Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/JkGeYS1xke02KPdvbRsE5P1GZ88.roa
File: JkGeYS1xke02KPdvbRsE5P1GZ88.roa (raw, json)
Hash identifier: bIEwZqzQH0deNYTjTqRkYeY098UhSSi3rmjPHlU0dXE=
Subject key identifier: 26:41:9E:61:2D:71:91:ED:36:28:F7:6F:6D:1B:04:E4:FD:46:67:CF
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018A21BC90AF9879C56E5C585823A0346BD0
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/JkGeYS1xke02KPdvbRsE5P1GZ88.roa
Signing time: Wed 23 Aug 2023 09:32:00 +0000
ROA not before: Wed 23 Aug 2023 09:32:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31122
IP address blocks: 78.137.128.0/18 maxlen: 18
93.92.8.0/21 maxlen: 21
92.51.192.0/18 maxlen: 18
91.142.96.0/20 maxlen: 20
84.203.0.0/16 maxlen: 16
185.53.32.0/24 maxlen: 24
185.53.35.0/24 maxlen: 24
83.147.128.0/18 maxlen: 18
212.126.32.0/19 maxlen: 19
46.183.104.0/23 maxlen: 23
212.126.60.0/22 maxlen: 22
185.233.176.0/22 maxlen: 22
94.247.48.0/21 maxlen: 21
92.51.208.0/20 maxlen: 20
185.182.72.0/22 maxlen: 22
185.242.236.0/23 maxlen: 23
185.47.144.0/22 maxlen: 22
89.234.64.0/18 maxlen: 18
176.52.216.0/22 maxlen: 22
176.52.220.0/23 maxlen: 23
80.93.16.0/20 maxlen: 20
185.205.228.0/22 maxlen: 22
217.78.0.0/20 maxlen: 20
37.46.16.0/21 maxlen: 21
2a0a:e780::/29 maxlen: 30
2001:1bb8::/32 maxlen: 32
2a00:15b8:400::/40 maxlen: 40
2a00:15b8::/32 maxlen: 32
2a02:220::/32 maxlen: 32
2a01:258::/32 maxlen: 32
2a01:8aa0::/32 maxlen: 32
2a0b:bc0::/29 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:bc:90:af:98:79:c5:6e:5c:58:58:23:a0:34:6b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Aug 23 09:32:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26419e612d7191ed3628f76f6d1b04e4fd4667cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:91:f7:11:d8:b0:3e:79:22:6a:6c:a0:73:da:
d2:1c:9b:ea:7c:b0:06:b0:3e:9b:06:b3:a9:7d:05:
ac:08:f4:28:ea:73:2e:8e:44:3d:70:65:80:25:9a:
c9:4d:a5:10:17:5d:b2:48:ac:7f:13:f5:af:fb:65:
1e:4c:c0:c9:81:4a:8d:24:6f:60:55:ed:99:8e:85:
83:c6:40:cb:f3:4a:49:03:8f:e2:1f:3c:8e:6e:a9:
ed:07:5a:b0:c1:fd:d6:34:ac:7b:19:88:18:47:74:
dd:c1:ea:d7:5f:5d:70:34:4a:df:c2:a5:e3:b7:17:
ec:ba:a6:de:f1:ce:f0:89:cb:63:c8:55:7d:1e:c9:
94:19:90:1a:3a:7b:e4:5a:62:39:c3:4e:6a:29:a0:
c6:1c:e2:e8:e4:08:85:b1:52:24:50:0c:c6:27:84:
50:ea:bd:ca:dd:e5:0b:15:9d:56:59:32:7b:14:a2:
f8:a2:e8:9c:7a:48:b9:04:26:60:ab:42:3f:cc:71:
50:f7:3a:e2:86:10:09:22:ac:ed:0b:3d:d3:12:05:
d1:b0:54:6c:66:ec:00:04:68:80:9f:52:8f:7b:34:
bf:b6:60:35:09:de:fd:4c:00:31:18:2b:3b:cc:63:
fb:b0:1c:d4:71:e5:d8:1c:f4:21:4d:2c:2d:b8:0b:
54:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:41:9E:61:2D:71:91:ED:36:28:F7:6F:6D:1B:04:E4:FD:46:67:CF
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/JkGeYS1xke02KPdvbRsE5P1GZ88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/21
46.183.104.0/23
78.137.128.0/18
80.93.16.0/20
