Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/jdT0Lr04iWsAtZiRt28JylvSCJs.roa
File: jdT0Lr04iWsAtZiRt28JylvSCJs.roa (raw, json)
Hash identifier: yY1ju33McWSGhNKHvMUOjl/14yllK45eauEnwbaVCcw=
Subject key identifier: 8D:D4:F4:2E:BD:38:89:6B:00:B5:98:91:B7:6F:09:CA:5B:D2:08:9B
Certificate issuer: /CN=f215a277949711b2c01cdc669e40e171395855bb
Certificate serial: 01857315C90B846149AE09EFE71AE8D9F7B0
Authority key identifier: F2:15:A2:77:94:97:11:B2:C0:1C:DC:66:9E:40:E1:71:39:58:55:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8hWid5SXEbLAHNxmnkDhcTlYVbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/jdT0Lr04iWsAtZiRt28JylvSCJs.roa
Signing time: Mon 02 Jan 2023 15:24:45 +0000
ROA not before: Mon 02 Jan 2023 15:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39116
IP address blocks: 212.31.128.0/19 maxlen: 21
85.90.32.0/19 maxlen: 19
85.90.32.0/21 maxlen: 21
85.90.44.0/23 maxlen: 23
85.90.40.0/22 maxlen: 22
85.90.48.0/22 maxlen: 22
85.90.52.0/22 maxlen: 22
85.90.56.0/22 maxlen: 22
85.90.60.0/22 maxlen: 22
46.254.192.0/21 maxlen: 21
46.254.192.0/23 maxlen: 23
46.254.196.0/23 maxlen: 23
46.254.194.0/23 maxlen: 23
46.254.198.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:c9:0b:84:61:49:ae:09:ef:e7:1a:e8:d9:f7:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f215a277949711b2c01cdc669e40e171395855bb
Validity
Not Before: Jan 2 15:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8dd4f42ebd38896b00b59891b76f09ca5bd2089b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:58:4e:fc:6b:5f:fd:06:44:8a:ee:14:08:b1:
0b:49:a0:e2:cb:e9:13:30:ce:f4:de:d1:e0:37:3c:
63:d8:8d:d7:99:73:fb:31:f1:d6:c5:14:e4:9b:36:
66:d4:76:8d:fd:7a:19:fb:44:60:73:1c:59:af:fb:
23:38:69:29:08:ff:9a:f6:9c:59:89:45:9d:35:d9:
cb:8a:17:45:67:a0:d5:38:b4:24:23:23:1f:b4:2c:
6d:49:d1:6f:6b:06:66:1c:60:ef:16:04:56:10:ac:
4c:64:92:91:5d:29:d6:fb:71:f8:95:0c:33:70:36:
55:b2:56:c1:02:80:65:75:11:d3:bc:f4:6e:a4:84:
a8:bc:ef:dc:a3:36:0b:12:e9:6e:5c:25:b2:1d:c5:
4f:4d:1e:45:7a:b3:42:97:1a:f6:cc:86:b5:67:89:
7d:66:bb:e6:18:1f:9a:1d:ba:7b:96:53:4b:5e:64:
22:a1:8b:fb:1e:9f:d4:19:b5:b6:de:f8:a7:df:76:
20:44:45:34:e9:40:9c:b6:96:4a:1b:1c:a3:57:c2:
5e:a5:e8:a6:d7:9d:0a:de:05:da:bd:30:74:09:b7:
53:a5:01:81:d0:e1:f0:ce:cf:44:9f:5f:ca:39:d9:
fb:36:8f:71:45:f8:88:f4:26:cd:da:b0:5a:ae:97:
24:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D4:F4:2E:BD:38:89:6B:00:B5:98:91:B7:6F:09:CA:5B:D2:08:9B
X509v3 Authority Key Identifier:
keyid:F2:15:A2:77:94:97:11:B2:C0:1C:DC:66:9E:40:E1:71:39:58:55:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8hWid5SXEbLAHNxmnkDhcTlYVbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/jdT0Lr04iWsAtZiRt28JylvSCJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.192.0/21
