Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/jd2TJXPBpcjL-NPOoXF_qLnM3yk.roa
File: jd2TJXPBpcjL-NPOoXF_qLnM3yk.roa (raw, json)
Hash identifier: ioismsQjoMnKhJyHXB8N4mzQqs0fGKyPyXH4dDuXsro=
Subject key identifier: 8D:DD:93:25:73:C1:A5:C8:CB:F8:D3:CE:A1:71:7F:A8:B9:CC:DF:29
Certificate issuer: /CN=4f2112cbf6dcc8dd3444e4eced284457310f70d2
Certificate serial: 0185A02F679049757A1406ADA2C5D1422DBE
Authority key identifier: 4F:21:12:CB:F6:DC:C8:DD:34:44:E4:EC:ED:28:44:57:31:0F:70:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/jd2TJXPBpcjL-NPOoXF_qLnM3yk.roa
Signing time: Wed 11 Jan 2023 09:35:39 +0000
ROA not before: Wed 11 Jan 2023 09:35:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205975
IP address blocks: 212.46.58.0/24 maxlen: 24
176.10.0.0/20 maxlen: 20
147.189.155.0/24 maxlen: 24
2a12:f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 03 Jul 2023 09:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:2f:67:90:49:75:7a:14:06:ad:a2:c5:d1:42:2d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f2112cbf6dcc8dd3444e4eced284457310f70d2
Validity
Not Before: Jan 11 09:35:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ddd932573c1a5c8cbf8d3cea1717fa8b9ccdf29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:67:7f:25:c8:3a:58:52:9f:73:38:b8:6c:d0:
71:7c:bd:42:b1:66:14:46:7f:a0:2a:89:c8:f1:88:
a9:bf:2b:e7:94:a0:88:9c:4d:ee:aa:0f:e1:12:5f:
d0:fa:a7:15:6e:7d:ae:b2:34:59:76:fa:d3:31:ee:
48:98:af:d0:d4:03:77:f8:dc:53:b4:d5:47:cf:d6:
c1:b4:e9:7f:63:1d:64:d7:df:7c:3c:91:31:8e:55:
24:35:25:e3:3d:99:7a:40:8e:5d:5d:b5:34:20:50:
d9:68:1b:7d:93:0a:90:a7:b8:22:33:40:58:7d:f9:
96:43:ec:30:af:1a:1c:f1:6f:30:c1:41:2b:7a:5b:
74:21:c4:60:63:c7:ce:80:c0:c5:45:36:45:24:49:
0a:4d:e9:b1:59:b0:b6:4f:e9:9c:50:e9:00:9c:09:
2f:1e:22:1e:19:02:e7:05:65:c3:53:e1:43:14:72:
d8:c0:41:0a:86:1e:be:f5:11:d5:d0:27:58:5e:6c:
7e:9c:d1:b6:82:19:b0:c6:fe:71:9e:19:3a:11:94:
5c:39:75:a1:0a:f5:b3:af:2b:e7:09:46:ee:ae:15:
c6:7c:3c:fe:3a:19:2d:f3:b0:11:2c:9b:bd:38:e4:
77:fc:f3:f9:50:b4:97:87:5e:49:53:36:77:8b:02:
ef:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:DD:93:25:73:C1:A5:C8:CB:F8:D3:CE:A1:71:7F:A8:B9:CC:DF:29
X509v3 Authority Key Identifier:
keyid:4F:21:12:CB:F6:DC:C8:DD:34:44:E4:EC:ED:28:44:57:31:0F:70:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/jd2TJXPBpcjL-NPOoXF_qLnM3yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/TyESy_bcyN00ROTs7ShEVzEPcNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.155.0/24
176.10.0.0/20
212.46.58.0/24
IPv6:
2a12:f40::/29
Signature Algorithm: sha256WithRSAEncryption
