Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/07560a-062b-4802-89af-19192e81b831/1/jDtjxBDjk76TLgmro2RqwZXk1h0.roa
File: jDtjxBDjk76TLgmro2RqwZXk1h0.roa (raw, json)
Hash identifier: 9HutX+Sl35IzDznkh16vKwKk+Qo7axwGHCnz7NvfD/Q=
Subject key identifier: 8C:3B:63:C4:10:E3:93:BE:93:2E:09:AB:A3:64:6A:C1:95:E4:D6:1D
Certificate issuer: /CN=31f78f3e00410926dbd89c8e8f5c400b102b0379
Certificate serial: 0188B494B07B11EB99B05E472298A1C39996
Authority key identifier: 31:F7:8F:3E:00:41:09:26:DB:D8:9C:8E:8F:5C:40:0B:10:2B:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MfePPgBBCSbb2JyOj1xACxArA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/07560a-062b-4802-89af-19192e81b831/1/jDtjxBDjk76TLgmro2RqwZXk1h0.roa
Signing time: Tue 13 Jun 2023 11:47:03 +0000
ROA not before: Tue 13 Jun 2023 11:47:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198256
IP address blocks: 217.194.129.0/24 maxlen: 24
217.194.128.0/24 maxlen: 24
217.194.128.0/23 maxlen: 23
217.194.159.0/24 maxlen: 24
217.194.158.0/24 maxlen: 24
217.194.158.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b4:94:b0:7b:11:eb:99:b0:5e:47:22:98:a1:c3:99:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31f78f3e00410926dbd89c8e8f5c400b102b0379
Validity
Not Before: Jun 13 11:47:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c3b63c410e393be932e09aba3646ac195e4d61d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ae:4d:cf:a7:77:47:7d:bb:d1:03:c3:70:e8:
01:1c:dc:4a:a5:aa:16:88:47:aa:15:ce:3a:86:24:
9e:2c:a4:94:07:4c:1d:ae:a2:16:89:78:2b:54:6a:
ed:7c:6a:9a:d7:fe:6d:2f:25:da:97:54:17:b7:a9:
ba:ee:8e:3c:4f:e0:d7:91:9a:b9:d0:67:72:cb:06:
68:6d:29:d2:31:e0:3e:fe:61:42:c9:91:8f:64:f9:
74:92:43:e8:48:cc:b0:80:0a:3e:07:f9:4f:a1:10:
ff:67:d1:a0:bc:dd:1e:e1:7b:9d:85:82:94:76:76:
bd:08:47:49:c5:a4:24:9c:eb:80:da:ef:1e:fd:c0:
98:a9:15:02:d5:8a:93:9c:9d:06:f3:a0:8c:b3:15:
47:77:8c:9c:69:5d:64:d4:c8:2c:24:41:53:10:17:
0e:62:05:65:6e:11:6f:90:ae:98:73:21:97:ba:15:
7e:20:c5:b6:8e:a6:7a:7c:df:22:ab:db:08:43:7c:
a8:f0:fc:62:82:a6:43:15:e3:e7:01:71:82:18:65:
28:a4:e3:cd:7f:08:e0:7a:55:74:ac:8d:9d:39:9a:
ed:68:2e:11:bd:48:d2:23:84:e0:67:fc:12:08:c7:
cb:1c:37:62:2f:c4:16:6c:73:f9:df:d5:27:81:68:
00:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:3B:63:C4:10:E3:93:BE:93:2E:09:AB:A3:64:6A:C1:95:E4:D6:1D
X509v3 Authority Key Identifier:
keyid:31:F7:8F:3E:00:41:09:26:DB:D8:9C:8E:8F:5C:40:0B:10:2B:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MfePPgBBCSbb2JyOj1xACxArA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/07560a-062b-4802-89af-19192e81b831/1/jDtjxBDjk76TLgmro2RqwZXk1h0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/07560a-062b-4802-89af-19192e81b831/1/MfePPgBBCSbb2JyOj1xACxArA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.194.128.0/23
