Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JpGXrvh_F6gBihu_QbEntT4YnD4.roa
File: JpGXrvh_F6gBihu_QbEntT4YnD4.roa (raw, json)
Hash identifier: OZJG5wsirt5wryP74iFhsHL1/P5UlwApyZQAIstgIuE=
Subject key identifier: 26:91:97:AE:F8:7F:17:A8:01:8A:1B:BF:41:B1:27:B5:3E:18:9C:3E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01869293CFD7C259376E1B23137912BDF0E8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JpGXrvh_F6gBihu_QbEntT4YnD4.roa
Signing time: Mon 27 Feb 2023 11:13:25 +0000
ROA not before: Mon 27 Feb 2023 11:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.8.23.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Mar 2023 19:22:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:93:cf:d7:c2:59:37:6e:1b:23:13:79:12:bd:f0:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 27 11:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=269197aef87f17a8018a1bbf41b127b53e189c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:37:fc:b5:53:d1:11:4a:e5:0a:bf:34:d9:05:
05:9e:d9:3a:89:f1:69:ff:cf:f7:35:dc:7e:22:aa:
f2:f3:12:ab:e7:9e:4e:25:0e:2f:d9:ea:9a:9b:41:
d9:f3:51:0b:d7:e4:31:a7:97:87:7c:37:af:5b:da:
aa:ba:e9:e8:21:51:d8:93:a6:f6:61:7c:72:4d:d8:
94:97:ad:86:37:b6:f5:2d:68:ae:f1:8e:b7:62:de:
c3:52:69:45:f8:de:f0:d9:12:bc:eb:b1:41:54:28:
26:8e:33:93:35:72:c5:27:c4:ea:54:53:b1:51:b5:
c6:6d:da:6b:6d:56:69:0f:5b:06:4f:4f:6b:a4:bc:
14:ef:57:4d:c2:9d:20:ba:08:d8:c8:60:cb:13:44:
ef:e0:36:59:43:48:b0:75:79:fa:bf:10:b3:61:94:
1a:95:6d:dc:f8:bb:35:09:9c:b1:54:1a:04:f4:9b:
5b:6f:b8:c4:19:34:fb:d2:49:67:70:aa:42:c1:ab:
db:86:32:99:ed:3f:96:12:ff:0a:50:b2:e8:d6:e1:
40:b5:28:a8:05:c3:d3:83:aa:d1:00:84:ba:9c:be:
d8:46:6b:41:5d:b0:11:e0:28:44:54:e3:21:f5:07:
84:2e:9e:63:12:ee:0e:61:a4:ce:ff:ba:65:3c:ee:
35:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:91:97:AE:F8:7F:17:A8:01:8A:1B:BF:41:B1:27:B5:3E:18:9C:3E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JpGXrvh_F6gBihu_QbEntT4YnD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
185.225.2.0/24
185.251.229.0-185.251.230.255
Signature Algorithm: sha256WithRSAEncryption
97:db:2d:db:d1:4e:f1:2a:98:72:ea:2b:3b:bf:d5:25:32:fd:
88:d9:f5:6d:c7:12:b7:c9:25:06:1a:0c:47:76:82:ae:79:e6:
ea:90:1f:01:48:48:98:97:90:af:f0:17:5a:ff:ff:27:ca:33:
5d:26:b9:b1:6f:9b:d6:ac:bc:36:36:4e:d6:0b:df:00:fc:33:
74:f5:50:32:86:76:b3:3e:9e:ba:9d:96:a8:85:53:d9:b3:8d:
87:06:de:c3:6f:f6:9f:94:a5:b6:9e:5f:9f:a3:27:eb:1b:2e:
12:7a:cd:d1:51:11:6a:74:ae:12:58:46:e0:85:d5:81:c1:b1:
8c:dd:0b:19:23:92:53:8a:c1:8e:08:fe:03:c6:52:9c:1c:f2:
1d:3e:4a:8e:89:44:e6:11:42:6b:9d:43:fa:17:21:da:07:d3:
a4:2a:e0:6b:e4:f5:08:58:f6:fe:cf:14:b5:3d:78:ad:a9:43:
4b:11:92:15:82:93:be:82:f3:33:19:8e:cd:f9:35:46:cf:42:
d9:55:1c:a1:f8:b2:0f:11:a1:0c:18:04:0a:a1:e4:45:0a:85:
39:51:ad:cc:bf:9a:71:4d:45:70:26:50:3f:d4:a3:21:6f:c3:
97:2f:24:b1:56:93:1c:06:92:de:01:10:4c:34:41:68:87:df:
72:ae:71:fe
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYaSk8/Xwlk3bhsjE3kSvfDoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMjI3MTExMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjkxOTdhZWY4N2YxN2E4MDE4YTFiYmY0MWIxMjdiNTNlMTg5YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozf8tVPREUrlCr802QUFntk6ifFp
/8/3Ndx+Iqry8xKr555OJQ4v2eqam0HZ81EL1+Qxp5eHfDevW9qquunoIVHYk6b2
YXxyTdiUl62GN7b1LWiu8Y63Yt7DUmlF+N7w2RK867FBVCgmjjOTNXLFJ8TqVFOx
UbXGbdprbVZpD1sGT09rpLwU71dNwp0gugjYyGDLE0Tv4DZZQ0iwdXn6vxCzYZQa
lW3c+Ls1CZyxVBoE9Jtbb7jEGTT70klncKpCwavbhjKZ7T+WEv8KULLo1uFAtSio
BcPTg6rRAIS6nL7YRmtBXbAR4ChEVOMh9QeELp5jEu4OYaTO/7plPO41xwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCaRl674fxeoAYobv0GxJ7U+GJw+MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSnBHWHJ2aF9GNmdCaWh1X1FiRW50VDRZbkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALQgXAwQA
ueECMAwDBAC5++UDBAC5++YwDQYJKoZIhvcNAQELBQADggEBAJfbLdvRTvEqmHLq
Kzu/1SUy/YjZ9W3HErfJJQYaDEd2gq555uqQHwFISJiXkK/wF1r//yfKM10mubFv
m9asvDY2TtYL3wD8M3T1UDKGdrM+nrqdlqiFU9mzjYcG3sNv9p+UpbaeX5+jJ+sb
LhJ6zdFREWp0rhJYRuCF1YHBsYzdCxkjklOKwY4I/gPGUpwc8h0+So6JROYRQmud
Q/oXIdoH06Qq4Gvk9QhY9v7PFLU9eK2pQ0sRkhWCk76C8zMZjs35NUbPQtlVHKH4
sg8RoQwYBAqh5EUKhTlRrcy/mnFNRXAmUD/UoyFvw5cvJLFWkxwGkt4BEEw0QWiH
33Kucf4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org