Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JBq9q9OX3rQNhF4aK9gcYp65VuA.roa
File: JBq9q9OX3rQNhF4aK9gcYp65VuA.roa (raw, json)
Hash identifier: qpLKQXQIREgvgMXGUH/Lz+E1Nc4KJVtAOIdFac/phS4=
Subject key identifier: 24:1A:BD:AB:D3:97:DE:B4:0D:84:5E:1A:2B:D8:1C:62:9E:B9:56:E0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0185BA39B40449069D6E603B21459FA72276
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JBq9q9OX3rQNhF4aK9gcYp65VuA.roa
Signing time: Mon 16 Jan 2023 10:57:01 +0000
ROA not before: Mon 16 Jan 2023 10:57:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.8.23.0/24 maxlen: 24
185.194.178.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Feb 2023 09:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:39:b4:04:49:06:9d:6e:60:3b:21:45:9f:a7:22:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 16 10:57:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=241abdabd397deb40d845e1a2bd81c629eb956e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5a:4a:36:75:09:1f:84:c3:99:b3:cc:84:7a:
13:0c:87:05:cd:2c:b3:44:2b:0b:a9:9f:be:64:59:
a5:af:89:53:0a:cc:b2:87:1e:da:34:2f:a6:86:5a:
ab:03:d7:d6:06:05:f4:d2:01:36:41:69:e8:42:3f:
77:68:41:5b:bc:0e:d5:15:1d:57:07:03:16:ed:52:
56:d5:c1:2a:89:c6:b5:23:05:71:29:18:54:d9:61:
2e:11:85:13:55:2f:b5:ba:de:d2:64:2c:0e:20:87:
80:bb:77:51:ce:bc:49:80:e9:36:bf:17:8a:9e:b0:
4f:f6:97:ad:ca:a4:b1:31:c1:a6:1e:fd:40:95:29:
38:23:59:5d:f4:60:1f:47:56:a8:8e:ce:96:1c:f5:
81:bb:a7:0f:c4:6d:20:91:4a:2d:63:2e:5a:73:69:
ba:18:64:a6:de:95:7d:5f:be:c7:57:93:7c:e0:4f:
19:14:e1:ab:ca:cc:3f:82:4c:50:4f:a5:68:f8:c4:
6a:0a:fa:31:29:0f:dc:3b:7a:6d:ba:a0:e0:28:e0:
f2:70:a9:ba:1c:1a:b3:c7:fa:4d:f3:0f:38:fd:eb:
7f:a5:13:24:db:b1:1c:b2:00:3b:15:57:01:36:22:
6b:7d:8b:6b:09:07:c3:77:c0:5e:69:5c:68:fe:b9:
65:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:1A:BD:AB:D3:97:DE:B4:0D:84:5E:1A:2B:D8:1C:62:9E:B9:56:E0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JBq9q9OX3rQNhF4aK9gcYp65VuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
185.194.178.0/24
185.225.2.0/24
Signature Algorithm: sha256WithRSAEncryption
53:26:16:50:ef:d5:a4:e6:19:bf:f9:11:4c:72:47:9c:42:3e:
f3:17:ac:31:8c:a1:b3:a6:15:e6:fd:35:5f:b4:6d:12:2c:11:
a1:03:c3:60:14:71:c6:d1:fe:6b:ab:e6:a0:ba:bc:98:fd:11:
aa:e9:56:87:77:55:0f:18:36:02:d8:45:a7:12:d0:85:89:bf:
00:9e:45:a5:38:ab:dd:7f:a5:e3:75:07:69:60:2b:b6:88:62:
72:0a:1c:8a:93:5e:c6:a1:c7:7a:09:d9:4a:71:3e:35:00:3d:
6d:07:b6:03:bd:21:be:90:13:cd:c6:02:e0:9e:dd:d2:1f:ad:
3c:73:d7:7d:39:6f:2c:59:b0:ea:e1:d3:7c:75:4c:a2:fb:e6:
3a:32:6e:07:c8:f9:34:f4:1a:da:b8:8c:03:82:12:03:8d:df:
fc:ff:35:65:b1:9b:34:e3:57:2f:33:fc:2c:3e:a1:96:a9:b0:
e0:1f:92:8e:9d:c8:be:81:51:58:2d:f9:f3:6e:d2:4b:7a:a8:
30:5d:8c:f1:de:8d:6f:de:80:b8:d5:99:c7:40:7e:c2:3e:7e:
fe:36:f8:78:e0:9e:08:1a:52:65:ba:bb:9d:54:ee:55:cd:cf:
53:b1:63:db:55:30:f3:93:94:c2:71:ca:b0:87:53:3a:bd:21:
20:9d:1f:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYW6ObQESQadbmA7IUWfpyJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTE2MTA1NzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDFhYmRhYmQzOTdkZWI0MGQ4NDVlMWEyYmQ4MWM2MjllYjk1NmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFpKNnUJH4TDmbPMhHoTDIcFzSyz
RCsLqZ++ZFmlr4lTCsyyhx7aNC+mhlqrA9fWBgX00gE2QWnoQj93aEFbvA7VFR1X
BwMW7VJW1cEqica1IwVxKRhU2WEuEYUTVS+1ut7SZCwOIIeAu3dRzrxJgOk2vxeK
nrBP9petyqSxMcGmHv1AlSk4I1ld9GAfR1aojs6WHPWBu6cPxG0gkUotYy5ac2m6
GGSm3pV9X77HV5N84E8ZFOGrysw/gkxQT6Vo+MRqCvoxKQ/cO3ptuqDgKODycKm6
HBqzx/pN8w84/et/pRMk27EcsgA7FVcBNiJrfYtrCQfDd8BeaVxo/rll9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCQavavTl960DYReGivYHGKeuVbgMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSkJxOXE5T1gzclFOaEY0YUs5Z2NZcDY1VnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQgXAwQA
ucKyAwQAueECMA0GCSqGSIb3DQEBCwUAA4IBAQBTJhZQ79Wk5hm/+RFMckecQj7z
F6wxjKGzphXm/TVftG0SLBGhA8NgFHHG0f5rq+aguryY/RGq6VaHd1UPGDYC2EWn
EtCFib8AnkWlOKvdf6XjdQdpYCu2iGJyChyKk17Gocd6CdlKcT41AD1tB7YDvSG+
kBPNxgLgnt3SH608c9d9OW8sWbDq4dN8dUyi++Y6Mm4HyPk09BrauIwDghIDjd/8
/zVlsZs041cvM/wsPqGWqbDgH5KOnci+gVFYLfnzbtJLeqgwXYzx3o1v3oC41ZnH
QH7CPn7+Nvh44J4IGlJlurudVO5Vzc9TsWPbVTDzk5TCccqwh1M6vSEgnR8c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org