217.194.158.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:72:91:39:fd:ea:4d:b5:bd:81:fc:83:23:db:92:23:4f:5b:
2b:ff:4b:ed:d8:5d:5e:55:c6:eb:a2:9e:51:71:16:2c:7f:a4:
19:ba:83:9d:01:7d:fc:1f:f8:db:1a:16:6b:19:3d:6d:ef:4a:
f4:d5:2f:5c:fc:46:fe:78:b3:a9:81:5e:b5:99:fc:ce:ff:98:
c8:ce:cc:23:11:c2:f3:1d:a7:ac:71:7f:86:4a:9b:2c:26:d2:
e3:8c:59:f1:41:93:43:10:7a:ce:da:bf:69:1f:aa:ff:19:ed:
c1:c3:97:ee:41:82:91:eb:b4:e8:15:b6:61:bd:3f:e1:ea:09:
c9:ca:09:4d:f5:11:11:d7:63:0a:19:a8:6f:ac:c8:2d:35:bc:
25:84:d7:45:65:68:f3:72:fd:dd:13:62:2a:04:d5:2f:b5:2e:
ba:52:4c:58:c8:7c:2b:df:20:c1:cc:f8:69:8b:15:51:86:04:
bb:f7:f4:5b:12:91:9f:87:2e:dd:f1:5c:ee:07:08:b5:23:99:
30:87:b6:9c:94:b7:74:8d:63:2e:68:69:3f:6b:b2:d1:ab:cf:
63:7e:50:2f:50:d9:bf:bf:f4:27:89:6a:4e:7c:a5:b5:a8:43:
31:c0:7e:60:66:77:ef:f7:ee:0c:0a:1b:d0:f2:1f:f6:e3:e8:
7b:4d:3d:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYi0lLB7EeuZsF5HIpihw5mWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZjc4ZjNlMDA0MTA5MjZkYmQ4OWM4ZThmNWM0MDBiMTAy
YjAzNzkwHhcNMjMwNjEzMTE0NzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzNiNjNjNDEwZTM5M2JlOTMyZTA5YWJhMzY0NmFjMTk1ZTRkNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq5Nz6d3R3270QPDcOgBHNxKpaoW
iEeqFc46hiSeLKSUB0wdrqIWiXgrVGrtfGqa1/5tLyXal1QXt6m67o48T+DXkZq5
0GdyywZobSnSMeA+/mFCyZGPZPl0kkPoSMywgAo+B/lPoRD/Z9GgvN0e4XudhYKU
dna9CEdJxaQknOuA2u8e/cCYqRUC1YqTnJ0G86CMsxVHd4ycaV1k1MgsJEFTEBcO
YgVlbhFvkK6YcyGXuhV+IMW2jqZ6fN8iq9sIQ3yo8PxigqZDFePnAXGCGGUopOPN
fwjgelV0rI2dOZrtaC4RvUjSI4TgZ/wSCMfLHDdiL8QWbHP539UngWgANwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIw7Y8QQ45O+ky4Jq6NkasGV5NYdMB8GA1UdIwQY
MBaAFDH3jz4AQQkm29icjo9cQAsQKwN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWZlUFBnQkJDU2JiMkp5T2oxeEFDeEFyQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wNzU2MGEtMDYyYi00ODAyLTg5YWYt
MTkxOTJlODFiODMxLzEvakR0anhCRGprNzZUTGdtcm8yUnF3WlhrMWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wNzU2MGEtMDYyYi00ODAyLTg5YWYtMTkxOTJlODFiODMx
LzEvTWZlUFBnQkJDU2JiMkp5T2oxeEFDeEFyQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB2cKAAwQB
2cKeMA0GCSqGSIb3DQEBCwUAA4IBAQCgcpE5/epNtb2B/IMj25IjT1sr/0vt2F1e
Vcbrop5RcRYsf6QZuoOdAX38H/jbGhZrGT1t70r01S9c/Eb+eLOpgV61mfzO/5jI
zswjEcLzHaescX+GSpssJtLjjFnxQZNDEHrO2r9pH6r/Ge3Bw5fuQYKR67ToFbZh
vT/h6gnJyglN9RER12MKGahvrMgtNbwlhNdFZWjzcv3dE2IqBNUvtS66UkxYyHwr
3yDBzPhpixVRhgS79/RbEpGfhy7d8VzuBwi1I5kwh7aclLd0jWMuaGk/a7LRq89j
flAvUNm/v/QniWpOfKW1qEMxwH5gZnfv9+4MChvQ8h/24+h7TT0X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:30 2024 by rpki-client on console-ams.rpki-client.org