Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/juJNFShuZb_7Ws3bRvfwLHn4v-U.roa
File: juJNFShuZb_7Ws3bRvfwLHn4v-U.roa (raw, json)
Hash identifier: WYqoaMPkikGdXBntjZT1odzmNPKgifgVMbpKIeYq6A4=
Subject key identifier: 8E:E2:4D:15:28:6E:65:BF:FB:5A:CD:DB:46:F7:F0:2C:79:F8:BF:E5
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018B1EB366CC2646D1859D4C18208137A03F
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/juJNFShuZb_7Ws3bRvfwLHn4v-U.roa
Signing time: Wed 11 Oct 2023 12:25:55 +0000
ROA not before: Wed 11 Oct 2023 12:25:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 123.253.212.0/24 maxlen: 24
46.175.130.0/24 maxlen: 24
141.98.139.0/24 maxlen: 24
141.98.137.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:b3:66:cc:26:46:d1:85:9d:4c:18:20:81:37:a0:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Oct 11 12:25:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ee24d15286e65bffb5acddb46f7f02c79f8bfe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:00:94:e3:08:5c:e9:84:d0:04:3c:44:45:b9:
a5:11:53:b2:f8:50:54:5e:91:11:4a:7e:7e:ed:31:
f3:1d:e3:b3:a4:b0:3e:fd:35:26:4c:51:bf:84:e8:
f0:eb:d1:2e:43:cd:d4:1e:72:f6:a5:a3:df:9b:bc:
8f:fa:d0:ab:73:e5:c9:00:81:31:21:c5:05:a7:c0:
17:bc:3f:63:cd:17:2d:31:11:ad:db:f9:ca:12:cc:
58:51:f5:8f:83:27:bc:d8:b5:1f:58:10:19:cb:07:
2d:33:bd:cf:d2:ca:4e:e9:3d:61:cf:df:1e:70:b0:
42:aa:e1:0b:60:34:ea:6d:3f:12:b5:06:72:11:61:
8c:2b:6f:66:5d:f9:a9:b9:f3:d1:76:bd:4c:b2:1d:
6b:22:a5:13:d4:cc:ba:48:ac:06:ac:c4:89:cb:87:
75:f5:82:2d:16:32:7a:0d:46:88:bf:35:4d:cc:7b:
24:a0:0b:83:51:8c:08:fb:48:c3:33:30:de:53:41:
32:f6:66:b2:c0:03:e6:fe:33:ab:af:30:9f:da:63:
70:68:99:6f:f8:75:0e:3c:87:83:24:51:aa:5e:a4:
ef:03:dc:69:fc:3f:da:7a:be:de:49:0e:e3:50:f8:
e4:69:09:76:62:3b:fe:1f:c9:19:af:3d:e8:e6:31:
01:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E2:4D:15:28:6E:65:BF:FB:5A:CD:DB:46:F7:F0:2C:79:F8:BF:E5
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/juJNFShuZb_7Ws3bRvfwLHn4v-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.130.0/24
123.253.212.0/24
141.98.137.0/24
141.98.139.0/24
Signature Algorithm: sha256WithRSAEncryption
43:57:c9:da:af:a1:f6:73:6f:f9:4c:60:a9:3f:f4:fd:35:09:
0c:fc:84:25:72:14:07:5a:12:66:20:f0:87:e6:93:88:14:1c:
67:c2:5a:6b:ee:53:98:45:b9:d9:51:9d:01:39:b7:5c:96:a0:
35:1d:cf:18:ae:3d:aa:15:3e:a8:cf:7f:e3:0e:46:9d:76:01:
bc:cb:09:c2:46:1f:22:01:fa:12:90:9d:19:c1:16:e9:03:d5:
a1:51:16:09:9d:86:e5:d2:0f:de:75:30:d2:1e:9f:67:2c:2f:
60:e0:4c:0c:9e:ea:07:fd:85:9f:7f:b1:52:18:92:a1:71:5e:
77:24:cc:ec:6d:27:9f:b9:bd:ff:23:1f:ae:a1:f6:87:43:7e:
0c:71:73:4b:61:4f:85:7d:ed:43:be:39:df:95:c9:3e:4b:9f:
0c:ff:66:75:71:62:40:88:fb:a6:a2:6d:b7:82:ef:c4:91:91:
76:0e:42:02:b2:f2:71:6c:e6:e9:f9:2d:d0:61:2f:56:ec:fe:
f2:dc:71:0e:41:46:68:44:16:48:df:1d:be:1e:66:5e:f2:66:
1c:de:42:d8:20:b6:36:0a:7f:8e:a3:03:0a:ce:7f:42:60:4d:
42:c2:b9:2b:58:b5:7e:e4:e7:2a:07:b2:7b:17:7b:a7:09:0d:
fe:f2:1d:0c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYses2bMJkbRhZ1MGCCBN6A/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMxMDExMTIyNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWUyNGQxNTI4NmU2NWJmZmI1YWNkZGI0NmY3ZjAyYzc5ZjhiZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjACU4whc6YTQBDxERbmlEVOy+FBU
XpERSn5+7THzHeOzpLA+/TUmTFG/hOjw69EuQ83UHnL2paPfm7yP+tCrc+XJAIEx
IcUFp8AXvD9jzRctMRGt2/nKEsxYUfWPgye82LUfWBAZywctM73P0spO6T1hz98e
cLBCquELYDTqbT8StQZyEWGMK29mXfmpufPRdr1Msh1rIqUT1My6SKwGrMSJy4d1
9YItFjJ6DUaIvzVNzHskoAuDUYwI+0jDMzDeU0Ey9maywAPm/jOrrzCf2mNwaJlv
+HUOPIeDJFGqXqTvA9xp/D/aer7eSQ7jUPjkaQl2Yjv+H8kZrz3o5jEBwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI7iTRUobmW/+1rN20b38Cx5+L/lMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvanVKTkZTaHVaYl83V3MzYlJ2ZndMSG40di1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALq+CAwQA
e/3UAwQAjWKJAwQAjWKLMA0GCSqGSIb3DQEBCwUAA4IBAQBDV8nar6H2c2/5TGCp
P/T9NQkM/IQlchQHWhJmIPCH5pOIFBxnwlpr7lOYRbnZUZ0BObdclqA1Hc8Yrj2q
FT6oz3/jDkaddgG8ywnCRh8iAfoSkJ0ZwRbpA9WhURYJnYbl0g/edTDSHp9nLC9g
4EwMnuoH/YWff7FSGJKhcV53JMzsbSefub3/Ix+uofaHQ34McXNLYU+Ffe1Dvjnf
lck+S58M/2Z1cWJAiPumom23gu/EkZF2DkICsvJxbObp+S3QYS9W7P7y3HEOQUZo
RBZI3x2+HmZe8mYc3kLYILY2Cn+OowMKzn9CYE1CwrkrWLV+5OcqB7J7F3unCQ3+
8h0M
-----END CERTIFICATE-----
Generated at Tue Oct 17 07:27:44 2023 by rpki-client on console-ams.rpki-client.org