Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/jGyt_l1TW15BAKgWfSNo_HutKQQ.roa
File: jGyt_l1TW15BAKgWfSNo_HutKQQ.roa (raw, json)
Hash identifier: +bCoJQXfsJG5p0txIv/SSe4nSeSAjtfixGCVuWTZwW8=
Subject key identifier: 8C:6C:AD:FE:5D:53:5B:5E:41:00:A8:16:7D:23:68:FC:7B:AD:29:04
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0189F9A996B3963D3289F04B838BF84CEF54
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/jGyt_l1TW15BAKgWfSNo_HutKQQ.roa
Signing time: Tue 15 Aug 2023 14:46:28 +0000
ROA not before: Tue 15 Aug 2023 14:46:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52423
IP address blocks: 45.85.85.0/24 maxlen: 24
185.185.248.0/24 maxlen: 24
185.185.249.0/24 maxlen: 24
45.85.86.0/24 maxlen: 24
185.190.80.0/24 maxlen: 32
185.184.141.0/24 maxlen: 32
185.184.143.0/24 maxlen: 24
185.184.142.0/24 maxlen: 24
45.130.72.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 23:43:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f9:a9:96:b3:96:3d:32:89:f0:4b:83:8b:f8:4c:ef:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Aug 15 14:46:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c6cadfe5d535b5e4100a8167d2368fc7bad2904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ee:5c:ed:f1:cf:74:e8:7f:27:06:b9:6a:ab:
25:30:76:1b:84:ed:63:eb:e1:d9:db:23:1d:61:d9:
e4:fd:c6:0b:b4:4a:e4:e7:fc:58:4c:18:55:b9:56:
82:36:a4:55:47:6b:51:a8:b3:1b:3e:08:65:11:55:
a2:93:bd:28:4e:2f:8c:22:ea:83:19:95:13:8d:91:
d6:b6:be:f2:d4:7c:0a:de:8f:f3:72:48:dd:49:24:
21:c2:ee:66:a3:48:22:5e:0e:f5:ff:9e:90:18:a1:
e9:e0:cb:5a:d5:ab:b5:eb:7a:65:15:fa:74:73:ff:
72:e8:73:fe:85:fa:82:be:1b:bf:a1:2b:a5:ab:c6:
eb:d4:fa:06:d6:ee:96:90:f7:64:c5:19:22:1f:59:
5e:43:ff:bc:0c:a9:0e:8b:73:98:c2:74:6f:7c:ef:
63:ae:16:2b:31:d0:1d:12:4e:6f:7b:54:b5:41:7b:
e0:60:ec:8d:1b:fc:04:aa:bb:ad:32:e3:1f:b1:ec:
8f:e0:5a:09:f3:f8:81:5a:0c:ed:03:23:d5:ae:46:
07:5c:e6:1a:a9:fa:d2:c0:7f:7f:4f:81:10:d9:59:
91:a4:1c:c2:70:bb:f4:7c:43:52:d5:20:46:c6:9a:
53:54:a0:3a:c3:ed:71:4c:e9:81:51:05:49:c2:3f:
1e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:6C:AD:FE:5D:53:5B:5E:41:00:A8:16:7D:23:68:FC:7B:AD:29:04
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/jGyt_l1TW15BAKgWfSNo_HutKQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.85.0-45.85.86.255
45.130.72.0/23
185.184.141.0-185.184.143.255
185.185.248.0/23
185.190.80.0/24
Signature Algorithm: sha256WithRSAEncryption
94:93:5f:78:a2:4a:e6:a1:00:81:57:c4:dd:eb:c0:73:c1:2d:
54:ec:d3:8a:55:88:10:e8:8a:0e:53:60:f2:95:25:e5:ea:b7:
e7:c4:96:71:95:69:d9:1c:b4:95:95:25:18:03:34:2f:4f:aa:
fa:2d:10:8f:2c:cd:af:63:c5:72:ac:69:94:a6:25:d2:dd:a0:
7c:79:4f:cf:06:95:dd:7d:dd:8a:a3:9f:0e:11:05:9d:40:46:
ee:78:75:91:20:cc:03:5f:fa:4a:51:02:63:41:96:1f:75:6c:
f2:f8:ec:b2:b8:55:d2:a0:10:4f:08:2b:c3:56:a8:9c:24:21:
84:bf:a2:f3:f8:59:3a:e4:cc:d0:35:26:4b:68:e2:92:58:06:
d5:c7:83:35:50:a6:0e:04:cd:d1:44:3c:e8:2b:56:f5:93:5b:
25:41:3d:7a:b5:78:29:88:62:46:2d:a7:7d:0c:5b:1d:35:50:
93:26:99:f7:89:db:55:58:cc:2e:b7:5e:57:95:f6:f5:68:c5:
31:3e:88:37:4f:25:90:5f:eb:17:b7:70:92:bd:4c:c7:74:e3:
e5:4b:73:a8:9f:d0:26:68:a4:46:7d:4e:b5:82:92:f4:61:dd:
a7:b7:c3:b4:40:82:09:98:86:ec:51:d9:46:00:8c:dd:84:af:
14:31:3a:19
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYn5qZazlj0yifBLg4v4TO9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwODE1MTQ0NjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzZjYWRmZTVkNTM1YjVlNDEwMGE4MTY3ZDIzNjhmYzdiYWQyOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO5c7fHPdOh/Jwa5aqslMHYbhO1j
6+HZ2yMdYdnk/cYLtErk5/xYTBhVuVaCNqRVR2tRqLMbPghlEVWik70oTi+MIuqD
GZUTjZHWtr7y1HwK3o/zckjdSSQhwu5mo0giXg71/56QGKHp4Mta1au163plFfp0
c/9y6HP+hfqCvhu/oSulq8br1PoG1u6WkPdkxRkiH1leQ/+8DKkOi3OYwnRvfO9j
rhYrMdAdEk5ve1S1QXvgYOyNG/wEqrutMuMfseyP4FoJ8/iBWgztAyPVrkYHXOYa
qfrSwH9/T4EQ2VmRpBzCcLv0fENS1SBGxppTVKA6w+1xTOmBUQVJwj8erwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIxsrf5dU1teQQCoFn0jaPx7rSkEMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvakd5dF9sMVRXMTVCQUtnV2ZTTm9fSHV0S1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAAtVVUD
BAAtVVYDBAEtgkgwDAMEALm4jQMEBLm4gAMEAbm5+AMEALm+UDANBgkqhkiG9w0B
AQsFAAOCAQEAlJNfeKJK5qEAgVfE3evAc8EtVOzTilWIEOiKDlNg8pUl5eq358SW
cZVp2Ry0lZUlGAM0L0+q+i0QjyzNr2PFcqxplKYl0t2gfHlPzwaV3X3diqOfDhEF
nUBG7nh1kSDMA1/6SlECY0GWH3Vs8vjssrhV0qAQTwgrw1aonCQhhL+i8/hZOuTM
0DUmS2jiklgG1ceDNVCmDgTN0UQ86CtW9ZNbJUE9erV4KYhiRi2nfQxbHTVQkyaZ
94nbVVjMLrdeV5X29WjFMT6IN08lkF/rF7dwkr1Mx3Tj5UtzqJ/QJmikRn1OtYKS
9GHdp7fDtECCCZiG7FHZRgCM3YSvFDE6GQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org