Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/jTVDZjCL3_iktTgvUFccE-X8aEY.roa
File: jTVDZjCL3_iktTgvUFccE-X8aEY.roa (raw, json)
Hash identifier: MR4VEqq1AT7vNW+kWBw4jlxNNq7aB+2DTs+aVk23DzQ=
Subject key identifier: 8D:35:43:66:30:8B:DF:F8:A4:B5:38:2F:50:57:1C:13:E5:FC:68:46
Certificate issuer: /CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
Certificate serial: 01856F0257ECE4133487A3D93BF6505A87E9
Authority key identifier: F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/jTVDZjCL3_iktTgvUFccE-X8aEY.roa
Signing time: Sun 01 Jan 2023 20:25:02 +0000
ROA not before: Sun 01 Jan 2023 20:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25394
IP address blocks: 91.196.140.0/22 maxlen: 24
212.90.128.0/19 maxlen: 24
109.75.16.0/20 maxlen: 24
217.199.192.0/20 maxlen: 24
153.94.128.0/17 maxlen: 24
153.94.32.0/20 maxlen: 24
178.210.96.0/19 maxlen: 24
153.94.48.0/21 maxlen: 24
85.220.128.0/17 maxlen: 24
93.93.248.0/21 maxlen: 24
82.100.192.0/18 maxlen: 24
213.172.96.0/19 maxlen: 24
31.209.112.0/20 maxlen: 24
2a00:4d80::/32 maxlen: 48
2001:1640::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:57:ec:e4:13:34:87:a3:d9:3b:f6:50:5a:87:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
Validity
Not Before: Jan 1 20:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d354366308bdff8a4b5382f50571c13e5fc6846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:d2:62:6b:8f:ea:cd:f7:be:b2:ac:cb:f7:
37:58:29:14:3d:cd:fe:ba:38:0b:f7:19:d1:84:89:
56:0f:d7:a9:91:91:9d:17:4c:cc:c5:fc:5f:13:10:
7a:f1:df:0a:e0:ee:15:9d:47:c7:3c:40:0d:89:e7:
3e:3f:6d:18:ad:fd:4c:b8:fb:8a:74:9c:5b:74:e5:
60:23:88:ec:91:e2:ae:04:99:c5:ed:dc:83:db:50:
46:ed:6e:bd:76:64:84:b7:61:57:e5:ac:2a:51:16:
0b:d3:5e:46:99:90:c0:8a:bb:48:8c:4c:be:7e:c2:
32:5e:ab:5f:a0:88:bc:49:0c:4b:f7:81:50:ed:f7:
60:4a:2e:ec:bf:1f:c2:ef:65:1d:d6:b9:d7:7f:9a:
16:58:0c:4b:11:b0:dc:d3:d2:43:d9:a3:00:02:f1:
f4:eb:3a:12:e7:cf:95:3e:87:fe:33:63:c6:96:56:
4c:77:1d:49:aa:4d:58:f8:51:08:8d:f1:2c:35:af:
d5:e7:d2:7a:a6:81:1f:e7:6e:35:6e:36:1a:ff:18:
c2:7e:33:51:6a:84:62:6e:e3:eb:47:a8:9d:ce:bd:
26:cf:ae:e9:03:a3:0f:6d:39:64:4e:0b:c4:fc:39:
b8:9f:8b:67:ba:8a:50:3e:43:26:3a:61:ef:6a:df:
8e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:35:43:66:30:8B:DF:F8:A4:B5:38:2F:50:57:1C:13:E5:FC:68:46
X509v3 Authority Key Identifier:
keyid:F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/jTVDZjCL3_iktTgvUFccE-X8aEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.112.0/20
82.100.192.0/18
85.220.128.0/17
91.196.140.0/22
93.93.248.0/21
109.75.16.0/20
153.94.32.0-153.94.55.255
153.94.128.0/17
178.210.96.0/19
