Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3bf23a-904c-4e4f-9f02-f999e1beb961/1/jDNUF_6d66uJj7zxa5EtrE81uXw.roa
File: jDNUF_6d66uJj7zxa5EtrE81uXw.roa (raw, json)
Hash identifier: LUA5vrk/9PjN60corBVjq6loYt93WZuNi4IiFnSXG4k=
Subject key identifier: 8C:33:54:17:FE:9D:EB:AB:89:8F:BC:F1:6B:91:2D:AC:4F:35:B9:7C
Certificate issuer: /CN=8d7faa5bb9b3ea40137db86c4072fce158f6a5cf
Certificate serial: 01856F149E65E6AEC604426452ECD55B8D7D
Authority key identifier: 8D:7F:AA:5B:B9:B3:EA:40:13:7D:B8:6C:40:72:FC:E1:58:F6:A5:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jX-qW7mz6kATfbhsQHL84Vj2pc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3bf23a-904c-4e4f-9f02-f999e1beb961/1/jDNUF_6d66uJj7zxa5EtrE81uXw.roa
Signing time: Sun 01 Jan 2023 20:45:00 +0000
ROA not before: Sun 01 Jan 2023 20:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200548
IP address blocks: 37.16.92.0/22 maxlen: 22
37.16.93.0/24 maxlen: 24
37.16.94.0/24 maxlen: 24
37.16.92.0/24 maxlen: 24
37.16.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:9e:65:e6:ae:c6:04:42:64:52:ec:d5:5b:8d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d7faa5bb9b3ea40137db86c4072fce158f6a5cf
Validity
Not Before: Jan 1 20:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c335417fe9debab898fbcf16b912dac4f35b97c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fc:db:53:75:9d:66:01:ab:a0:03:a1:62:c5:
8d:c1:66:88:b9:b0:07:af:5a:9e:b8:0d:83:f9:c4:
66:87:80:39:3a:98:09:4d:20:63:55:4e:84:c5:39:
bf:82:d3:75:88:cf:99:1a:ee:67:db:84:6c:9d:98:
93:52:d7:2a:d2:ad:7b:b4:b3:d5:08:c5:7f:fb:8f:
63:9a:30:f9:5e:67:ee:b0:ad:80:d7:c5:f8:0a:40:
ab:0a:ca:f7:f8:f7:62:28:37:e3:4f:79:2f:cf:05:
d1:eb:fc:8e:f7:be:0a:a6:aa:04:44:10:26:c0:c1:
a6:6c:d9:38:89:76:de:d3:af:8f:8d:da:84:e5:76:
01:53:e7:b4:27:f1:b8:73:a4:5b:d4:96:25:45:9e:
a6:4d:30:0b:8d:65:2a:33:16:b0:f4:01:65:45:3d:
73:11:99:98:a9:96:5c:d7:60:fd:a6:d8:72:c2:57:
e5:d4:0d:0c:0e:59:a7:31:18:0d:63:5f:76:c9:d7:
c2:82:34:64:90:8a:95:44:20:41:1f:35:e5:08:90:
9e:b4:4e:57:c2:36:5e:79:e8:36:35:4f:8b:1e:f3:
61:a0:40:0b:f7:1d:46:2e:26:57:7b:3a:1d:3c:9d:
0c:3f:4e:d5:ac:21:c2:98:1e:11:28:07:a8:89:5f:
89:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:33:54:17:FE:9D:EB:AB:89:8F:BC:F1:6B:91:2D:AC:4F:35:B9:7C
X509v3 Authority Key Identifier:
keyid:8D:7F:AA:5B:B9:B3:EA:40:13:7D:B8:6C:40:72:FC:E1:58:F6:A5:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jX-qW7mz6kATfbhsQHL84Vj2pc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bf23a-904c-4e4f-9f02-f999e1beb961/1/jDNUF_6d66uJj7zxa5EtrE81uXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bf23a-904c-4e4f-9f02-f999e1beb961/1/jX-qW7mz6kATfbhsQHL84Vj2pc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.92.0/22