85.90.32.0/19
212.31.128.0/19
Signature Algorithm: sha256WithRSAEncryption
43:66:86:73:7b:9e:e9:0b:df:57:00:54:78:2b:d8:20:93:07:
9f:c0:af:b8:e5:df:91:75:35:97:67:58:cd:20:5d:cd:30:46:
3f:64:5a:d9:4f:74:f3:bb:49:26:48:41:0f:97:ac:f4:11:b7:
ad:8f:20:35:26:32:d2:e7:68:27:be:47:aa:fa:c3:ba:00:eb:
28:90:29:e7:d1:a7:90:42:e4:31:7c:86:6a:6b:61:82:7b:7a:
52:9c:59:2e:99:0f:49:56:f5:b8:57:6d:86:0a:b2:95:35:a7:
f8:cf:d2:54:34:c2:56:22:e1:45:3f:1a:e1:43:2a:a2:f6:b2:
f4:cc:6a:fe:bd:38:ec:77:74:ed:d6:bb:f8:c2:5d:61:22:f1:
1a:5d:3b:3b:13:6c:23:ef:9b:d1:3c:20:cc:b1:4e:ca:01:2d:
ca:66:94:c6:d0:be:03:88:77:78:87:ac:e8:cc:f7:97:79:05:
83:09:6a:6a:66:0a:83:84:1d:04:22:7d:da:eb:05:39:67:61:
83:f2:29:1e:21:20:6d:9b:cd:35:bd:b0:2d:77:17:59:4b:ba:
cd:8c:66:15:6e:52:ca:08:f0:90:95:12:4a:18:38:59:e2:b2:
29:ff:67:59:ba:d7:e8:e0:9f:7b:49:48:91:49:4e:fa:ff:b2:
0d:34:90:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzFckLhGFJrgnv5xro2fewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMTVhMjc3OTQ5NzExYjJjMDFjZGM2NjllNDBlMTcxMzk1
ODU1YmIwHhcNMjMwMTAyMTUyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQ0ZjQyZWJkMzg4OTZiMDBiNTk4OTFiNzZmMDljYTViZDIwODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lhO/Gtf/QZEiu4UCLELSaDiy+kT
MM703tHgNzxj2I3XmXP7MfHWxRTkmzZm1HaN/XoZ+0RgcxxZr/sjOGkpCP+a9pxZ
iUWdNdnLihdFZ6DVOLQkIyMftCxtSdFvawZmHGDvFgRWEKxMZJKRXSnW+3H4lQwz
cDZVslbBAoBldRHTvPRupISovO/cozYLEuluXCWyHcVPTR5FerNClxr2zIa1Z4l9
ZrvmGB+aHbp7llNLXmQioYv7Hp/UGbW23vin33YgREU06UCctpZKGxyjV8Jepeim
150K3gXavTB0CbdTpQGB0OHwzs9En1/KOdn7No9xRfiI9CbN2rBarpckBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI3U9C69OIlrALWYkbdvCcpb0gibMB8GA1UdIwQY
MBaAFPIVoneUlxGywBzcZp5A4XE5WFW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGhXaWQ1U1hFYkxBSE54bW5rRGhjVGxZVmJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mMDhkNDUtNTQzYy00OWY3LTllNzgt
OTAzYzE5ODU5MGZhLzEvamRUMExyMDRpV3NBdFppUnQyOEp5bHZTQ0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mMDhkNDUtNTQzYy00OWY3LTllNzgtOTAzYzE5ODU5MGZh
LzEvOGhXaWQ1U1hFYkxBSE54bW5rRGhjVGxZVmJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLv7AAwQF
VVogAwQF1B+AMA0GCSqGSIb3DQEBCwUAA4IBAQBDZoZze57pC99XAFR4K9ggkwef
wK+45d+RdTWXZ1jNIF3NMEY/ZFrZT3Tzu0kmSEEPl6z0EbetjyA1JjLS52gnvkeq
+sO6AOsokCnn0aeQQuQxfIZqa2GCe3pSnFkumQ9JVvW4V22GCrKVNaf4z9JUNMJW
IuFFPxrhQyqi9rL0zGr+vTjsd3Tt1rv4wl1hIvEaXTs7E2wj75vRPCDMsU7KAS3K
ZpTG0L4DiHd4h6zozPeXeQWDCWpqZgqDhB0EIn3a6wU5Z2GD8ikeISBtm801vbAt
dxdZS7rNjGYVblLKCPCQlRJKGDhZ4rIp/2dZutfo4J97SUiRSU76/7INNJBs
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:35 2024 by rpki-client on console-fra.rpki-client.org