Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/juqNe_tRceLEUsKz13lqP7ZHjaE.roa
File: juqNe_tRceLEUsKz13lqP7ZHjaE.roa (raw, json)
Hash identifier: OPdZdh852r20XYZdfaryiAsb6NR9ZM6oCuVPxRwyAIQ=
Subject key identifier: 8E:EA:8D:7B:FB:51:71:E2:C4:52:C2:B3:D7:79:6A:3F:B6:47:8D:A1
Certificate issuer: /CN=7a05ea59805f94be185282039bbae2fa8a9253f5
Certificate serial: 018570D4F5F4782987C8A00E38AE30B1E71C
Authority key identifier: 7A:05:EA:59:80:5F:94:BE:18:52:82:03:9B:BA:E2:FA:8A:92:53:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egXqWYBflL4YUoIDm7ri-oqSU_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/juqNe_tRceLEUsKz13lqP7ZHjaE.roa
Signing time: Mon 02 Jan 2023 04:54:42 +0000
ROA not before: Mon 02 Jan 2023 04:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50316
IP address blocks: 185.142.122.0/23 maxlen: 24
185.43.164.0/22 maxlen: 24
185.121.32.0/22 maxlen: 24
46.234.198.240/30 maxlen: 30
185.245.120.0/22 maxlen: 24
45.147.236.0/22 maxlen: 24
193.38.132.0/22 maxlen: 24
185.219.44.0/22 maxlen: 24
185.158.140.0/22 maxlen: 24
185.193.252.0/22 maxlen: 24
45.135.24.0/22 maxlen: 24
185.219.45.64/30 maxlen: 30
185.96.96.0/22 maxlen: 24
193.5.31.0/24 maxlen: 24
213.187.0.0/19 maxlen: 24
193.47.52.0/22 maxlen: 24
193.5.41.0/24 maxlen: 24
193.5.39.0/24 maxlen: 24
185.74.188.0/22 maxlen: 24
185.10.188.0/22 maxlen: 24
46.234.192.0/19 maxlen: 24
195.184.74.0/24 maxlen: 24
193.5.120.0/24 maxlen: 24
185.157.24.0/22 maxlen: 24
193.3.245.0/24 maxlen: 24
2a01:6d60::/29 maxlen: 56
2a06:9c80::/29 maxlen: 56
2a0a:c180::/29 maxlen: 56
2a05:4a00::/29 maxlen: 56
2a0b:e040::/29 maxlen: 56
2a0a:41c0::/29 maxlen: 56
2a0d:5780::/29 maxlen: 56
2a07:a2c0::/29 maxlen: 56
2a07:adc0::/29 maxlen: 56
2a00:1f48::/29 maxlen: 56
2a0d:e540::/29 maxlen: 56
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d4:f5:f4:78:29:87:c8:a0:0e:38:ae:30:b1:e7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a05ea59805f94be185282039bbae2fa8a9253f5
Validity
Not Before: Jan 2 04:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8eea8d7bfb5171e2c452c2b3d7796a3fb6478da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c1:54:9a:37:0b:4c:1a:90:ad:80:8b:db:70:
41:66:39:13:cd:64:e2:72:fe:88:89:37:f7:8a:e9:
d8:ea:bb:7a:33:54:ef:bd:d7:0d:ff:b8:12:75:6a:
92:fc:65:e1:c3:01:36:dc:4c:3e:ed:60:a3:bf:2d:
29:e6:e9:e5:6a:df:46:b9:bc:87:39:1c:01:95:f1:
f9:39:44:fc:23:ab:ff:3b:ae:ab:18:46:bd:2f:78:
2e:2d:ba:83:bc:a2:19:0f:a4:32:b3:10:80:85:c2:
18:73:15:b8:36:ed:9b:c9:a7:98:33:b0:bf:37:76:
a6:d9:25:28:db:69:72:d3:57:a3:f1:86:d0:3e:29:
b1:04:a7:1b:79:49:5f:ee:e6:a0:f6:06:cd:33:66:
8b:ef:7d:f5:ad:6c:20:4c:d3:4b:b7:0a:90:59:c8:
4e:6f:61:c0:5d:54:0c:a5:8f:e8:51:00:99:e4:5c:
6e:d2:ae:6e:3b:ce:67:3c:d8:aa:e6:3f:f2:ff:b5:
56:10:66:0a:fd:31:51:7d:37:91:92:2b:aa:cf:dd:
50:a2:a2:1b:df:4c:b4:7b:42:37:7c:07:c9:c3:8e:
8f:53:16:e8:1b:4c:01:2e:1d:63:5e:05:5e:dd:cb:
59:01:42:fd:cf:32:ea:02:7e:e9:00:9f:52:23:6b:
df:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:EA:8D:7B:FB:51:71:E2:C4:52:C2:B3:D7:79:6A:3F:B6:47:8D:A1
X509v3 Authority Key Identifier:
keyid:7A:05:EA:59:80:5F:94:BE:18:52:82:03:9B:BA:E2:FA:8A:92:53:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egXqWYBflL4YUoIDm7ri-oqSU_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/juqNe_tRceLEUsKz13lqP7ZHjaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/egXqWYBflL4YUoIDm7ri-oqSU_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.24.0/22
