Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/jvniycehpyaG2Fcp3UBtGcHUPLg.roa
File: jvniycehpyaG2Fcp3UBtGcHUPLg.roa (raw, json)
Hash identifier: JhSfy3PYSRqH0MoXr9urYwLb32CgqUY+KzQzNZgQB14=
Subject key identifier: 8E:F9:E2:C9:C7:A1:A7:26:86:D8:57:29:DD:40:6D:19:C1:D4:3C:B8
Certificate issuer: /CN=d99a47cdc89f46342f90b0da3c30d9ec5fd63238
Certificate serial: 018B6156BC6A75156D05356360BA9F2423FF
Authority key identifier: D9:9A:47:CD:C8:9F:46:34:2F:90:B0:DA:3C:30:D9:EC:5F:D6:32:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/jvniycehpyaG2Fcp3UBtGcHUPLg.roa
Signing time: Tue 24 Oct 2023 10:59:16 +0000
ROA not before: Tue 24 Oct 2023 10:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21034
IP address blocks: 195.32.69.0/24 maxlen: 24
195.32.80.0/22 maxlen: 22
195.32.84.0/24 maxlen: 24
195.32.85.0/24 maxlen: 24
195.32.88.0/22 maxlen: 22
195.32.88.0/21 maxlen: 21
195.32.86.0/23 maxlen: 23
195.32.92.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 25 Oct 2023 07:18:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:56:bc:6a:75:15:6d:05:35:63:60:ba:9f:24:23:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d99a47cdc89f46342f90b0da3c30d9ec5fd63238
Validity
Not Before: Oct 24 10:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ef9e2c9c7a1a72686d85729dd406d19c1d43cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:69:49:b3:07:5e:33:de:fa:52:6d:4a:74:27:
bd:80:21:32:43:10:2c:40:21:8b:61:f4:01:d4:3c:
a7:7c:81:bf:15:89:c4:cd:25:d5:2e:3e:52:98:89:
3f:f2:81:d5:6e:be:7b:41:25:f8:6b:51:ed:ef:34:
8a:19:9a:75:47:c2:52:c1:42:c0:61:a1:3a:ec:46:
bf:e3:a8:4f:db:17:f5:92:00:a6:c8:56:e1:4d:87:
b5:d9:0d:93:3b:ea:ae:27:77:f3:ba:c4:dd:94:6b:
a8:d3:2a:58:45:41:6d:f8:50:14:61:40:d1:dd:cd:
c9:05:98:f8:27:62:ad:46:0c:e4:73:2e:53:3f:ec:
8b:b0:41:c4:8f:4f:27:b5:e1:a1:d5:48:24:fc:2d:
5b:45:f0:e0:c5:fa:2d:23:f5:7f:a4:01:45:dd:d1:
ca:c3:bd:cc:91:95:be:11:3c:86:4a:af:de:e1:2a:
88:23:54:a7:85:8d:57:62:dd:ae:5b:e3:41:bd:0e:
89:2c:8c:30:aa:57:db:57:cf:55:44:57:6d:7f:00:
4b:dd:ba:86:c1:b1:a3:c1:67:b8:e0:c5:d5:fa:bc:
07:2f:d7:fe:5e:e1:8a:e8:99:08:15:ea:4c:b6:08:
1d:20:6e:71:de:94:a9:0c:2b:3e:15:ba:9b:3f:81:
21:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F9:E2:C9:C7:A1:A7:26:86:D8:57:29:DD:40:6D:19:C1:D4:3C:B8
X509v3 Authority Key Identifier:
keyid:D9:9A:47:CD:C8:9F:46:34:2F:90:B0:DA:3C:30:D9:EC:5F:D6:32:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/jvniycehpyaG2Fcp3UBtGcHUPLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.32.69.0/24
195.32.80.0/20
