Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/JcnEDbD8muYUQKt6pYlstCb_gig.roa
File: JcnEDbD8muYUQKt6pYlstCb_gig.roa (raw, json)
Hash identifier: jZOCLqggAEb/+XnIyPg5pAvy/colPRWoc0PpfbV6zcI=
Subject key identifier: 25:C9:C4:0D:B0:FC:9A:E6:14:40:AB:7A:A5:89:6C:B4:26:FF:82:28
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 0188962DED0DFC77A832D131304247A179BA
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/JcnEDbD8muYUQKt6pYlstCb_gig.roa
Signing time: Wed 07 Jun 2023 14:06:12 +0000
ROA not before: Wed 07 Jun 2023 14:06:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43641
IP address blocks: 91.234.198.0/23 maxlen: 24
91.234.199.0/24 maxlen: 24
195.26.86.0/23 maxlen: 24
45.11.56.0/24 maxlen: 24
91.222.172.0/22 maxlen: 24
45.134.174.0/24 maxlen: 24
45.134.175.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 29 Jul 2023 09:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:96:2d:ed:0d:fc:77:a8:32:d1:31:30:42:47:a1:79:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Jun 7 14:06:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25c9c40db0fc9ae61440ab7aa5896cb426ff8228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2b:75:95:6c:88:ba:b5:72:e1:f9:33:97:ff:
7d:2b:5e:10:47:e5:b1:60:bb:59:4a:7b:24:35:74:
5a:a8:15:b1:0f:2e:c7:8e:f9:86:c1:7c:c0:a3:e9:
40:91:aa:60:f1:d7:02:3d:f8:78:91:b0:f4:79:f7:
a1:da:d8:a4:ce:72:db:64:cb:53:5b:eb:ac:2d:8b:
37:19:63:8b:21:3c:0e:a0:db:3f:98:ad:09:0e:65:
8c:f5:5d:26:c7:37:79:81:7f:a2:d2:24:bd:07:0f:
8c:01:2e:fa:2d:33:fa:01:c5:c5:f7:b7:ae:c6:39:
1a:4a:20:cf:0d:52:e3:c8:ff:93:d4:3f:ca:29:a9:
4e:60:07:6d:5d:db:a5:9f:65:22:87:75:04:b3:40:
67:fe:6b:b9:b0:65:88:e8:ed:07:70:90:4b:b2:2c:
63:27:5b:19:65:73:78:03:be:01:d6:68:93:7f:13:
b2:4e:c9:4d:b2:c0:bf:65:b0:1f:f5:42:bf:26:75:
33:d9:d5:9c:00:84:00:a1:35:1d:86:32:96:13:cc:
47:b0:2d:e9:0c:01:36:df:2f:c9:86:88:6b:75:86:
64:f6:8b:39:00:8b:05:b2:28:4a:66:c8:06:f7:5c:
4d:11:f6:09:b2:34:fc:34:42:f2:e8:8b:2a:36:b3:
7b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C9:C4:0D:B0:FC:9A:E6:14:40:AB:7A:A5:89:6C:B4:26:FF:82:28
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/JcnEDbD8muYUQKt6pYlstCb_gig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.56.0/24
45.134.174.0/23
91.222.172.0/22
91.234.198.0/23
185.254.199.0/24
195.26.86.0/23
IPv6:
2a09:2dc1::/32
Signature Algorithm: sha256WithRSAEncryption
9c:00:6a:65:16:c4:1e:03:f7:00:18:5e:21:dd:3f:53:9f:c3:
ef:2c:71:b0:b0:17:e1:31:fe:d5:61:cb:73:4d:ba:49:d4:e2:
68:51:85:4a:ba:35:82:5c:cf:b4:c6:c0:35:d7:c1:03:c1:de:
d6:a5:e5:60:f2:f8:84:4a:0b:3f:c1:cd:23:75:3e:e4:5c:a5:
0c:60:7d:f1:9b:22:ec:82:5e:cd:ac:56:cd:45:46:dd:c9:01:
9d:fa:9d:4a:df:00:ec:ee:9d:6f:56:37:35:90:c0:f6:92:fe:
cc:5d:36:16:69:f8:28:84:a8:2c:88:ad:9c:73:f3:19:b0:f8:
d8:22:35:3b:ae:57:57:cd:7d:98:17:5b:3c:40:80:15:b2:28:
26:2f:a8:76:ac:fd:71:b2:dd:92:61:7a:0e:2b:20:fc:dc:65:
48:84:e1:02:e1:a6:c3:b1:89:b7:02:46:24:ee:57:af:b7:9a:
b1:83:99:bc:30:8c:2a:41:94:1c:32:c3:fd:2a:82:1b:d1:32:
8b:0a:46:17:65:3b:f0:6e:f1:5c:a7:d5:b5:73:ac:33:4c:7a:
49:e3:3f:2d:04:5a:69:67:fa:4f:34:d0:5f:53:35:b5:b2:9e:
2d:c8:83:55:2d:fe:8e:23:ce:36:1a:95:db:dd:d9:8e:8a:a1:
cf:4f:e1:ba
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYiWLe0N/HeoMtExMEJHoXm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjMwNjA3MTQwNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWM5YzQwZGIwZmM5YWU2MTQ0MGFiN2FhNTg5NmNiNDI2ZmY4MjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApit1lWyIurVy4fkzl/99K14QR+Wx
YLtZSnskNXRaqBWxDy7HjvmGwXzAo+lAkapg8dcCPfh4kbD0efeh2tikznLbZMtT
W+usLYs3GWOLITwOoNs/mK0JDmWM9V0mxzd5gX+i0iS9Bw+MAS76LTP6AcXF97eu
xjkaSiDPDVLjyP+T1D/KKalOYAdtXduln2Uih3UEs0Bn/mu5sGWI6O0HcJBLsixj
J1sZZXN4A74B1miTfxOyTslNssC/ZbAf9UK/JnUz2dWcAIQAoTUdhjKWE8xHsC3p
DAE23y/JhohrdYZk9os5AIsFsihKZsgG91xNEfYJsjT8NELy6IsqNrN7RwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCXJxA2w/JrmFECreqWJbLQm/4IoMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvSmNuRURiRDhtdVlVUUt0NnBZbHN0Q2JfZ2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALQs4AwQB
LYauAwQCW96sAwQBW+rGAwQAuf7HAwQBwxpWMA0EAgACMAcDBQAqCS3BMA0GCSqG
SIb3DQEBCwUAA4IBAQCcAGplFsQeA/cAGF4h3T9Tn8PvLHGwsBfhMf7VYctzTbpJ
1OJoUYVKujWCXM+0xsA118EDwd7WpeVg8viESgs/wc0jdT7kXKUMYH3xmyLsgl7N
rFbNRUbdyQGd+p1K3wDs7p1vVjc1kMD2kv7MXTYWafgohKgsiK2cc/MZsPjYIjU7
rldXzX2YF1s8QIAVsigmL6h2rP1xst2SYXoOKyD83GVIhOEC4abDsYm3AkYk7lev
t5qxg5m8MIwqQZQcMsP9KoIb0TKLCkYXZTvwbvFcp9W1c6wzTHpJ4z8tBFppZ/pP
NNBfUzW1sp4tyINVLf6OI842GpXb3dmOiqHPT+G6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org