Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/JyWzOZHt8Oz4MYWlqRjYoiPWJbI.roa
File: JyWzOZHt8Oz4MYWlqRjYoiPWJbI.roa (raw, json)
Hash identifier: dSDJofgIgdPkwHpV9sOhUSCjhOoiglGff/maHDSQo4g=
Subject key identifier: 27:25:B3:39:91:ED:F0:EC:F8:31:85:A5:A9:18:D8:A2:23:D6:25:B2
Certificate issuer: /CN=7171d8b4cf6773b59f0732e0e9e8d25a9b773fae
Certificate serial: 01875D665C9E7D8CE376F69CB6E7DCC5D220
Authority key identifier: 71:71:D8:B4:CF:67:73:B5:9F:07:32:E0:E9:E8:D2:5A:9B:77:3F:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cXHYtM9nc7WfBzLg6ejSWpt3P64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/JyWzOZHt8Oz4MYWlqRjYoiPWJbI.roa
Signing time: Fri 07 Apr 2023 20:26:42 +0000
ROA not before: Fri 07 Apr 2023 20:26:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42567
IP address blocks: 185.7.96.0/22 maxlen: 24
217.22.16.0/21 maxlen: 24
185.94.236.0/22 maxlen: 24
217.22.24.0/22 maxlen: 24
2a05:22c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5d:66:5c:9e:7d:8c:e3:76:f6:9c:b6:e7:dc:c5:d2:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7171d8b4cf6773b59f0732e0e9e8d25a9b773fae
Validity
Not Before: Apr 7 20:26:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2725b33991edf0ecf83185a5a918d8a223d625b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:98:62:06:46:14:32:c8:48:ca:df:18:39:b3:
78:8e:25:a6:6a:5d:30:f0:4b:74:ca:35:30:73:32:
71:ea:58:ff:f8:0a:2f:30:25:3c:fc:3e:68:43:be:
67:24:e8:6b:f2:7c:56:2f:dc:19:6f:0b:c4:c8:16:
65:e3:a8:ce:85:28:43:11:8c:09:0b:85:4b:9c:1b:
b0:07:de:fc:a2:1c:f8:90:c1:61:60:43:11:fb:06:
cf:18:7c:72:49:c6:eb:ff:fc:55:b0:a7:d1:f4:e1:
fb:71:18:ed:5f:b7:5b:7d:09:bb:50:9e:cd:54:d5:
a7:4c:b3:51:49:47:fb:a3:39:bb:c6:b4:ca:7f:04:
17:08:df:53:09:ee:f4:1b:91:1f:08:d9:7b:56:2f:
9e:ee:4d:98:53:db:15:c2:b5:02:58:e5:4f:f2:cc:
a6:c4:46:a7:60:eb:55:99:96:87:ba:10:50:42:27:
81:36:82:17:02:a8:44:f2:a6:e8:e7:cf:46:3e:b7:
47:d9:12:ec:3c:78:d3:7e:27:11:0a:a4:40:9c:ce:
ad:71:1a:9d:4e:87:a0:88:63:ed:c7:f4:04:ae:3d:
a2:94:7a:4f:63:62:5d:a9:47:86:df:f3:23:6a:4d:
b9:09:c2:9c:ea:7c:a0:a7:f9:88:34:ee:c4:e1:fd:
36:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:25:B3:39:91:ED:F0:EC:F8:31:85:A5:A9:18:D8:A2:23:D6:25:B2
X509v3 Authority Key Identifier:
keyid:71:71:D8:B4:CF:67:73:B5:9F:07:32:E0:E9:E8:D2:5A:9B:77:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cXHYtM9nc7WfBzLg6ejSWpt3P64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/JyWzOZHt8Oz4MYWlqRjYoiPWJbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/cXHYtM9nc7WfBzLg6ejSWpt3P64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.96.0/22
185.94.236.0/22
217.22.16.0-217.22.27.255