45.147.236.0/22
46.234.192.0/19
185.10.188.0/22
185.43.164.0/22
185.74.188.0/22
185.96.96.0/22
185.121.32.0/22
185.142.122.0/23
185.157.24.0/22
185.158.140.0/22
185.193.252.0/22
185.219.44.0/22
185.245.120.0/22
193.3.245.0/24
193.5.31.0/24
193.5.39.0/24
193.5.41.0/24
193.5.120.0/24
193.38.132.0/22
193.47.52.0/22
195.184.74.0/24
213.187.0.0/19
IPv6:
2a00:1f48::/29
2a01:6d60::/29
2a05:4a00::/29
2a06:9c80::/29
2a07:a2c0::/29
2a07:adc0::/29
2a0a:41c0::/29
2a0a:c180::/29
2a0b:e040::/29
2a0d:5780::/29
2a0d:e540::/29
Signature Algorithm: sha256WithRSAEncryption
12:6e:80:0b:23:ad:ef:0c:5b:2f:40:69:8f:72:09:55:e9:b8:
ba:4c:34:cb:a1:96:9d:ab:de:90:55:ce:73:2d:d9:f1:61:52:
ff:15:77:cd:72:e3:ef:ff:0f:ef:9b:3d:12:90:96:66:12:7a:
23:f7:0e:89:d8:df:71:22:bf:17:48:2a:10:32:00:e4:f9:b6:
fa:2b:41:3e:96:c5:e3:dc:5c:2b:1b:77:e3:cb:30:30:39:2a:
c1:a9:d6:36:08:15:2e:1f:fe:9d:0b:7f:78:19:48:33:34:27:
d5:12:6f:d2:e5:46:c3:6d:a9:27:6a:29:35:66:5f:95:f0:3c:
bf:d9:bc:32:2a:ac:83:53:24:0a:13:7b:18:4a:29:0c:b7:f0:
de:8a:2b:98:1b:26:c2:c8:fb:a0:16:16:e7:10:fb:6a:52:af:
c2:b5:1d:ab:3c:f9:29:43:b7:df:b6:6e:31:82:00:c3:9e:c2:
63:f5:bf:12:a9:5d:eb:6e:ce:7e:8c:47:6f:df:e0:d9:e8:ae:
58:fa:84:3a:e1:37:5e:39:eb:ce:a2:e5:f6:1c:5a:d0:f7:e4:
7b:2b:10:0a:59:e8:ac:df:18:31:c3:f3:20:66:a3:7a:95:c0:
cf:8c:f9:9d:8a:52:18:5d:bd:cf:09:8f:fd:e7:5f:52:98:f6:
61:a5:7e:f9
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAYVw1PX0eCmHyKAOOK4wseccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMDVlYTU5ODA1Zjk0YmUxODUyODIwMzliYmFlMmZhOGE5
MjUzZjUwHhcNMjMwMTAyMDQ1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWVhOGQ3YmZiNTE3MWUyYzQ1MmMyYjNkNzc5NmEzZmI2NDc4ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8FUmjcLTBqQrYCL23BBZjkTzWTi
cv6IiTf3iunY6rt6M1TvvdcN/7gSdWqS/GXhwwE23Ew+7WCjvy0p5unlat9GubyH
ORwBlfH5OUT8I6v/O66rGEa9L3guLbqDvKIZD6QysxCAhcIYcxW4Nu2byaeYM7C/
N3am2SUo22ly01ej8YbQPimxBKcbeUlf7uag9gbNM2aL7331rWwgTNNLtwqQWchO
b2HAXVQMpY/oUQCZ5Fxu0q5uO85nPNiq5j/y/7VWEGYK/TFRfTeRkiuqz91QoqIb
30y0e0I3fAfJw46PUxboG0wBLh1jXgVe3ctZAUL9zzLqAn7pAJ9SI2vf6QIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFI7qjXv7UXHixFLCs9d5aj+2R42hMB8GA1UdIwQY
MBaAFHoF6lmAX5S+GFKCA5u64vqKklP1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdYcVdZQmZsTDRZVW9JRG03cmktb3FTVV9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jZjI0YmQtYzE1Yi00ODRjLTk3MzIt
MDRiMzgxM2YzYjNkLzEvanVxTmVfdFJjZUxFVXNLejEzbHFQN1pIamFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jZjI0YmQtYzE1Yi00ODRjLTk3MzItMDRiMzgxM2YzYjNk
LzEvZWdYcVdZQmZsTDRZVW9JRG03cmktb3FTVV9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCBkQQCAAEwgYoDBAIt
hxgDBAItk+wDBAUu6sADBAK5CrwDBAK5K6QDBAK5SrwDBAK5YGADBAK5eSADBAG5
jnoDBAK5nRgDBAK5nowDBAK5wfwDBAK52ywDBAK59XgDBADBA/UDBADBBR8DBADB
BScDBADBBSkDBADBBXgDBALBJoQDBALBLzQDBADDuEoDBAXVuwAwUwQCAAIwTQMF
AyoAH0gDBQMqAW1gAwUDKgVKAAMFAyoGnIADBQMqB6LAAwUDKgetwAMFAyoKQcAD
BQMqCsGAAwUDKgvgQAMFAyoNV4ADBQMqDeVAMA0GCSqGSIb3DQEBCwUAA4IBAQAS
boALI63vDFsvQGmPcglV6bi6TDTLoZadq96QVc5zLdnxYVL/FXfNcuPv/w/vmz0S
kJZmEnoj9w6J2N9xIr8XSCoQMgDk+bb6K0E+lsXj3FwrG3fjyzAwOSrBqdY2CBUu
H/6dC394GUgzNCfVEm/S5UbDbaknaik1Zl+V8Dy/2bwyKqyDUyQKE3sYSikMt/De
iiuYGybCyPugFhbnEPtqUq/CtR2rPPkpQ7fftm4xggDDnsJj9b8SqV3rbs5+jEdv
3+DZ6K5Y+oQ64TdeOevOouX2HFrQ9+R7KxAKWeis3xgxw/MgZqN6lcDPjPmdilIY
Xb3PCY/9519SmPZhpX75
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:20 2024 by rpki-client on console-fra.rpki-client.org