Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/jfyUdARSeWRCu0-u8-V8ahXpjEQ.roa
File: jfyUdARSeWRCu0-u8-V8ahXpjEQ.roa (raw, json)
Hash identifier: DnLTstZGqNVQsPXI+29IRxUexD+lTpB/AdiPJdM0428=
Subject key identifier: 8D:FC:94:74:04:52:79:64:42:BB:4F:AE:F3:E5:7C:6A:15:E9:8C:44
Certificate issuer: /CN=449b18e3296d795d3a9c959be25c70aaab365200
Certificate serial: 0187087CC6830F9FE8EE8280CF043DAAD6DB
Authority key identifier: 44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/jfyUdARSeWRCu0-u8-V8ahXpjEQ.roa
Signing time: Wed 22 Mar 2023 08:43:27 +0000
ROA not before: Wed 22 Mar 2023 08:43:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211410
IP address blocks: 5.159.4.0/22 maxlen: 24
185.21.96.0/23 maxlen: 24
162.213.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:7c:c6:83:0f:9f:e8:ee:82:80:cf:04:3d:aa:d6:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=449b18e3296d795d3a9c959be25c70aaab365200
Validity
Not Before: Mar 22 08:43:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8dfc94740452796442bb4faef3e57c6a15e98c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b1:c1:35:67:da:dc:9f:fc:6b:da:a9:aa:aa:
68:ef:f0:d8:d0:97:14:b7:79:34:13:19:7e:fa:8f:
c1:3d:57:5c:2f:da:b2:7a:af:53:8d:03:b7:63:11:
59:68:d0:39:ef:6b:a7:ea:a2:47:ce:4f:d8:09:04:
be:bb:2e:cd:99:f8:2e:a4:66:7a:70:6e:0e:0d:0f:
af:5b:ff:d7:21:2b:13:0e:e8:a3:8a:4e:f5:9e:65:
1e:25:f8:02:b4:31:2c:73:7f:2a:34:6f:1c:f5:db:
d5:a1:9f:b5:27:9b:2e:f1:e4:a9:92:0b:11:74:4b:
ce:fe:31:35:33:f8:84:6a:88:0d:27:bb:1d:e8:d7:
f1:c5:ab:ad:79:3d:4e:e3:17:3f:b9:df:74:1a:b6:
3e:bd:21:4c:56:1e:af:33:fd:0f:60:d6:4b:f5:36:
77:40:86:0e:4b:96:fc:99:c4:4c:0b:d0:94:90:03:
9d:7b:eb:09:db:32:dc:63:b0:66:11:d9:ba:25:6d:
17:fb:4d:ed:64:89:59:1b:52:f6:20:94:44:63:04:
a9:43:fc:7d:20:0f:18:3b:86:d7:4b:0e:3a:ca:9b:
cf:53:ba:ef:fd:69:58:1e:f4:d1:f6:01:05:d0:e7:
a7:3f:79:d4:7a:42:91:00:de:71:0a:dc:7b:f6:d8:
ca:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FC:94:74:04:52:79:64:42:BB:4F:AE:F3:E5:7C:6A:15:E9:8C:44
X509v3 Authority Key Identifier:
keyid:44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/jfyUdARSeWRCu0-u8-V8ahXpjEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/RJsY4ylteV06nJWb4lxwqqs2UgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.4.0/22
162.213.160.0/24
185.21.96.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:b2:0a:e4:93:fa:f7:9c:83:6e:81:63:8d:93:2d:a5:b3:7d:
5f:de:c6:26:e2:20:f7:43:d6:e4:d3:0d:98:54:a8:ee:27:29:
6a:c2:65:48:be:e4:c1:b2:a0:2e:fe:71:03:3c:86:81:6a:ab:
8f:14:48:d8:aa:8e:d5:1e:e9:ee:a5:82:cf:44:55:0c:f8:a6:
4a:81:26:c9:98:f7:84:9a:63:b4:a7:18:9d:cb:90:27:f6:a2:
a6:f4:09:cc:a2:a8:30:a8:de:a1:6c:fc:e0:ca:1a:8a:a1:5d:
64:74:d2:1b:cb:dd:28:59:98:f4:43:64:4e:a2:c5:f1:16:e2:
14:85:6d:23:4c:8b:db:a5:18:cd:8a:ea:7b:81:e8:29:98:75:
05:a3:5e:e0:f5:5b:ef:51:5a:a1:4b:32:b6:bc:5e:57:27:7a:
66:df:0f:3c:ec:7e:64:61:bf:fb:cf:68:66:e7:20:4d:c0:40:
fe:e3:8c:66:50:8a:45:04:d0:15:3d:d5:73:55:f6:56:43:f2:
92:4b:49:0d:16:d0:3b:c2:fd:66:39:a9:23:4f:f9:65:6a:f1:
f2:f1:c9:b4:6c:42:66:f6:2d:cf:7c:d3:11:93:4f:71:b4:3b:
bd:48:bf:ea:76:ec:a7:6f:b6:25:32:cd:3a:00:f9:d5:82:35:
f3:9f:95:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcIfMaDD5/o7oKAzwQ9qtbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OWIxOGUzMjk2ZDc5NWQzYTljOTU5YmUyNWM3MGFhYWIz
NjUyMDAwHhcNMjMwMzIyMDg0MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGZjOTQ3NDA0NTI3OTY0NDJiYjRmYWVmM2U1N2M2YTE1ZTk4YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLHBNWfa3J/8a9qpqqpo7/DY0JcU
t3k0Exl++o/BPVdcL9qyeq9TjQO3YxFZaNA572un6qJHzk/YCQS+uy7NmfgupGZ6
cG4ODQ+vW//XISsTDuijik71nmUeJfgCtDEsc38qNG8c9dvVoZ+1J5su8eSpkgsR
dEvO/jE1M/iEaogNJ7sd6NfxxauteT1O4xc/ud90GrY+vSFMVh6vM/0PYNZL9TZ3
QIYOS5b8mcRMC9CUkAOde+sJ2zLcY7BmEdm6JW0X+03tZIlZG1L2IJREYwSpQ/x9
IA8YO4bXSw46ypvPU7rv/WlYHvTR9gEF0OenP3nUekKRAN5xCtx79tjK0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI38lHQEUnlkQrtPrvPlfGoV6YxEMB8GA1UdIwQY
MBaAFESbGOMpbXldOpyVm+JccKqrNlIAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkpzWTR5bHRlVjA2bkpXYjRseHdxcXMyVWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9mYjM5ZWQtN2M3My00NDc4LTkwMWQt
NjVhODk5YTYwMzY2LzEvamZ5VWRBUlNlV1JDdTAtdTgtVjhhaFhwakVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9mYjM5ZWQtN2M3My00NDc4LTkwMWQtNjVhODk5YTYwMzY2
LzEvUkpzWTR5bHRlVjA2bkpXYjRseHdxcXMyVWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBZ8EAwQA
otWgAwQBuRVgMA0GCSqGSIb3DQEBCwUAA4IBAQCxsgrkk/r3nINugWONky2ls31f
3sYm4iD3Q9bk0w2YVKjuJylqwmVIvuTBsqAu/nEDPIaBaquPFEjYqo7VHunupYLP
RFUM+KZKgSbJmPeEmmO0pxidy5An9qKm9AnMoqgwqN6hbPzgyhqKoV1kdNIby90o
WZj0Q2ROosXxFuIUhW0jTIvbpRjNiup7gegpmHUFo17g9VvvUVqhSzK2vF5XJ3pm
3w887H5kYb/7z2hm5yBNwED+44xmUIpFBNAVPdVzVfZWQ/KSS0kNFtA7wv1mOakj
T/llavHy8cm0bEJm9i3PfNMRk09xtDu9SL/qduynb7YlMs06APnVgjXzn5UE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:56 2024 by rpki-client on console-fra.rpki-client.org