Signature Algorithm: sha256WithRSAEncryption
04:c4:ce:56:52:c5:81:b8:ff:02:b2:b7:f9:ba:05:ca:8d:c2:
e3:f2:df:71:82:a3:b3:9f:b1:4d:ea:cb:53:67:5b:51:76:7b:
4e:10:71:d4:90:ee:df:23:10:a4:1a:be:3c:92:87:1e:c8:02:
09:d6:09:5d:a5:10:5d:33:f7:d7:c6:6c:a6:e7:17:d4:10:25:
be:58:3c:1f:f5:a2:99:e0:82:50:df:84:1d:aa:7b:d8:3b:a9:
24:c0:1b:af:c1:4c:66:1a:4e:7e:e2:2c:67:2c:e5:ca:d7:3b:
28:3a:f6:a0:05:4d:4e:c7:dc:bf:e3:82:5a:f8:54:f1:4f:2b:
c3:4b:c3:d2:fa:a5:49:eb:5c:6f:7f:e0:59:d4:fe:41:f5:0c:
03:83:b5:a7:5a:80:10:4b:3f:d1:eb:02:22:37:cd:95:68:d3:
c8:45:e6:42:82:45:74:d7:56:24:99:5e:27:29:f2:ca:00:e7:
cb:5b:8c:bf:24:93:e1:d0:57:88:37:f7:a7:82:a5:49:f5:c2:
74:63:83:45:8d:e6:e9:b5:b8:0c:5f:cc:fc:10:e1:51:35:a0:
ec:a7:53:c5:ec:c8:2c:07:e3:b5:2d:aa:c2:d5:5f:7a:44:fd:
50:ad:04:f2:97:59:01:97:f3:1b:5b:e1:7a:5c:55:79:74:ae:
64:03:42:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYthVrxqdRVtBTVjYLqfJCP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OWE0N2NkYzg5ZjQ2MzQyZjkwYjBkYTNjMzBkOWVjNWZk
NjMyMzgwHhcNMjMxMDI0MTA1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWY5ZTJjOWM3YTFhNzI2ODZkODU3MjlkZDQwNmQxOWMxZDQzY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmlJswdeM976Um1KdCe9gCEyQxAs
QCGLYfQB1DynfIG/FYnEzSXVLj5SmIk/8oHVbr57QSX4a1Ht7zSKGZp1R8JSwULA
YaE67Ea/46hP2xf1kgCmyFbhTYe12Q2TO+quJ3fzusTdlGuo0ypYRUFt+FAUYUDR
3c3JBZj4J2KtRgzkcy5TP+yLsEHEj08nteGh1Ugk/C1bRfDgxfotI/V/pAFF3dHK
w73MkZW+ETyGSq/e4SqII1SnhY1XYt2uW+NBvQ6JLIwwqlfbV89VRFdtfwBL3bqG
wbGjwWe44MXV+rwHL9f+XuGK6JkIFepMtggdIG5x3pSpDCs+FbqbP4EhKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI754snHoacmhthXKd1AbRnB1Dy4MB8GA1UdIwQY
MBaAFNmaR83In0Y0L5Cw2jww2exf1jI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpwSHpjaWZSalF2a0xEYVBERFo3Rl9XTWpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kMzBlZWYtNDk1ZS00M2JkLTkxOWMt
YTJhMGUyZGI0OWQwLzEvanZuaXljZWhweWFHMkZjcDNVQnRHY0hVUExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kMzBlZWYtNDk1ZS00M2JkLTkxOWMtYTJhMGUyZGI0OWQw
LzEvMlpwSHpjaWZSalF2a0xEYVBERFo3Rl9XTWpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwyBFAwQE
wyBQMA0GCSqGSIb3DQEBCwUAA4IBAQAExM5WUsWBuP8Csrf5ugXKjcLj8t9xgqOz
n7FN6stTZ1tRdntOEHHUkO7fIxCkGr48koceyAIJ1gldpRBdM/fXxmym5xfUECW+
WDwf9aKZ4IJQ34QdqnvYO6kkwBuvwUxmGk5+4ixnLOXK1zsoOvagBU1Ox9y/44Ja
+FTxTyvDS8PS+qVJ61xvf+BZ1P5B9QwDg7WnWoAQSz/R6wIiN82VaNPIReZCgkV0
11YkmV4nKfLKAOfLW4y/JJPh0FeIN/engqVJ9cJ0Y4NFjebptbgMX8z8EOFRNaDs
p1PF7MgsB+O1LarC1V96RP1QrQTyl1kBl/MbW+F6XFV5dK5kA0K2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org