Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/JJvJJH-UWtXioEgETPMzE1Ddyow.roa
File: JJvJJH-UWtXioEgETPMzE1Ddyow.roa (raw, json)
Hash identifier: K0E6Kp2oQIVimdDXFNTQb3nejwIjO8GOAq7hXJ9Bn9A=
Subject key identifier: 24:9B:C9:24:7F:94:5A:D5:E2:A0:48:04:4C:F3:33:13:50:DD:CA:8C
Certificate issuer: /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Certificate serial: 018CCA2A8295CA00D11D41B79B4D99805E0E
Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/JJvJJH-UWtXioEgETPMzE1Ddyow.roa
Signing time: Tue 02 Jan 2024 12:33:52 +0000
ROA not before: Tue 02 Jan 2024 12:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25234
IP address blocks: 213.188.152.0/22 maxlen: 22
185.71.159.0/24 maxlen: 24
2a02:250:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 Jan 2024 07:42:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:82:95:ca:00:d1:1d:41:b7:9b:4d:99:80:5e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Validity
Not Before: Jan 2 12:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=249bc9247f945ad5e2a048044cf3331350ddca8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:35:72:1d:a2:d2:41:7f:69:57:5a:b9:49:fc:
2b:1a:a7:9e:e8:a3:de:b0:57:6d:ed:b8:0b:18:93:
4d:41:79:8a:f8:47:99:04:c0:4b:ac:d9:4b:12:b5:
c7:b2:df:7c:bc:bc:a6:7b:56:7b:4b:c0:0b:73:36:
58:07:28:2e:96:e0:f1:00:42:8f:01:11:4e:c4:73:
af:c7:19:0d:39:c0:28:3c:05:78:4f:03:86:f0:aa:
85:2a:a6:11:d5:c9:89:7a:af:ff:64:09:85:50:de:
73:a5:91:6e:07:79:4a:f5:4d:5d:32:ec:91:66:a0:
fb:fd:de:fd:92:58:99:3f:5e:59:7f:4b:b2:77:f0:
58:be:b3:47:ff:b3:fb:f0:81:19:36:46:31:18:6f:
9a:cb:9e:c9:bf:84:3f:2a:fc:a1:42:20:e7:72:fb:
43:89:dc:26:03:17:96:ba:dd:da:aa:f7:06:4e:22:
74:af:c4:3f:49:33:e6:e7:d9:a2:6b:85:a4:d5:1d:
ef:89:56:c1:36:06:f1:e0:8c:28:45:d6:d6:56:b4:
eb:d7:52:e8:5f:0d:f0:25:64:6d:2d:5d:0a:5a:01:
e8:71:6d:87:9d:d6:7b:80:ad:31:c2:5c:a3:0d:cb:
ac:1c:7c:a0:a7:12:e6:42:14:8b:b9:80:04:43:87:
0b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9B:C9:24:7F:94:5A:D5:E2:A0:48:04:4C:F3:33:13:50:DD:CA:8C
X509v3 Authority Key Identifier:
keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/JJvJJH-UWtXioEgETPMzE1Ddyow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.159.0/24
213.188.152.0/22
IPv6:
2a02:250:3::/48
Signature Algorithm: sha256WithRSAEncryption
c2:cc:8e:a0:cd:72:9c:c1:35:0c:4a:b9:68:d3:77:94:5f:a9:
47:dd:5c:b8:7a:6e:c0:44:12:ce:43:bd:5d:6d:8f:f2:aa:47:
dc:43:ec:67:dc:63:7e:46:e5:93:4e:65:77:d8:02:fd:81:5d:
cf:4b:35:da:3c:3b:3b:84:f8:e6:1d:7d:25:98:a9:dc:cd:4b:
f8:29:0c:28:13:8c:7f:7f:6e:9c:0b:fa:16:ff:06:79:76:68:
99:2d:a1:4f:0b:4f:ce:3f:54:80:12:87:28:5e:2c:8a:29:b0:
3e:ee:3a:f8:d6:41:d7:dc:74:5f:9e:e0:3b:91:5a:79:fc:4f:
9f:4b:f8:cc:b7:ce:02:51:a9:00:a2:a0:b8:08:17:31:cf:65:
a7:a1:6f:3c:ed:b1:48:e3:0c:cb:b2:2f:8a:8d:ea:99:30:35:
1f:e5:bb:b1:78:3d:54:79:93:e2:13:6f:5a:dd:bf:88:5c:14:
0d:95:b3:22:f1:ee:c9:27:8d:95:f1:9d:b5:9e:17:96:bc:9f:
40:e2:0c:5d:e7:aa:0a:02:2b:dc:c2:60:df:fd:dc:8f:02:54:
3e:4a:f9:a0:a5:62:ba:73:fe:26:41:35:fc:da:0e:8e:d5:85:
2a:9b:fe:ff:08:f8:eb:d4:45:12:88:0f:21:69:ed:96:8f:74:
0d:57:b7:eb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKKoKVygDRHUG3m02ZgF4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjVlZTIzYmZmNDJjY2Y2NzlkNzM3N2ZlNGRhNjk1ZDM0
MWFlZjAwHhcNMjQwMTAyMTIzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDliYzkyNDdmOTQ1YWQ1ZTJhMDQ4MDQ0Y2YzMzMxMzUwZGRjYThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjVyHaLSQX9pV1q5SfwrGqee6KPe
sFdt7bgLGJNNQXmK+EeZBMBLrNlLErXHst98vLyme1Z7S8ALczZYByguluDxAEKP
ARFOxHOvxxkNOcAoPAV4TwOG8KqFKqYR1cmJeq//ZAmFUN5zpZFuB3lK9U1dMuyR
ZqD7/d79kliZP15Zf0uyd/BYvrNH/7P78IEZNkYxGG+ay57Jv4Q/KvyhQiDncvtD
idwmAxeWut3aqvcGTiJ0r8Q/STPm59mia4Wk1R3viVbBNgbx4IwoRdbWVrTr11Lo
Xw3wJWRtLV0KWgHocW2HndZ7gK0xwlyjDcusHHygpxLmQhSLuYAEQ4cLOQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCSbySR/lFrV4qBIBEzzMxNQ3cqMMB8GA1UdIwQY
MBaAFM1l7iO/9CzPZ51zd/5NppXTQa7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQt
NWRjMmZhNmEzNTAzLzEvSkp2SkpILVVXdFhpb0VnRVRQTXpFMURkeW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQtNWRjMmZhNmEzNTAz
LzEveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuUefAwQC
1byYMA8EAgACMAkDBwAqAgJQAAMwDQYJKoZIhvcNAQELBQADggEBAMLMjqDNcpzB
NQxKuWjTd5RfqUfdXLh6bsBEEs5DvV1tj/KqR9xD7GfcY35G5ZNOZXfYAv2BXc9L
Ndo8OzuE+OYdfSWYqdzNS/gpDCgTjH9/bpwL+hb/Bnl2aJktoU8LT84/VIAShyhe
LIopsD7uOvjWQdfcdF+e4DuRWnn8T59L+My3zgJRqQCioLgIFzHPZaehbzztsUjj
DMuyL4qN6pkwNR/lu7F4PVR5k+ITb1rdv4hcFA2VsyLx7sknjZXxnbWeF5a8n0Di
DF3nqgoCK9zCYN/93I8CVD5K+aClYrpz/iZBNfzaDo7VhSqb/v8I+OvURRKIDyFp
7ZaPdA1Xt+s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:56 2024 by rpki-client on console-fra.rpki-client.org