Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/jS_jp5WvxBZQ97dv-vT9g3KNBVg.roa
File: jS_jp5WvxBZQ97dv-vT9g3KNBVg.roa (raw, json)
Hash identifier: 8jYF4HBFqyo/B5X1NnLhWyOf8llTYCxaZCtY/YqhGz4=
Subject key identifier: 8D:2F:E3:A7:95:AF:C4:16:50:F7:B7:6F:FA:F4:FD:83:72:8D:05:58
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018AE7469FEB5337C2C0442F3978CFBCC614
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/jS_jp5WvxBZQ97dv-vT9g3KNBVg.roa
Signing time: Sat 30 Sep 2023 18:07:59 +0000
ROA not before: Sat 30 Sep 2023 18:07:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.112.240.0/24 maxlen: 24
185.112.243.0/24 maxlen: 24
185.112.242.0/24 maxlen: 24
185.112.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Oct 2023 10:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e7:46:9f:eb:53:37:c2:c0:44:2f:39:78:cf:bc:c6:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Sep 30 18:07:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d2fe3a795afc41650f7b76ffaf4fd83728d0558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fb:4e:a4:5f:15:64:20:12:aa:7e:27:8f:9f:
63:ed:71:8c:9d:64:fa:5f:2f:b0:a8:ed:f3:94:f4:
4d:9f:18:5a:69:37:e9:74:35:c3:92:b8:71:e9:20:
2d:6c:f3:9a:f3:90:36:5b:0c:95:f4:e0:8f:a4:8b:
4f:78:8a:51:e1:96:10:ce:df:5f:53:12:bc:f6:80:
93:31:5d:04:06:70:56:19:30:73:ad:1a:22:e8:58:
5b:86:87:63:7f:a4:dc:6c:a9:7e:7a:85:d5:73:b1:
2e:c4:c5:10:6c:47:80:9c:2c:47:20:56:bc:85:d5:
4d:85:f5:a1:52:a4:75:77:7b:7a:e0:77:30:ac:c2:
ea:af:c1:d2:23:f8:d8:52:27:8c:a2:86:3f:26:b0:
ee:31:19:f4:93:68:d7:20:1f:5c:fe:67:e0:e6:df:
42:5b:95:07:d7:c7:f5:e0:32:a2:d5:f1:0d:f9:cd:
da:94:d2:db:62:dd:c3:c2:8b:d6:51:b0:29:43:d3:
e2:3a:43:aa:93:49:18:c5:d3:f3:13:ac:7b:ab:ad:
e6:eb:58:a5:4b:71:b8:96:ca:7f:56:64:58:8a:ee:
92:d9:28:41:c3:1a:d9:ce:65:25:8c:3d:16:7b:b7:
2d:8d:a1:01:0c:9c:7a:96:f8:49:dc:5d:75:1d:85:
75:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2F:E3:A7:95:AF:C4:16:50:F7:B7:6F:FA:F4:FD:83:72:8D:05:58
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/jS_jp5WvxBZQ97dv-vT9g3KNBVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.240.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:c4:e7:ac:70:d4:22:3d:36:cf:8c:87:8c:b9:97:9d:27:5a:
c5:c0:63:18:8a:c2:7c:06:27:ad:57:f6:dd:d2:04:34:b9:d2:
4a:7b:b9:4e:e2:5e:fe:32:2d:38:4c:8f:d3:f5:51:e8:5e:86:
80:01:bb:df:b2:8d:a9:cb:61:9b:bc:dd:04:e3:56:89:b3:c8:
fe:91:57:f7:b8:ad:40:92:92:4c:4b:1e:a8:d3:9a:c6:70:69:
e1:57:0a:6e:82:58:12:70:27:0d:48:de:01:f3:9e:81:dc:74:
74:18:39:e5:71:cc:34:93:9b:24:fb:6f:5b:e6:15:92:f0:12:
af:00:de:3f:12:d0:46:44:cc:99:05:fb:c6:43:ac:25:b0:0d:
21:f3:ae:91:9e:41:5d:3b:16:d3:e1:82:96:88:b3:24:4a:6a:
0c:7a:ed:79:a7:10:bd:b8:be:b9:cb:14:e7:58:4f:7d:8a:7e:
3c:f8:14:76:c8:d0:1c:8a:9b:48:cc:c7:19:b8:7b:4d:61:33:
9a:3c:5a:6f:37:64:7f:9a:c9:3c:f0:73:91:47:f9:52:91:80:
a5:64:a8:22:33:10:0a:41:65:4f:5f:ba:e1:ff:3b:72:83:a0:
eb:18:65:5e:c7:48:6e:41:0e:cf:6c:09:6f:b5:41:10:f1:05:
75:22:55:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrnRp/rUzfCwEQvOXjPvMYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwOTMwMTgwNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDJmZTNhNzk1YWZjNDE2NTBmN2I3NmZmYWY0ZmQ4MzcyOGQwNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivtOpF8VZCASqn4nj59j7XGMnWT6
Xy+wqO3zlPRNnxhaaTfpdDXDkrhx6SAtbPOa85A2WwyV9OCPpItPeIpR4ZYQzt9f
UxK89oCTMV0EBnBWGTBzrRoi6Fhbhodjf6TcbKl+eoXVc7EuxMUQbEeAnCxHIFa8
hdVNhfWhUqR1d3t64HcwrMLqr8HSI/jYUieMooY/JrDuMRn0k2jXIB9c/mfg5t9C
W5UH18f14DKi1fEN+c3alNLbYt3DwovWUbApQ9PiOkOqk0kYxdPzE6x7q63m61il
S3G4lsp/VmRYiu6S2ShBwxrZzmUljD0We7ctjaEBDJx6lvhJ3F11HYV1EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0v46eVr8QWUPe3b/r0/YNyjQVYMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvalNfanA1V3Z4QlpROTdkdi12VDlnM0tOQlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXDwMA0G
CSqGSIb3DQEBCwUAA4IBAQAexOescNQiPTbPjIeMuZedJ1rFwGMYisJ8BietV/bd
0gQ0udJKe7lO4l7+Mi04TI/T9VHoXoaAAbvfso2py2GbvN0E41aJs8j+kVf3uK1A
kpJMSx6o05rGcGnhVwpuglgScCcNSN4B856B3HR0GDnlccw0k5sk+29b5hWS8BKv
AN4/EtBGRMyZBfvGQ6wlsA0h866RnkFdOxbT4YKWiLMkSmoMeu15pxC9uL65yxTn
WE99in48+BR2yNAciptIzMcZuHtNYTOaPFpvN2R/msk88HORR/lSkYClZKgiMxAK
QWVPX7rh/ztyg6DrGGVex0huQQ7PbAlvtUEQ8QV1IlX5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:21 2024 by rpki-client on console-ams.rpki-client.org