51:f2:68:6f:5f:b6:0f:1f:2c:2e:2f:36:
a7:90:23:a4:b2:df:f4:3a:11:b3:13:da:4c:16:2b:
80:df:52:7e:dc:49:76:9a:fe:71:73:54:b7:28:3e:
22:8a:4d:69:11:53:65:72:1a:ab:61:9a:cd:af:73:
5d:53:05:67:72:ef:da:0f:17:c7:96:a1:98:11:11:
24:90:0d:6e:08:75:85:eb:5b:8a:f0:d9:97:3d:b3:
c3:69:86:d2:f2:7c:c4:83:21:f7:04:1a:41:05:66:
2f:ee:1f:c9:49:05:5a:2a:61:ed:75:d0:d1:1b:b7:
52:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:E0:0B:68:E4:52:BE:EC:31:37:DB:B5:38:73:E6:1A:BE:70:A3:CB
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/J-ALaORSvuwxN9u1OHPmGr5wo8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.137.0/24
141.98.139.0/24
185.110.63.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:4a:ba:59:d8:2d:c9:62:13:ff:2f:37:02:4a:a4:3f:88:92:
e2:7e:c3:5d:74:1e:74:3e:e2:2c:13:5b:54:26:12:b0:4a:2a:
bc:ef:8e:ed:79:a2:4e:01:07:ef:31:92:b6:8d:54:68:ca:24:
a7:e9:48:47:4a:e9:ac:68:1a:f1:6b:00:16:25:49:9b:3a:08:
aa:c3:6d:9c:6d:6e:10:c3:3b:7b:62:62:2d:80:72:75:97:ce:
27:94:ef:e3:3c:6a:f1:78:a6:93:97:d8:6b:45:19:16:08:61:
50:6f:c2:b5:97:0f:39:79:c3:66:4c:b4:8b:30:47:7e:19:0c:
94:88:52:f4:87:d2:40:aa:f4:0b:26:43:4f:a8:dc:d4:24:30:
dd:e8:8c:69:aa:04:56:b6:d0:94:3d:63:93:6d:31:d7:3d:39:
dc:76:3b:76:7d:19:38:0d:94:77:3c:9b:ef:9e:01:93:67:65:
6f:e1:11:1f:9a:0c:d4:72:aa:52:a7:8b:f1:7d:f8:7a:29:0c:
2c:ae:12:f8:81:e3:a2:8e:a8:15:ad:67:4a:0e:d1:0d:f3:34:
83:05:ae:d4:8c:f1:dd:00:c2:ac:a3:56:51:8c:87:ee:9d:55:
d0:fe:98:d8:58:d0:a0:6c:08:09:e6:62:27:05:4e:dc:1f:31:
0d:47:d0:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYljyDNr4erzdv84XG/BdIwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMwNzE3MTIxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2UwMGI2OGU0NTJiZWVjMzEzN2RiYjUzODczZTYxYWJlNzBhM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr8z4GmlS761ci9evYsusI8glUcR
WQpmAOEYTWknKMnmXlKhGCNrzmIjqO/q6Vw18s5imGNb+Yn+ArASQZ43+/TF8fEp
NUwIM83pc62Rh52BGeJNH22KSSQ8JcO/WabAilucPja0sOrr3YdwN20v3Ie8GfMj
dNvRBLKfN0ZK0NyUUtVZVEbmcZtR8mhvX7YPHywuLzankCOkst/0OhGzE9pMFiuA
31J+3El2mv5xc1S3KD4iik1pEVNlchqrYZrNr3NdUwVncu/aDxfHlqGYEREkkA1u
CHWF61uK8NmXPbPDaYbS8nzEgyH3BBpBBWYv7h/JSQVaKmHtddDRG7dSGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCfgC2jkUr7sMTfbtThz5hq+cKPLMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvSi1BTGFPUlN2dXd4Tjl1MU9IUG1HcjV3bzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjWKJAwQA
jWKLAwQAuW4/MA0GCSqGSIb3DQEBCwUAA4IBAQAqSrpZ2C3JYhP/LzcCSqQ/iJLi
fsNddB50PuIsE1tUJhKwSiq8747teaJOAQfvMZK2jVRoyiSn6UhHSumsaBrxawAW
JUmbOgiqw22cbW4Qwzt7YmItgHJ1l84nlO/jPGrxeKaTl9hrRRkWCGFQb8K1lw85
ecNmTLSLMEd+GQyUiFL0h9JAqvQLJkNPqNzUJDDd6IxpqgRWttCUPWOTbTHXPTnc
djt2fRk4DZR3PJvvngGTZ2Vv4REfmgzUcqpSp4vxffh6KQwsrhL4geOijqgVrWdK
DtEN8zSDBa7UjPHdAMKso1ZRjIfunVXQ/pjYWNCgbAgJ5mInBU7cHzENR9Ds
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:12 2024 by rpki-client on console-ams.rpki-client.org