212.90.128.0/19
213.172.96.0/19
217.199.192.0/20
IPv6:
2001:1640::/32
2a00:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
73:f4:0d:a6:f2:92:0b:fd:5e:47:de:6a:61:41:1a:8e:b1:1e:
50:bf:50:42:7a:12:da:c1:f8:1c:78:1d:b1:bd:1a:0b:fa:51:
68:f9:90:8f:c7:f8:74:01:82:99:54:1e:89:7f:f3:c1:99:50:
2a:53:4d:6d:8d:40:f2:d1:dd:aa:56:39:8a:88:51:e4:9a:c6:
49:52:e4:78:df:2d:4a:eb:50:9a:fa:86:11:41:ad:7d:cd:39:
62:1c:c9:bb:37:20:48:ad:96:29:cb:53:23:e5:96:f7:60:65:
00:22:e9:17:22:17:29:8d:5c:a4:a0:e0:5b:c8:60:90:e9:3d:
27:9f:f1:58:cb:a1:c3:96:7d:c2:ab:a7:fe:68:f0:23:10:fa:
3e:38:bb:7d:e4:6b:d9:46:0c:b7:c5:7a:79:cf:d2:f9:70:ff:
38:01:3d:f9:52:ea:39:3b:b9:85:c8:59:68:cc:53:1d:61:9d:
eb:aa:e7:10:4b:00:31:10:a8:ab:b2:c4:bc:95:4c:e2:0c:ff:
28:6b:fd:de:e1:5a:08:15:71:7d:aa:88:8f:a2:ea:4d:92:49:
a5:39:51:4b:ff:68:01:97:ff:50:aa:20:8f:ac:7c:0c:28:c3:
66:1a:22:30:d2:c2:ad:05:7c:47:67:8a:51:67:8d:61:2b:4e:
38:8b:14:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYVvAlfs5BM0h6PZO/ZQWofpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMjJmYmU4NWFlNDA4ZDM3N2IyMTdkNGViYTdiMzhiMjRi
YWY1ZGQwHhcNMjMwMTAxMjAyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM1NDM2NjMwOGJkZmY4YTRiNTM4MmY1MDU3MWMxM2U1ZmM2ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3HSYmuP6s33vrKsy/c3WCkUPc3+
ujgL9xnRhIlWD9epkZGdF0zMxfxfExB68d8K4O4VnUfHPEANiec+P20Yrf1MuPuK
dJxbdOVgI4jskeKuBJnF7dyD21BG7W69dmSEt2FX5awqURYL015GmZDAirtIjEy+
fsIyXqtfoIi8SQxL94FQ7fdgSi7svx/C72Ud1rnXf5oWWAxLEbDc09JD2aMAAvH0
6zoS58+VPof+M2PGllZMdx1Jqk1Y+FEIjfEsNa/V59J6poEf5241bjYa/xjCfjNR
aoRibuPrR6idzr0mz67pA6MPbTlkTgvE/Dm4n4tnuopQPkMmOmHvat+O5wIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFI01Q2Ywi9/4pLU4L1BXHBPl/GhGMB8GA1UdIwQY
MBaAFPIi++ha5AjTd7IX1Ouns4skuvXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzkt
YjBjMWUzMzA0ZTc0LzEvalRWRFpqQ0wzX2lrdFRndlVGY2NFLVg4YUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzktYjBjMWUzMzA0ZTc0
LzEvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQEH9FwAwQG
UmTAAwQHVdyAAwQCW8SMAwQDXV34AwQEbUsQMAwDBAWZXiADBAOZXjADBAeZXoAD
BAWy0mADBAXUWoADBAXVrGADBATZx8AwFAQCAAIwDgMFACABFkADBQAqAE2AMA0G
CSqGSIb3DQEBCwUAA4IBAQBz9A2m8pIL/V5H3mphQRqOsR5Qv1BCehLawfgceB2x
vRoL+lFo+ZCPx/h0AYKZVB6Jf/PBmVAqU01tjUDy0d2qVjmKiFHkmsZJUuR43y1K
61Ca+oYRQa19zTliHMm7NyBIrZYpy1Mj5Zb3YGUAIukXIhcpjVykoOBbyGCQ6T0n
n/FYy6HDln3Cq6f+aPAjEPo+OLt95GvZRgy3xXp5z9L5cP84AT35Uuo5O7mFyFlo
zFMdYZ3rqucQSwAxEKirssS8lUziDP8oa/3e4VoIFXF9qoiPoupNkkmlOVFL/2gB
l/9QqiCPrHwMKMNmGiIw0sKtBXxHZ4pRZ41hK044ixRA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:21 2024 by rpki-client on console-fra.rpki-client.org