Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/juDLrhOjo7K26_4tF8uSd1NfSOs.roa
File: juDLrhOjo7K26_4tF8uSd1NfSOs.roa (raw, json)
Hash identifier: HgZYATEYsBqt4t7JALErBCTAB381PAWyL312DNZFKyw=
Subject key identifier: 8E:E0:CB:AE:13:A3:A3:B2:B6:EB:FE:2D:17:CB:92:77:53:5F:48:EB
Certificate issuer: /CN=227e9581a69acf8119320e1379857a513bd238db
Certificate serial: 018A849F7BAE27699206D50140945C0D9110
Authority key identifier: 22:7E:95:81:A6:9A:CF:81:19:32:0E:13:79:85:7A:51:3B:D2:38:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/In6Vgaaaz4EZMg4TeYV6UTvSONs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/juDLrhOjo7K26_4tF8uSd1NfSOs.roa
Signing time: Mon 11 Sep 2023 14:22:38 +0000
ROA not before: Mon 11 Sep 2023 14:22:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199324
IP address blocks: 185.187.40.0/22 maxlen: 24
185.21.24.0/22 maxlen: 24
2a00:54e0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:9f:7b:ae:27:69:92:06:d5:01:40:94:5c:0d:91:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=227e9581a69acf8119320e1379857a513bd238db
Validity
Not Before: Sep 11 14:22:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ee0cbae13a3a3b2b6ebfe2d17cb9277535f48eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e9:3d:a6:2d:5d:f0:93:bb:46:70:fc:9d:e1:
16:e5:ba:d0:64:93:25:f3:e4:54:39:2e:21:aa:d5:
d4:d3:7e:2f:57:7f:71:cf:c5:dd:7d:25:e7:79:58:
22:28:72:a6:6b:ea:7a:27:fd:58:1e:21:57:72:da:
f8:8f:71:87:3d:13:27:32:be:ef:d0:be:00:21:01:
8f:cd:4d:23:74:44:8c:b1:74:6b:d6:c1:80:3f:bb:
df:f3:11:de:7a:90:ee:44:48:ad:18:8e:a2:8f:7e:
7f:8d:a5:e8:e7:12:7d:dc:da:e8:e9:00:d4:49:c9:
71:0c:1f:6a:93:af:78:70:4e:a5:b1:b1:86:c6:ed:
a7:e7:bd:7e:2d:3c:22:fd:09:40:39:a0:03:8b:75:
fe:bd:ef:d2:ab:e4:de:3e:f2:e8:91:0b:f4:60:e9:
8f:84:32:72:69:ec:45:5f:53:6d:1c:49:57:10:bc:
8d:35:18:52:10:3f:b2:d5:36:02:c7:20:f2:23:f8:
9b:83:7d:40:40:1b:4b:80:0f:b7:f2:49:cd:32:1c:
27:bd:35:35:12:6b:0f:00:58:82:eb:fe:ae:b8:8c:
0c:38:c9:1e:ef:f8:91:ef:17:eb:64:76:54:5a:73:
2a:62:6f:0f:d7:a7:cb:b0:91:8d:28:f5:40:b5:85:
fb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E0:CB:AE:13:A3:A3:B2:B6:EB:FE:2D:17:CB:92:77:53:5F:48:EB
X509v3 Authority Key Identifier:
keyid:22:7E:95:81:A6:9A:CF:81:19:32:0E:13:79:85:7A:51:3B:D2:38:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/In6Vgaaaz4EZMg4TeYV6UTvSONs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/juDLrhOjo7K26_4tF8uSd1NfSOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/In6Vgaaaz4EZMg4TeYV6UTvSONs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.24.0/22
185.187.40.0/22
IPv6:
2a00:54e0::/32
