Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/JEEm4aaP34b7WSA0tbILucpm8FY.roa
File: JEEm4aaP34b7WSA0tbILucpm8FY.roa (raw, json)
Hash identifier: U2Lq6oK+CKW/jXrmrE4Dx6K3qfsFGi9IEKjd8qFEXfg=
Subject key identifier: 24:41:26:E1:A6:8F:DF:86:FB:59:20:34:B5:B2:0B:B9:CA:66:F0:56
Certificate issuer: /CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Certificate serial: 018B42540D1608B9876B81248EA84892098B
Authority key identifier: 02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/JEEm4aaP34b7WSA0tbILucpm8FY.roa
Signing time: Wed 18 Oct 2023 10:28:06 +0000
ROA not before: Wed 18 Oct 2023 10:28:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49305
IP address blocks: 178.255.217.0/24 maxlen: 24
185.228.251.0/24 maxlen: 24
94.247.136.0/24 maxlen: 24
2a0e:3ec0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:54:0d:16:08:b9:87:6b:81:24:8e:a8:48:92:09:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Validity
Not Before: Oct 18 10:28:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=244126e1a68fdf86fb592034b5b20bb9ca66f056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:45:c2:70:32:65:dc:5d:a4:21:8e:0c:aa:26:
1b:f0:c9:71:5d:71:41:61:50:6a:24:85:13:99:42:
4e:42:13:6b:78:9e:2d:31:47:a8:a9:79:fd:92:a8:
ef:ff:b7:5f:3c:b0:b1:1d:63:68:53:b0:fd:38:a3:
b0:82:4a:8d:d4:ba:70:67:41:fc:4c:7c:67:70:3d:
b6:81:91:68:e1:d9:be:80:9e:46:cb:1d:48:a7:72:
94:50:12:14:3a:3c:65:b2:7d:be:b3:83:be:30:c0:
75:9e:ec:e7:a0:79:da:cd:50:7e:1d:aa:67:72:0c:
5b:ad:11:88:30:e0:46:b0:e7:1d:dd:17:4b:0a:42:
18:4e:8d:c9:84:5b:f0:d7:a7:75:81:41:45:49:8a:
21:c1:6c:57:a7:12:bb:3e:e5:19:b8:34:88:c4:7c:
2a:b3:4e:e1:13:7d:ea:72:82:70:94:f4:33:7c:8f:
67:5a:ab:6c:7b:a4:e7:27:5a:12:fe:f2:2c:da:ca:
11:b1:f6:31:01:d4:b2:37:af:64:93:2b:8b:1d:22:
da:06:65:22:a1:c0:50:b2:ea:a9:16:66:a0:fc:e4:
ef:26:d7:73:a6:bf:ba:bb:a7:84:8e:6f:e1:f9:3f:
f0:c4:0b:0b:26:8b:2d:ca:41:ae:a5:c3:f5:5f:e5:
a1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:41:26:E1:A6:8F:DF:86:FB:59:20:34:B5:B2:0B:B9:CA:66:F0:56
X509v3 Authority Key Identifier:
keyid:02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/JEEm4aaP34b7WSA0tbILucpm8FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.136.0/24
178.255.217.0/24
185.228.251.0/24
IPv6:
2a0e:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:69:67:5f:80:7e:58:cc:ee:ef:25:8a:46:c1:6a:33:c8:f9:
74:fb:69:7b:da:e0:01:d4:ed:bf:96:cd:dd:ac:e6:a0:b2:6a:
75:be:fe:3c:df:23:cc:31:0b:78:33:8f:57:b3:12:c0:fb:7e:
5f:99:fc:3c:78:f5:58:6c:8e:76:aa:2d:1f:f0:98:c0:87:66:
50:73:45:db:e0:52:a8:cd:a1:b7:95:f5:2e:0f:4b:81:e6:62:
ec:fb:d9:dc:f8:91:5c:20:53:43:85:5e:0e:6e:0d:4f:86:34:
28:49:e7:2a:76:c0:b9:58:c7:86:05:b5:ff:9f:8b:9b:18:52:
59:4b:f1:6f:e3:8b:11:ae:a6:fe:d5:d8:d9:c2:eb:5f:77:86:
ed:a3:ba:5a:ca:f2:63:98:30:67:70:61:ac:49:14:4b:32:46:
66:d9:73:8e:c2:e7:b6:13:43:36:9d:d5:af:b5:e5:46:ba:6c:
b9:1a:6a:58:92:11:88:fb:3e:c6:ea:00:43:28:40:c1:cd:17:
a2:7b:85:b5:b7:63:bc:42:f8:29:5f:4a:28:a8:3f:c1:a0:ff:
59:db:63:48:3f:21:22:95:16:66:12:6b:27:ac:79:1f:58:bf:
8c:c0:f5:95:b8:63:78:b1:5d:3a:25:0e:c8:9a:54:00:3b:ac:
74:fc:6e:44
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYtCVA0WCLmHa4EkjqhIkgmLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNWYyYTkzZGIxMGYyZGQ1ZjZhNTViYjJhNDQwZjY3NDg2
Y2QxYTMwHhcNMjMxMDE4MTAyODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQxMjZlMWE2OGZkZjg2ZmI1OTIwMzRiNWIyMGJiOWNhNjZmMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UXCcDJl3F2kIY4MqiYb8MlxXXFB
YVBqJIUTmUJOQhNreJ4tMUeoqXn9kqjv/7dfPLCxHWNoU7D9OKOwgkqN1LpwZ0H8
THxncD22gZFo4dm+gJ5Gyx1Ip3KUUBIUOjxlsn2+s4O+MMB1nuznoHnazVB+Hapn
cgxbrRGIMOBGsOcd3RdLCkIYTo3JhFvw16d1gUFFSYohwWxXpxK7PuUZuDSIxHwq
s07hE33qcoJwlPQzfI9nWqtse6TnJ1oS/vIs2soRsfYxAdSyN69kkyuLHSLaBmUi
ocBQsuqpFmag/OTvJtdzpr+6u6eEjm/h+T/wxAsLJostykGupcP1X+WhAwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCRBJuGmj9+G+1kgNLWyC7nKZvBWMB8GA1UdIwQY
MBaAFAJfKpPbEPLdX2pVuypED2dIbNGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYt
MmVjZGExMWRlMTUzLzEvSkVFbTRhYVAzNGI3V1NBMHRiSUx1Y3BtOEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYtMmVjZGExMWRlMTUz
LzEvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXveIAwQA
sv/ZAwQAueT7MA0EAgACMAcDBQMqDj7AMA0GCSqGSIb3DQEBCwUAA4IBAQCwaWdf
gH5YzO7vJYpGwWozyPl0+2l72uAB1O2/ls3drOagsmp1vv483yPMMQt4M49XsxLA
+35fmfw8ePVYbI52qi0f8JjAh2ZQc0Xb4FKozaG3lfUuD0uB5mLs+9nc+JFcIFND
hV4Obg1PhjQoSecqdsC5WMeGBbX/n4ubGFJZS/Fv44sRrqb+1djZwutfd4bto7pa
yvJjmDBncGGsSRRLMkZm2XOOwue2E0M2ndWvteVGumy5GmpYkhGI+z7G6gBDKEDB
zReie4W1t2O8QvgpX0ooqD/BoP9Z22NIPyEilRZmEmsnrHkfWL+MwPWVuGN4sV06
JQ7ImlQAO6x0/G5E
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:34 2024 by rpki-client on console-fra.rpki-client.org