Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/JTgjranZyFBZYXD61lA_m7nz55o.roa
File: JTgjranZyFBZYXD61lA_m7nz55o.roa (raw, json)
Hash identifier: ELgclFKKqoQmmMjcPyEMapYQuaal/cjm4qxtRPUlKhI=
Subject key identifier: 25:38:23:AD:A9:D9:C8:50:59:61:70:FA:D6:50:3F:9B:B9:F3:E7:9A
Certificate issuer: /CN=4edc689bb22d09475574f41c0e5d97c045930928
Certificate serial: 01856ED4EF3C4BE4A7A400B7212B5DA69FEF
Authority key identifier: 4E:DC:68:9B:B2:2D:09:47:55:74:F4:1C:0E:5D:97:C0:45:93:09:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ttxom7ItCUdVdPQcDl2XwEWTCSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/JTgjranZyFBZYXD61lA_m7nz55o.roa
Signing time: Sun 01 Jan 2023 19:35:26 +0000
ROA not before: Sun 01 Jan 2023 19:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39884
IP address blocks: 46.31.224.0/21 maxlen: 24
185.75.92.0/22 maxlen: 22
195.189.172.0/23 maxlen: 23
2a03:8e00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:ef:3c:4b:e4:a7:a4:00:b7:21:2b:5d:a6:9f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4edc689bb22d09475574f41c0e5d97c045930928
Validity
Not Before: Jan 1 19:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=253823ada9d9c850596170fad6503f9bb9f3e79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:61:86:b1:6f:66:97:bd:32:01:34:8d:f9:7e:
58:63:71:a1:c9:ea:b9:86:3c:8c:49:f7:81:03:53:
fa:b7:53:c4:27:0a:f0:1c:cf:5a:4e:c8:98:46:9e:
56:7f:98:d8:88:e7:35:da:80:5f:6d:f4:43:bc:67:
89:4f:82:22:df:57:c7:6d:21:ec:13:af:e9:29:11:
5b:20:3f:65:12:e9:70:c7:9a:98:89:29:cb:63:f9:
c1:f0:d7:cb:c5:bd:61:c0:b3:1e:c3:78:59:6e:a4:
84:04:51:22:2c:c2:c3:8e:44:8e:fc:5d:33:94:c2:
3a:38:c9:52:60:d5:1f:91:cb:6b:c3:d5:92:e3:6b:
fe:0a:eb:3f:42:73:84:3a:63:42:86:ea:53:04:d0:
51:29:e7:7f:f3:0d:1d:de:a3:e4:72:76:79:5d:b6:
e9:5f:5a:1a:86:e3:ed:63:e5:4c:e4:c3:8c:da:f4:
ab:ee:33:68:b2:da:29:06:bf:21:93:58:98:56:52:
97:02:dd:fe:e2:7e:07:b8:b8:18:dc:09:7b:eb:04:
6b:d2:e1:e5:0b:e9:7b:f4:fc:e3:cf:c4:00:e7:23:
d6:a9:e0:47:9e:b0:93:4b:4a:77:b7:b9:7f:6b:c1:
d6:72:1b:61:0d:74:cf:df:f2:1f:87:77:17:c6:fd:
9d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:38:23:AD:A9:D9:C8:50:59:61:70:FA:D6:50:3F:9B:B9:F3:E7:9A
X509v3 Authority Key Identifier:
keyid:4E:DC:68:9B:B2:2D:09:47:55:74:F4:1C:0E:5D:97:C0:45:93:09:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ttxom7ItCUdVdPQcDl2XwEWTCSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/JTgjranZyFBZYXD61lA_m7nz55o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/Ttxom7ItCUdVdPQcDl2XwEWTCSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.224.0/21
185.75.92.0/22
195.189.172.0/23
IPv6:
2a03:8e00::/32
Signature Algorithm: sha256WithRSAEncryption
58:c1:f3:63:b9:f9:a3:27:93:6d:6a:ad:79:b3:ea:23:c5:86:
8d:dd:7d:5c:7e:37:58:c5:43:0c:d1:a8:5f:f9:d9:3f:27:0a:
af:09:8f:6d:94:d3:31:71:a4:d1:81:48:91:05:48:d3:f0:a0:
8a:b0:bf:e3:a6:15:53:3d:b1:db:87:d7:82:cd:8a:36:39:f9:
dc:7e:57:46:62:64:dd:42:ec:e1:9a:d3:ad:80:ea:b8:eb:cb:
64:92:4b:78:9e:06:ef:36:d7:7a:29:50:e6:2d:99:73:62:c8:
00:99:e3:fa:3b:54:af:39:45:11:6a:60:5f:cc:9a:bb:d1:ec:
9b:6e:96:f0:11:21:88:fe:c0:7b:27:51:f8:56:9b:e8:6d:f5:
7e:1f:af:b9:7d:15:dc:d7:d8:6a:8f:20:af:80:f2:2f:b0:bb:
a6:1c:bb:69:d7:0e:39:f2:43:88:ad:34:9f:c4:34:98:17:1a:
70:93:47:9d:ba:5a:c4:6f:11:d4:b7:f8:68:4d:8f:21:55:30:
90:89:ef:9c:49:5c:aa:5e:60:80:18:7d:86:51:64:8e:b9:3f:
ba:9a:b6:75:de:bc:d8:73:7d:5e:be:76:4c:a0:5c:5e:c4:36:
1f:1b:e8:84:6b:95:85:b0:cd:b6:02:cb:22:ef:aa:a4:02:4f:
4a:5a:0a:12
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVu1O88S+SnpAC3IStdpp/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZGM2ODliYjIyZDA5NDc1NTc0ZjQxYzBlNWQ5N2MwNDU5
MzA5MjgwHhcNMjMwMTAxMTkzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTM4MjNhZGE5ZDljODUwNTk2MTcwZmFkNjUwM2Y5YmI5ZjNlNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGGGsW9ml70yATSN+X5YY3Ghyeq5
hjyMSfeBA1P6t1PEJwrwHM9aTsiYRp5Wf5jYiOc12oBfbfRDvGeJT4Ii31fHbSHs
E6/pKRFbID9lEulwx5qYiSnLY/nB8NfLxb1hwLMew3hZbqSEBFEiLMLDjkSO/F0z
lMI6OMlSYNUfkctrw9WS42v+Cus/QnOEOmNChupTBNBRKed/8w0d3qPkcnZ5Xbbp
X1oahuPtY+VM5MOM2vSr7jNostopBr8hk1iYVlKXAt3+4n4HuLgY3Al76wRr0uHl
C+l79Pzjz8QA5yPWqeBHnrCTS0p3t7l/a8HWchthDXTP3/Ifh3cXxv2dKQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCU4I62p2chQWWFw+tZQP5u58+eaMB8GA1UdIwQY
MBaAFE7caJuyLQlHVXT0HA5dl8BFkwkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHR4b203SXRDVWRWZFBRY0RsMlh3RVdUQ1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83YmJiOTEtYzViMC00ZDBiLTkyNWIt
MDliZTU5ODlkMGFjLzEvSlRnanJhblp5RkJaWVhENjFsQV9tN256NTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83YmJiOTEtYzViMC00ZDBiLTkyNWItMDliZTU5ODlkMGFj
LzEvVHR4b203SXRDVWRWZFBRY0RsMlh3RVdUQ1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLh/gAwQC
uUtcAwQBw72sMA0EAgACMAcDBQAqA44AMA0GCSqGSIb3DQEBCwUAA4IBAQBYwfNj
ufmjJ5Ntaq15s+ojxYaN3X1cfjdYxUMM0ahf+dk/JwqvCY9tlNMxcaTRgUiRBUjT
8KCKsL/jphVTPbHbh9eCzYo2OfncfldGYmTdQuzhmtOtgOq468tkkkt4ngbvNtd6
KVDmLZlzYsgAmeP6O1SvOUURamBfzJq70eybbpbwESGI/sB7J1H4VpvobfV+H6+5
fRXc19hqjyCvgPIvsLumHLtp1w458kOIrTSfxDSYFxpwk0edulrEbxHUt/hoTY8h
VTCQie+cSVyqXmCAGH2GUWSOuT+6mrZ13rzYc31evnZMoFxexDYfG+iEa5WFsM22
Assi76qkAk9KWgoS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:01 2024 by rpki-client on console-ams.rpki-client.org