Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/Jkz4gC4gLf9RQazr-pIQIl48xj0.roa
File: Jkz4gC4gLf9RQazr-pIQIl48xj0.roa (raw, json)
Hash identifier: im10vM+BUclmc9x5xqTz3GuFyXGzQvYngHQI82t5ZA8=
Subject key identifier: 26:4C:F8:80:2E:20:2D:FF:51:41:AC:EB:FA:92:10:22:5E:3C:C6:3D
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 01856C4A39F8BFBCCC57F1071AF047A83399
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/Jkz4gC4gLf9RQazr-pIQIl48xj0.roa
Signing time: Sun 01 Jan 2023 07:44:41 +0000
ROA not before: Sun 01 Jan 2023 07:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.129.17.0/24 maxlen: 24
185.129.16.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:39:f8:bf:bc:cc:57:f1:07:1a:f0:47:a8:33:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 1 07:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=264cf8802e202dff5141acebfa9210225e3cc63d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c9:04:04:c5:66:5d:a8:68:a2:61:bd:70:eb:
ce:84:ad:fd:81:17:3a:80:5a:ba:e3:08:63:c3:01:
6a:8e:ef:0b:cc:2f:76:e1:f5:5b:4d:ca:92:22:f7:
a4:29:3a:34:0f:1e:32:31:34:73:20:96:7b:55:7e:
65:da:49:a7:4f:7e:df:89:3c:ee:ae:b2:8f:21:92:
0b:58:49:a8:a2:16:4e:86:06:0c:78:3c:48:be:22:
c5:4d:e8:e8:a2:79:a8:14:fa:86:f2:ba:c1:ee:db:
d3:ad:40:c0:cc:df:e6:64:2c:83:83:b6:c6:bc:51:
9c:e7:9a:e3:0f:17:ef:79:1f:ab:2a:c7:16:3f:ca:
d3:20:8c:25:bd:57:1f:07:d2:cc:66:c5:f7:ee:5a:
02:60:87:03:c3:5c:62:9e:df:10:ec:60:e8:b4:58:
b8:4a:dc:b9:e5:3b:e0:48:9d:1c:04:ab:36:14:ae:
09:21:43:27:22:b7:7e:71:b2:31:98:59:62:96:c6:
65:16:ae:42:14:4c:73:8d:e4:56:26:3e:af:3f:df:
a4:e8:87:45:c0:cb:90:b0:ce:ee:bc:36:c8:5a:50:
02:0c:d4:2a:79:18:26:0a:80:38:57:03:d3:87:7f:
02:76:06:a6:41:39:dc:f3:11:3b:67:e7:4d:bc:b6:
fd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:4C:F8:80:2E:20:2D:FF:51:41:AC:EB:FA:92:10:22:5E:3C:C6:3D
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/Jkz4gC4gLf9RQazr-pIQIl48xj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
IPv6:
2a0f:aac0::-2a0f:aac0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a6:b4:cf:5d:08:b5:45:c2:d7:03:60:e2:1a:85:0b:f1:ff:37:
b8:c5:d7:19:eb:05:63:0f:56:d6:5c:94:a4:16:42:73:cd:e4:
4b:7c:c6:46:f5:09:81:cc:93:7c:24:d5:5d:02:90:14:b4:c3:
58:f5:bc:73:92:58:bf:f7:6e:c9:ec:39:80:7b:a3:57:71:c3:
fe:db:0e:bd:d4:98:97:96:b0:d9:a3:43:03:8a:fa:2e:3a:b2:
56:e6:25:93:28:7c:fd:31:3b:91:6f:ae:1d:12:2b:af:17:11:
37:5b:5a:62:20:43:42:68:a3:d0:07:50:2c:2a:b2:b1:fd:fc:
b6:33:a2:91:6b:66:84:28:b2:4f:30:ba:51:1f:d5:7f:ac:8d:
26:c4:59:0b:ab:de:a3:04:ec:8a:77:8f:08:5e:3a:5b:fe:d9:
63:fc:d8:d7:35:cc:97:4b:66:e7:e8:98:b8:b3:fc:01:37:0d:
a1:e1:8d:db:3f:d6:a8:5d:7e:b8:13:17:54:e6:ed:5c:e6:7a:
e3:92:de:1f:ac:69:cd:50:9c:2c:ea:b7:04:2d:ed:74:ba:4e:
66:26:63:bb:a9:52:24:65:b9:f9:1a:43:98:38:9b:d2:62:67:
6d:40:b5:42:bb:54:07:bb:95:6b:a3:af:19:d5:64:20:e8:1a:
d5:4d:8e:a1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVsSjn4v7zMV/EHGvBHqDOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjMwMTAxMDc0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjRjZjg4MDJlMjAyZGZmNTE0MWFjZWJmYTkyMTAyMjVlM2NjNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApckEBMVmXahoomG9cOvOhK39gRc6
gFq64whjwwFqju8LzC924fVbTcqSIvekKTo0Dx4yMTRzIJZ7VX5l2kmnT37fiTzu
rrKPIZILWEmoohZOhgYMeDxIviLFTejoonmoFPqG8rrB7tvTrUDAzN/mZCyDg7bG
vFGc55rjDxfveR+rKscWP8rTIIwlvVcfB9LMZsX37loCYIcDw1xint8Q7GDotFi4
Sty55TvgSJ0cBKs2FK4JIUMnIrd+cbIxmFlilsZlFq5CFExzjeRWJj6vP9+k6IdF
wMuQsM7uvDbIWlACDNQqeRgmCoA4VwPTh38CdgamQTnc8xE7Z+dNvLb9rwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCZM+IAuIC3/UUGs6/qSECJePMY9MB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvSmt6NGdDNGdMZjlSUWF6ci1wSVFJbDQ4eGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBuYEQMBgE
AgACMBIwEAMFBioPqsADBwAqD6rAAAIwDQYJKoZIhvcNAQELBQADggEBAKa0z10I
tUXC1wNg4hqFC/H/N7jF1xnrBWMPVtZclKQWQnPN5Et8xkb1CYHMk3wk1V0CkBS0
w1j1vHOSWL/3bsnsOYB7o1dxw/7bDr3UmJeWsNmjQwOK+i46slbmJZMofP0xO5Fv
rh0SK68XETdbWmIgQ0Joo9AHUCwqsrH9/LYzopFrZoQosk8wulEf1X+sjSbEWQur
3qME7Ip3jwheOlv+2WP82Nc1zJdLZufomLiz/AE3DaHhjds/1qhdfrgTF1Tm7Vzm
euOS3h+sac1QnCzqtwQt7XS6TmYmY7upUiRlufkaQ5g4m9JiZ21AtUK7VAe7lWuj
rxnVZCDoGtVNjqE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org