Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JiTFq_XOiuVIcbaM_HUAyx6_Qmg.roa
File: JiTFq_XOiuVIcbaM_HUAyx6_Qmg.roa (raw, json)
Hash identifier: 7ipvAdiSJ1QYArI/phvMdTS0Qtrc3eMN0fllsrkeMGM=
Subject key identifier: 26:24:C5:AB:F5:CE:8A:E5:48:71:B6:8C:FC:75:00:CB:1E:BF:42:68
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B643106DCEDB1ACC9614C8D1F63959
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JiTFq_XOiuVIcbaM_HUAyx6_Qmg.roa
Signing time: Mon 02 Jan 2023 09:00:48 +0000
ROA not before: Mon 02 Jan 2023 09:00:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207915
IP address blocks: 185.124.136.0/22 maxlen: 22
194.76.172.0/23 maxlen: 23
194.76.168.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 21 Dec 2023 10:18:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:43:10:6d:ce:db:1a:cc:96:14:c8:d1:f6:39:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2624c5abf5ce8ae54871b68cfc7500cb1ebf4268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:82:22:5b:f9:43:c9:b9:8d:66:43:80:67:1c:
48:b5:d9:ac:a0:36:35:cb:9e:3b:dc:a8:47:5a:20:
1a:20:ea:07:af:0d:2e:81:94:68:b1:97:a6:4e:f6:
c5:f1:ef:a5:c7:a8:10:d0:59:52:39:4f:1d:87:c7:
7d:82:8d:d7:2e:06:ef:ce:67:29:68:df:d9:17:1f:
6a:67:a2:55:4e:42:b4:44:7c:f3:ce:d2:98:e1:89:
11:9e:44:06:60:b7:c0:3e:91:bc:31:05:14:d2:07:
3d:0d:04:78:57:34:7c:43:ee:d7:23:5f:02:f3:80:
cf:4c:dc:0e:10:c7:5c:46:6f:8e:fe:8d:4a:6f:c8:
3d:16:a2:07:10:b1:1d:d7:24:37:d5:87:8f:d2:8a:
e3:37:ac:7d:5e:bf:07:2c:22:c6:7e:84:52:72:ec:
35:de:59:75:27:5f:49:ed:e4:7b:7d:6a:1c:17:da:
c5:d7:61:8b:9c:7b:ca:48:39:f1:20:9f:63:59:e2:
26:c5:a5:41:8f:b2:a2:ec:b6:8b:e5:9a:d2:1c:fc:
71:6b:8e:da:b9:a0:6f:06:84:e9:b5:75:d9:04:0b:
b8:c7:c4:d8:00:5d:e8:db:b9:44:5c:af:71:03:4d:
00:96:d5:36:b3:e2:f8:75:e0:79:8e:90:33:d4:56:
04:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:24:C5:AB:F5:CE:8A:E5:48:71:B6:8C:FC:75:00:CB:1E:BF:42:68
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JiTFq_XOiuVIcbaM_HUAyx6_Qmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.136.0/22
194.76.168.0/23
194.76.172.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:04:7b:44:f7:26:f1:19:0b:d1:62:13:e4:51:26:e9:1f:26:
c4:38:79:db:ea:17:9d:fe:6e:40:20:24:40:2d:8a:0e:33:90:
71:09:cb:83:a6:54:51:7a:57:44:9f:d4:ef:bd:43:2a:62:4e:
77:a6:b1:ff:d1:85:bd:17:29:84:f7:f8:7e:bb:9c:53:3f:f0:
f0:84:26:60:b1:0e:39:d3:1e:e5:bd:d7:dc:a6:32:6d:39:15:
dd:ad:26:5f:d2:9b:8f:6f:29:90:d7:ee:1f:41:c8:a3:af:9d:
40:eb:0a:69:26:77:51:93:b1:0a:f0:d9:71:d5:29:36:2f:11:
e5:91:ae:61:0e:ef:d6:7e:6a:fc:30:a1:93:a4:64:52:d0:5e:
b6:a5:0c:88:7b:94:fe:10:63:33:74:b0:34:d4:17:26:f2:ec:
7d:43:36:40:a2:ab:d4:c4:09:11:fc:fe:1f:be:52:50:8a:6e:
4c:08:a6:18:23:e0:b6:8b:d7:8a:17:46:18:4f:d8:ae:ff:51:
e8:8c:e8:0a:f2:54:c2:c3:5b:08:54:52:9f:96:56:99:4a:97:
cd:32:f2:23:d6:eb:16:8e:98:c6:d9:e0:bc:de:45:5e:28:19:
c7:75:7a:af:c3:ac:f9:39:c2:11:40:fc:d6:30:e6:a6:b9:8c:
38:c4:f6:2d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxtkMQbc7bGsyWFMjR9jlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjI0YzVhYmY1Y2U4YWU1NDg3MWI2OGNmYzc1MDBjYjFlYmY0MjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoIiW/lDybmNZkOAZxxItdmsoDY1
y5473KhHWiAaIOoHrw0ugZRosZemTvbF8e+lx6gQ0FlSOU8dh8d9go3XLgbvzmcp
aN/ZFx9qZ6JVTkK0RHzzztKY4YkRnkQGYLfAPpG8MQUU0gc9DQR4VzR8Q+7XI18C
84DPTNwOEMdcRm+O/o1Kb8g9FqIHELEd1yQ31YeP0orjN6x9Xr8HLCLGfoRScuw1
3ll1J19J7eR7fWocF9rF12GLnHvKSDnxIJ9jWeImxaVBj7Ki7LaL5ZrSHPxxa47a
uaBvBoTptXXZBAu4x8TYAF3o27lEXK9xA00AltU2s+L4deB5jpAz1FYEjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCYkxav1zorlSHG2jPx1AMsev0JoMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSmlURnFfWE9pdVZJY2JhTV9IVUF5eDZfUW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuXyIAwQB
wkyoAwQBwkysMA0GCSqGSIb3DQEBCwUAA4IBAQAMBHtE9ybxGQvRYhPkUSbpHybE
OHnb6hed/m5AICRALYoOM5BxCcuDplRReldEn9TvvUMqYk53prH/0YW9FymE9/h+
u5xTP/DwhCZgsQ450x7lvdfcpjJtORXdrSZf0puPbymQ1+4fQcijr51A6wppJndR
k7EK8Nlx1Sk2LxHlka5hDu/Wfmr8MKGTpGRS0F62pQyIe5T+EGMzdLA01Bcm8ux9
QzZAoqvUxAkR/P4fvlJQim5MCKYYI+C2i9eKF0YYT9iu/1HojOgK8lTCw1sIVFKf
llaZSpfNMvIj1usWjpjG2eC83kVeKBnHdXqvw6z5OcIRQPzWMOamuYw4xPYt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org