83.147.128.0/18
84.203.0.0/16
89.234.64.0/18
91.142.96.0/20
92.51.192.0/18
93.92.8.0/21
94.247.48.0/21
176.52.216.0-176.52.221.255
185.47.144.0/22
185.53.32.0/24
185.53.35.0/24
185.182.72.0/22
185.205.228.0/22
185.233.176.0/22
185.242.236.0/23
212.126.32.0/19
217.78.0.0/20
IPv6:
2001:1bb8::/32
2a00:15b8::/32
2a01:258::/32
2a01:8aa0::/32
2a02:220::/32
2a0a:e780::/29
2a0b:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
c7:cd:d1:0c:56:74:b4:d8:a5:22:ee:5d:f3:cc:fd:9e:f1:0a:
5b:cb:e0:11:6e:e6:a9:b0:be:ec:b8:e5:07:64:7d:05:e5:ab:
55:c6:a6:54:fb:74:a2:01:a8:f1:e5:1f:30:fe:06:13:a3:60:
29:4a:9c:10:4b:46:33:30:4b:40:7f:43:2b:b7:c0:15:1e:b5:
9f:35:88:03:52:9f:5d:4d:17:e5:81:2a:d5:50:9a:5f:7f:40:
56:53:e1:05:4e:e0:e3:ff:a8:6c:b6:86:4a:52:31:55:db:4a:
a8:14:a3:b6:78:05:57:98:1a:6b:c6:c6:d6:7f:32:c6:68:da:
72:00:1a:91:bb:96:b0:ed:45:ac:93:0e:ba:0e:d2:50:10:62:
9c:71:5f:75:a1:49:3d:68:d8:a4:00:54:81:02:78:10:57:fd:
0e:2a:d9:4d:73:6c:e6:26:7f:1e:73:3c:97:25:33:92:03:ce:
38:4a:14:30:61:98:80:4e:0f:07:bd:2c:58:e9:5c:24:10:65:
55:99:9f:cf:4d:52:39:0c:ae:d4:ec:71:26:22:6a:6a:0f:5d:
42:f9:b2:fc:8e:14:0e:e4:9c:94:7b:cd:3e:bb:b9:47:1b:30:
43:e3:dc:33:01:14:80:f6:7b:34:d8:1b:32:e2:74:94:ec:d4:
9a:a7:c3:38
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAYohvJCvmHnFblxYWCOgNGvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwODIzMDkzMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQxOWU2MTJkNzE5MWVkMzYyOGY3NmY2ZDFiMDRlNGZkNDY2N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pH3EdiwPnkiamygc9rSHJvqfLAG
sD6bBrOpfQWsCPQo6nMujkQ9cGWAJZrJTaUQF12ySKx/E/Wv+2UeTMDJgUqNJG9g
Ve2ZjoWDxkDL80pJA4/iHzyObqntB1qwwf3WNKx7GYgYR3TdwerXX11wNErfwqXj
txfsuqbe8c7wictjyFV9HsmUGZAaOnvkWmI5w05qKaDGHOLo5AiFsVIkUAzGJ4RQ
6r3K3eULFZ1WWTJ7FKL4ouiceki5BCZgq0I/zHFQ9zrihhAJIqztCz3TEgXRsFRs
ZuwABGiAn1KPezS/tmA1Cd79TAAxGCs7zGP7sBzUceXYHPQhTSwtuAtUzQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFCZBnmEtcZHtNij3b20bBOT9RmfPMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvSmtHZVlTMXhrZTAyS1BkdmJSc0U1UDFHWjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBjAQCAAEwgYUDBAMl
LhADBAEut2gDBAZOiYADBARQXRADBAZTk4ADAwBUywMEBlnqQAMEBFuOYAMEBlwz
wAMEA11cCAMEA173MDAMAwQDsDTYAwQBsDTcAwQCuS+QAwQAuTUgAwQAuTUjAwQC
ubZIAwQCuc3kAwQCuemwAwQBufLsAwQF1H4gAwQE2U4AMDcEAgACMDEDBQAgARu4
AwUAKgAVuAMFACoBAlgDBQAqAYqgAwUAKgICIAMFAyoK54ADBQMqCwvAMA0GCSqG
SIb3DQEBCwUAA4IBAQDHzdEMVnS02KUi7l3zzP2e8Qpby+ARbuapsL7suOUHZH0F
5atVxqZU+3SiAajx5R8w/gYTo2ApSpwQS0YzMEtAf0Mrt8AVHrWfNYgDUp9dTRfl
gSrVUJpff0BWU+EFTuDj/6hstoZKUjFV20qoFKO2eAVXmBprxsbWfzLGaNpyABqR
u5aw7UWskw66DtJQEGKccV91oUk9aNikAFSBAngQV/0OKtlNc2zmJn8eczyXJTOS
A844ShQwYZiATg8HvSxY6VwkEGVVmZ/PTVI5DK7U7HEmImpqD11C+bL8jhQO5JyU
e80+u7lHGzBD49wzARSA9ns02Bsy4nSU7NSap8M4
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:35 2024 by rpki-client on console-fra.rpki-client.org