IPv6:
2a05:22c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:3d:2f:09:16:64:a0:75:fe:70:11:23:83:a2:85:ba:10:0e:
08:f3:8a:90:e8:03:f2:a4:7e:3a:08:8c:91:42:e9:dd:f2:9e:
d3:8b:5c:ac:49:3d:1b:91:db:2f:8a:09:3b:f3:a2:d5:91:59:
23:03:09:7e:36:5a:cd:ef:0c:b7:4d:d0:1c:32:ba:55:96:e2:
6f:8b:d7:ef:01:24:41:92:2b:f1:5f:3d:06:1d:d7:af:ea:92:
c2:ff:98:71:63:37:37:70:99:af:02:52:c8:92:47:2c:39:7e:
67:5d:7d:3e:c2:15:00:64:4e:65:a0:45:d1:ff:ae:a5:df:24:
7d:98:1e:4b:c6:c7:05:6b:71:c1:34:45:b5:87:11:8e:8a:4d:
65:50:84:a7:ba:03:2c:f1:a5:3d:4f:a8:84:30:87:fb:a8:23:
55:e1:ab:56:af:7c:82:06:89:f9:36:48:bc:50:2a:5f:eb:ff:
a2:8e:d7:ee:1a:10:87:34:86:4c:23:81:13:d5:fc:9f:37:c8:
0f:ed:a8:27:ff:35:88:6e:c1:78:ce:ce:c2:ef:bd:19:b8:ae:
2d:d7:8e:8c:e6:7c:6c:2b:33:4a:99:db:cd:d0:84:80:de:d5:
ec:73:2a:70:05:d5:52:96:57:ca:bb:8d:9b:75:81:12:c0:39:
e3:b3:5a:9a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYddZlyefYzjdvactufcxdIgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNzFkOGI0Y2Y2NzczYjU5ZjA3MzJlMGU5ZThkMjVhOWI3
NzNmYWUwHhcNMjMwNDA3MjAyNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzI1YjMzOTkxZWRmMGVjZjgzMTg1YTVhOTE4ZDhhMjIzZDYyNWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZhiBkYUMshIyt8YObN4jiWmal0w
8Et0yjUwczJx6lj/+AovMCU8/D5oQ75nJOhr8nxWL9wZbwvEyBZl46jOhShDEYwJ
C4VLnBuwB978ohz4kMFhYEMR+wbPGHxyScbr//xVsKfR9OH7cRjtX7dbfQm7UJ7N
VNWnTLNRSUf7ozm7xrTKfwQXCN9TCe70G5EfCNl7Vi+e7k2YU9sVwrUCWOVP8sym
xEanYOtVmZaHuhBQQieBNoIXAqhE8qbo589GPrdH2RLsPHjTficRCqRAnM6tcRqd
ToegiGPtx/QErj2ilHpPY2JdqUeG3/Mjak25CcKc6nygp/mINO7E4f02twIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCclszmR7fDs+DGFpakY2KIj1iWyMB8GA1UdIwQY
MBaAFHFx2LTPZ3O1nwcy4Ono0lqbdz+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1hIWXRNOW5jN1dmQnpMZzZlalNXcHQzUDY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85Nzc4YjYtZGMyYi00NTg2LTkxZGUt
NTNhMDczNjhiOWVhLzEvSnlXek9aSHQ4T3o0TVlXbHFSallvaVBXSmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85Nzc4YjYtZGMyYi00NTg2LTkxZGUtNTNhMDczNjhiOWVh
LzEvY1hIWXRNOW5jN1dmQnpMZzZlalNXcHQzUDY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuQdgAwQC
uV7sMAwDBATZFhADBALZFhgwDQQCAAIwBwMFAyoFIsAwDQYJKoZIhvcNAQELBQAD
ggEBAD49LwkWZKB1/nARI4OihboQDgjzipDoA/KkfjoIjJFC6d3yntOLXKxJPRuR
2y+KCTvzotWRWSMDCX42Ws3vDLdN0BwyulWW4m+L1+8BJEGSK/FfPQYd16/qksL/
mHFjNzdwma8CUsiSRyw5fmddfT7CFQBkTmWgRdH/rqXfJH2YHkvGxwVrccE0RbWH
EY6KTWVQhKe6AyzxpT1PqIQwh/uoI1Xhq1avfIIGifk2SLxQKl/r/6KO1+4aEIc0
hkwjgRPV/J83yA/tqCf/NYhuwXjOzsLvvRm4ri3XjozmfGwrM0qZ283QhIDe1exz
KnAF1VKWV8q7jZt1gRLAOeOzWpo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:47 2024 by rpki-client on console-ams.rpki-client.org