Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JJxGFtf9SNCghf04UaXIGAa8GcA.roa
File: JJxGFtf9SNCghf04UaXIGAa8GcA.roa (raw, json)
Hash identifier: x6Uv64jicsL2sALB89y2GX2Qdq0sOv8C0tNuXeQb0HQ=
Subject key identifier: 24:9C:46:16:D7:FD:48:D0:A0:85:FD:38:51:A5:C8:18:06:BC:19:C0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018746B932FF93363A2F4F64F9F8635DDD2C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JJxGFtf9SNCghf04UaXIGAa8GcA.roa
Signing time: Mon 03 Apr 2023 10:45:54 +0000
ROA not before: Mon 03 Apr 2023 10:45:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 185.206.250.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 07:41:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:b9:32:ff:93:36:3a:2f:4f:64:f9:f8:63:5d:dd:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 3 10:45:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=249c4616d7fd48d0a085fd3851a5c81806bc19c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f9:e4:b0:c5:f9:a1:94:16:31:f6:23:e5:b9:
e3:44:21:14:e0:ee:3a:9d:d1:92:58:70:0d:f7:d7:
ff:80:4d:52:67:9f:71:ad:d0:a4:bb:84:69:f8:c0:
39:a0:9e:f0:03:51:8b:ce:e3:2b:26:c0:07:fa:60:
72:27:c7:35:ca:68:1c:3e:f5:00:71:a3:50:be:d6:
1f:d9:8c:ee:ee:c8:85:7a:18:35:3b:50:be:98:76:
6a:a4:ca:0f:03:db:14:c4:be:20:9f:5f:59:17:59:
97:f8:55:b5:b7:5a:65:ee:bc:48:4a:dd:dc:5e:e1:
89:f2:cd:25:d1:12:62:88:f3:6f:0a:ab:b5:1f:cc:
3c:59:8e:53:c5:1c:49:a2:ca:fa:24:a9:00:eb:8f:
de:8d:41:7d:c3:f4:ab:71:83:f5:3a:6e:75:89:73:
ab:f2:72:ab:55:df:f7:bc:5b:e8:e5:e4:bb:82:04:
ab:a4:ae:cc:3a:9c:01:51:72:15:ff:c9:64:5c:bb:
64:8b:b0:2e:be:13:65:23:3c:6f:b7:62:80:e4:23:
87:37:4f:8c:98:c9:4e:4c:d9:69:fd:7e:d4:94:a3:
7e:31:c4:b7:66:45:6c:0b:c2:39:b0:9a:44:48:a0:
83:21:60:0e:d1:06:5d:c6:8f:24:2d:8e:05:a0:73:
d2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9C:46:16:D7:FD:48:D0:A0:85:FD:38:51:A5:C8:18:06:BC:19:C0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JJxGFtf9SNCghf04UaXIGAa8GcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.159.0/24
185.206.250.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:ec:65:76:fd:b8:43:63:e2:9a:f0:5a:cd:e4:cd:86:ef:e0:
c8:02:fd:a0:15:51:06:ce:15:49:3a:f9:50:c3:8a:05:24:a0:
09:09:b7:e7:2f:31:b1:83:cc:69:ec:c5:fb:96:51:2e:d5:f5:
83:e7:49:50:6e:29:75:c2:4b:01:5a:80:51:63:85:e1:7d:eb:
67:cd:0f:3f:f4:4b:aa:cd:3a:82:cd:eb:d8:c5:b0:71:39:f7:
b1:75:c3:d9:af:37:bd:86:e3:d7:d0:4a:48:21:4b:84:78:02:
59:b2:11:58:8d:38:01:5e:bf:4e:79:8a:1a:ae:47:4e:fc:06:
45:0f:e4:a1:75:96:0e:96:ed:b6:17:d0:a8:1f:97:8e:c4:54:
1f:7a:eb:82:ec:b3:f6:fc:33:dc:3c:a1:a7:e8:8d:ad:7d:38:
e2:a2:89:d4:92:6f:d4:70:b9:c4:5d:83:24:34:6e:50:df:b5:
98:d2:ee:0a:93:a9:89:9e:a7:90:bd:03:a1:b4:25:36:16:71:
9b:8e:d7:f0:c3:cd:48:b8:e6:30:c6:2c:ba:4f:09:0c:52:8e:
e8:e8:6a:13:ca:99:7e:28:81:c3:87:cf:05:25:d2:3e:85:c9:
54:db:a4:8f:6b:d7:d2:45:57:c2:43:fe:fe:35:ba:77:49:5b:
af:e4:23:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdGuTL/kzY6L09k+fhjXd0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDAzMTA0NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDljNDYxNmQ3ZmQ0OGQwYTA4NWZkMzg1MWE1YzgxODA2YmMxOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivnksMX5oZQWMfYj5bnjRCEU4O46
ndGSWHAN99f/gE1SZ59xrdCku4Rp+MA5oJ7wA1GLzuMrJsAH+mByJ8c1ymgcPvUA
caNQvtYf2Yzu7siFehg1O1C+mHZqpMoPA9sUxL4gn19ZF1mX+FW1t1pl7rxISt3c
XuGJ8s0l0RJiiPNvCqu1H8w8WY5TxRxJosr6JKkA64/ejUF9w/SrcYP1Om51iXOr
8nKrVd/3vFvo5eS7ggSrpK7MOpwBUXIV/8lkXLtki7AuvhNlIzxvt2KA5COHN0+M
mMlOTNlp/X7UlKN+McS3ZkVsC8I5sJpESKCDIWAO0QZdxo8kLY4FoHPSwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCScRhbX/UjQoIX9OFGlyBgGvBnAMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSkp4R0Z0ZjlTTkNnaGYwNFVhWElHQWE4R2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucefAwQA
uc76MA0GCSqGSIb3DQEBCwUAA4IBAQAP7GV2/bhDY+Ka8FrN5M2G7+DIAv2gFVEG
zhVJOvlQw4oFJKAJCbfnLzGxg8xp7MX7llEu1fWD50lQbil1wksBWoBRY4Xhfetn
zQ8/9EuqzTqCzevYxbBxOfexdcPZrze9huPX0EpIIUuEeAJZshFYjTgBXr9OeYoa
rkdO/AZFD+ShdZYOlu22F9CoH5eOxFQfeuuC7LP2/DPcPKGn6I2tfTjioonUkm/U
cLnEXYMkNG5Q37WY0u4Kk6mJnqeQvQOhtCU2FnGbjtfww81IuOYwxiy6TwkMUo7o
6GoTypl+KIHDh88FJdI+hclU26SPa9fSRVfCQ/7+Nbp3SVuv5CPs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org