b0:6f:b2:24:d5:32:b8:7d:2e:61:5e:6b:23:67:93:2b:60:1b:
58:b4:67:2a:88:9b:63:56:44:8e:ea:d8:85:44:84:cf:b0:f4:
68:9b:c1:d1:cd:1f:8a:c1:27:ab:26:1d:f8:78:cb:68:18:e4:
82:a2:83:6f:a5:fe:15:cf:4c:56:ff:2d:92:f7:48:71:77:5f:
12:a6:2d:95:bb:75:9e:12:4f:13:d8:db:07:f0:93:9c:07:4d:
a4:5e:1b:ea:5d:73:1c:34:03:27:63:31:df:44:8c:de:cf:8e:
72:2d:84:74:5a:99:28:ae:5e:96:5f:a5:11:97:21:8a:c2:a5:
70:d1:9d:f0:7f:b1:36:9a:50:b8:e7:8c:f1:b8:e6:31:24:ea:
62:ec:9a:a9:20:1d:c6:f7:b5:93:77:47:d4:48:1a:7e:2b:3c:
33:8b:63:5a:83:fa:8e:11:e3:1e:9d:4c:0f:6e:2b:35:ed:6d:
6f:7c:6d:fe:fa:6e:b5:b7:40:5d:4e:17:42:0c:d1:8f:a0:2a:
c5:78:1a:76:54:b8:12:8e:bb:fa:cf:f1:5c:56:ce:de:83:c6:
d8:ff:14:6d:64:9d:f2:25:24:c8:fd:7b:32:eb:15:8b:69:73:
0e:9c:24:ee:14:f7:d9:e1:70:25:7b:23:c7:2c:d2:23:75:53:
d4:9c:39:ac
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYWgL2eQSXV6FAatosXRQi2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMjExMmNiZjZkY2M4ZGQzNDQ0ZTRlY2VkMjg0NDU3MzEw
ZjcwZDIwHhcNMjMwMTExMDkzNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGRkOTMyNTczYzFhNWM4Y2JmOGQzY2VhMTcxN2ZhOGI5Y2NkZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWd/Jcg6WFKfczi4bNBxfL1CsWYU
Rn+gKonI8YipvyvnlKCInE3uqg/hEl/Q+qcVbn2usjRZdvrTMe5ImK/Q1AN3+NxT
tNVHz9bBtOl/Yx1k1998PJExjlUkNSXjPZl6QI5dXbU0IFDZaBt9kwqQp7giM0BY
ffmWQ+wwrxoc8W8wwUErelt0IcRgY8fOgMDFRTZFJEkKTemxWbC2T+mcUOkAnAkv
HiIeGQLnBWXDU+FDFHLYwEEKhh6+9RHV0CdYXmx+nNG2ghmwxv5xnhk6EZRcOXWh
CvWzryvnCUburhXGfDz+Ohkt87ARLJu9OOR3/PP5ULSXh15JUzZ3iwLvNQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFI3dkyVzwaXIy/jTzqFxf6i5zN8pMB8GA1UdIwQY
MBaAFE8hEsv23MjdNETk7O0oRFcxD3DSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHlFU3lfYmN5TjAwUk9UczdTaEVWekVQY05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9lMDgwYjYtNGUwOS00MmQ4LWI5MWMt
YjI3OThjMWEwMzI3LzEvamQyVEpYUEJwY2pMLU5QT29YRl9xTG5NM3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9lMDgwYjYtNGUwOS00MmQ4LWI5MWMtYjI3OThjMWEwMzI3
LzEvVHlFU3lfYmN5TjAwUk9UczdTaEVWekVQY05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAk72bAwQE
sAoAAwQA1C46MA0EAgACMAcDBQMqEg9AMA0GCSqGSIb3DQEBCwUAA4IBAQCwb7Ik
1TK4fS5hXmsjZ5MrYBtYtGcqiJtjVkSO6tiFRITPsPRom8HRzR+KwSerJh34eMto
GOSCooNvpf4Vz0xW/y2S90hxd18Spi2Vu3WeEk8T2NsH8JOcB02kXhvqXXMcNAMn
YzHfRIzez45yLYR0Wpkorl6WX6URlyGKwqVw0Z3wf7E2mlC454zxuOYxJOpi7Jqp
IB3G97WTd0fUSBp+Kzwzi2Nag/qOEeMenUwPbis17W1vfG3++m61t0BdThdCDNGP
oCrFeBp2VLgSjrv6z/FcVs7eg8bY/xRtZJ3yJSTI/Xsy6xWLaXMOnCTuFPfZ4XAl
eyPHLNIjdVPUnDms
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:39 2024 by rpki-client on console-fra.rpki-client.org