Signature Algorithm: sha256WithRSAEncryption
48:29:7e:10:47:e1:50:a9:11:06:b3:a6:c9:db:dd:50:46:0b:
f9:c6:b7:92:7e:64:05:1e:66:bb:7f:01:59:43:a3:9c:51:cc:
75:70:bf:3a:8d:fa:6b:92:ca:1c:23:73:5a:45:d9:ba:26:b4:
9c:05:ec:d3:6e:fe:aa:50:35:56:8b:b8:cb:39:25:1c:9d:3c:
f8:93:cc:ca:16:9f:03:50:0b:2e:64:d4:e5:f3:1a:b5:1a:f8:
23:5e:f5:c1:b6:80:69:be:42:23:ff:a3:f3:1a:25:91:92:1a:
34:f8:ce:10:b7:f2:05:f4:df:38:98:e8:92:71:75:df:af:cd:
f6:a0:ae:73:be:71:e2:31:79:0a:36:32:2c:a8:9d:82:74:45:
a5:c4:8f:51:59:03:67:9d:34:11:b6:f8:12:d4:f9:38:ad:9e:
38:b0:ff:ad:4c:d9:f3:a4:0a:c0:56:62:07:61:ee:6c:7e:55:
43:f8:ce:c1:f2:56:e0:b7:9f:21:0b:4a:82:16:29:b7:e0:b5:
41:30:5c:29:c6:c2:0d:cb:f8:30:ca:1d:43:7f:ec:16:60:b2:
9b:51:56:7c:ac:8d:2d:b2:c8:5a:f9:21:65:29:83:df:43:b3:
c6:5c:9b:f3:88:66:c2:89:71:d9:76:b2:82:62:d9:37:3f:5d:
a3:41:e1:fa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYqEn3uuJ2mSBtUBQJRcDZEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyN2U5NTgxYTY5YWNmODExOTMyMGUxMzc5ODU3YTUxM2Jk
MjM4ZGIwHhcNMjMwOTExMTQyMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWUwY2JhZTEzYTNhM2IyYjZlYmZlMmQxN2NiOTI3NzUzNWY0OGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+k9pi1d8JO7RnD8neEW5brQZJMl
8+RUOS4hqtXU034vV39xz8XdfSXneVgiKHKma+p6J/1YHiFXctr4j3GHPRMnMr7v
0L4AIQGPzU0jdESMsXRr1sGAP7vf8xHeepDuREitGI6ij35/jaXo5xJ93Nro6QDU
SclxDB9qk694cE6lsbGGxu2n571+LTwi/QlAOaADi3X+ve/Sq+TePvLokQv0YOmP
hDJyaexFX1NtHElXELyNNRhSED+y1TYCxyDyI/ibg31AQBtLgA+38knNMhwnvTU1
EmsPAFiC6/6uuIwMOMke7/iR7xfrZHZUWnMqYm8P16fLsJGNKPVAtYX7KQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI7gy64To6Oytuv+LRfLkndTX0jrMB8GA1UdIwQY
MBaAFCJ+lYGmms+BGTIOE3mFelE70jjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW42VmdhYWF6NEVaTWc0VGVZVjZVVHZTT05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yYjgzYTEtNzQ4ZC00ZjU1LThiM2It
ZDlkZjQ1ZGJiYWRmLzEvanVETHJoT2pvN0syNl80dEY4dVNkMU5mU09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yYjgzYTEtNzQ4ZC00ZjU1LThiM2ItZDlkZjQ1ZGJiYWRm
LzEvSW42VmdhYWF6NEVaTWc0VGVZVjZVVHZTT05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRUYAwQC
ubsoMA0EAgACMAcDBQAqAFTgMA0GCSqGSIb3DQEBCwUAA4IBAQBIKX4QR+FQqREG
s6bJ291QRgv5xreSfmQFHma7fwFZQ6OcUcx1cL86jfprksocI3NaRdm6JrScBezT
bv6qUDVWi7jLOSUcnTz4k8zKFp8DUAsuZNTl8xq1GvgjXvXBtoBpvkIj/6PzGiWR
kho0+M4Qt/IF9N84mOiScXXfr832oK5zvnHiMXkKNjIsqJ2CdEWlxI9RWQNnnTQR
tvgS1Pk4rZ44sP+tTNnzpArAVmIHYe5sflVD+M7B8lbgt58hC0qCFim34LVBMFwp
xsINy/gwyh1Df+wWYLKbUVZ8rI0tssha+SFlKYPfQ7PGXJvziGbCiXHZdrKCYtk3
P12jQeH6
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:03 2024 by rpki-client on console-fra.rpki-client.org