Signature Algorithm: sha256WithRSAEncryption
08:2c:66:e9:c8:90:82:3a:3e:58:af:ac:db:06:bc:ff:ac:de:
3f:70:82:63:19:5a:fc:d0:8d:41:d7:10:93:3f:0e:7c:33:cf:
77:29:5d:e4:c9:c7:cc:4e:bf:4b:4b:91:ea:ad:1f:84:b9:1d:
3f:93:5b:95:bb:46:ee:89:0b:1b:f7:71:db:bc:c0:30:ef:09:
05:e5:d3:22:60:26:98:9a:6e:45:4c:d4:94:2e:50:80:70:80:
da:4c:e5:53:c6:e9:1d:58:a1:e4:c9:22:ff:05:6d:e6:c5:5a:
bd:b9:06:67:26:ec:49:da:17:1a:cf:58:ae:01:26:7b:d4:9a:
50:1e:8c:47:3c:bc:47:4e:6a:94:17:cc:f3:cb:e8:42:68:e7:
09:fc:3a:48:b5:6b:a3:34:04:a6:f1:be:0b:20:0b:d8:68:a9:
83:ca:25:1c:c1:4e:40:0a:5d:85:de:c5:db:f4:fb:00:85:f2:
20:24:94:d0:20:e3:15:49:29:f4:ea:bc:ae:bc:81:64:2b:3f:
75:6c:34:db:ac:c8:a9:74:23:3b:2d:22:27:fb:8f:fc:7e:fc:
af:65:cc:44:af:1a:26:97:46:94:66:6c:3e:ec:71:8d:76:fc:
f3:d9:0b:c4:0f:4e:1f:18:0a:b0:bb:ef:8f:08:12:6c:ec:1d:
1e:a9:d9:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFJ5l5q7GBEJkUuzVW419MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkN2ZhYTViYjliM2VhNDAxMzdkYjg2YzQwNzJmY2UxNThm
NmE1Y2YwHhcNMjMwMTAxMjA0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzMzNTQxN2ZlOWRlYmFiODk4ZmJjZjE2YjkxMmRhYzRmMzViOTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifzbU3WdZgGroAOhYsWNwWaIubAH
r1qeuA2D+cRmh4A5OpgJTSBjVU6ExTm/gtN1iM+ZGu5n24RsnZiTUtcq0q17tLPV
CMV/+49jmjD5XmfusK2A18X4CkCrCsr3+PdiKDfjT3kvzwXR6/yO974KpqoERBAm
wMGmbNk4iXbe06+PjdqE5XYBU+e0J/G4c6Rb1JYlRZ6mTTALjWUqMxaw9AFlRT1z
EZmYqZZc12D9pthywlfl1A0MDlmnMRgNY192ydfCgjRkkIqVRCBBHzXlCJCetE5X
wjZeeeg2NU+LHvNhoEAL9x1GLiZXezodPJ0MP07VrCHCmB4RKAeoiV+JlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwzVBf+neuriY+88WuRLaxPNbl8MB8GA1UdIwQY
MBaAFI1/qlu5s+pAE324bEBy/OFY9qXPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalgtcVc3bXo2a0FUZmJoc1FITDg0VmoycGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zYmYyM2EtOTA0Yy00ZTRmLTlmMDIt
Zjk5OWUxYmViOTYxLzEvakROVUZfNmQ2NnVKajd6eGE1RXRyRTgxdVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zYmYyM2EtOTA0Yy00ZTRmLTlmMDItZjk5OWUxYmViOTYx
LzEvalgtcVc3bXo2a0FUZmJoc1FITDg0VmoycGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJRBcMA0G
CSqGSIb3DQEBCwUAA4IBAQAILGbpyJCCOj5Yr6zbBrz/rN4/cIJjGVr80I1B1xCT
Pw58M893KV3kycfMTr9LS5HqrR+EuR0/k1uVu0buiQsb93HbvMAw7wkF5dMiYCaY
mm5FTNSULlCAcIDaTOVTxukdWKHkySL/BW3mxVq9uQZnJuxJ2hcaz1iuASZ71JpQ
HoxHPLxHTmqUF8zzy+hCaOcJ/DpItWujNASm8b4LIAvYaKmDyiUcwU5ACl2F3sXb
9PsAhfIgJJTQIOMVSSn06ryuvIFkKz91bDTbrMipdCM7LSIn+4/8fvyvZcxErxom
l0aUZmw+7HGNdvzz2QvED04fGAqwu++PCBJs7B0eqdnJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:20 2024 by rpki-client on console-fra.rpki-client.org