Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/jJLJ3fBDxPuXb3TqW-90kVQrcOU.roa
File: jJLJ3fBDxPuXb3TqW-90kVQrcOU.roa (raw, json)
Hash identifier: lVWB+zfS627gIXJGD1m8L25PBspVa44/fuJs+mc7ayA=
Subject key identifier: 8C:92:C9:DD:F0:43:C4:FB:97:6F:74:EA:5B:EF:74:91:54:2B:70:E5
Certificate issuer: /CN=d435658b58b714196eef371bd967c0c5e2cabd66
Certificate serial: 018C8BE3998DE6E8381B6EE0199102B10358
Authority key identifier: D4:35:65:8B:58:B7:14:19:6E:EF:37:1B:D9:67:C0:C5:E2:CA:BD:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DVli1i3FBlu7zcb2WfAxeLKvWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/jJLJ3fBDxPuXb3TqW-90kVQrcOU.roa
Signing time: Thu 21 Dec 2023 10:19:58 +0000
ROA not before: Thu 21 Dec 2023 10:19:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25229
IP address blocks: 46.150.64.0/19 maxlen: 24
91.237.6.0/23 maxlen: 24
195.42.126.0/23 maxlen: 24
91.237.12.0/22 maxlen: 23
176.111.176.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:e3:99:8d:e6:e8:38:1b:6e:e0:19:91:02:b1:03:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d435658b58b714196eef371bd967c0c5e2cabd66
Validity
Not Before: Dec 21 10:19:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c92c9ddf043c4fb976f74ea5bef7491542b70e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b6:3e:99:2d:4f:ba:33:43:a7:0b:9e:92:a0:
7c:86:3a:65:30:f4:98:19:52:57:a3:d1:94:b7:10:
78:16:65:ff:fe:4d:af:9b:4b:6a:23:30:0e:04:1f:
2e:9f:e7:1f:a1:dd:33:b1:69:a1:3f:a7:62:2e:42:
f7:4f:6f:11:00:9f:73:11:58:71:eb:c1:f9:ad:c4:
6d:13:8c:0c:1c:94:36:23:5a:a1:b2:a5:b9:d1:03:
bc:29:13:60:c5:1f:30:6d:1c:1f:68:c1:47:30:4d:
2f:62:f3:6b:7d:6e:82:7b:15:2a:52:c7:d3:c1:3c:
ef:38:fa:37:d2:63:99:71:87:63:79:63:ff:62:cf:
f7:64:21:78:6f:3d:cf:34:f1:98:c6:ad:c1:6d:14:
c6:d4:7b:40:e0:e2:c4:7f:21:78:9f:72:02:6f:a9:
e1:5f:35:6e:2c:3d:78:73:76:ed:85:ae:c5:52:9f:
06:11:09:bb:cf:f0:38:5f:08:f7:9b:3e:8c:36:8a:
cd:e6:49:47:26:71:0f:66:11:f9:e1:44:3a:5f:bd:
99:df:26:4b:c1:13:e2:0d:e0:f9:75:91:d2:8c:5a:
59:7c:30:51:36:2e:fe:27:2c:a3:d4:af:97:87:04:
41:f7:9a:11:36:a6:e1:e6:7e:5b:a0:b0:4e:01:9c:
dc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:92:C9:DD:F0:43:C4:FB:97:6F:74:EA:5B:EF:74:91:54:2B:70:E5
X509v3 Authority Key Identifier:
keyid:D4:35:65:8B:58:B7:14:19:6E:EF:37:1B:D9:67:C0:C5:E2:CA:BD:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DVli1i3FBlu7zcb2WfAxeLKvWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/jJLJ3fBDxPuXb3TqW-90kVQrcOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/1DVli1i3FBlu7zcb2WfAxeLKvWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.150.64.0/19
91.237.6.0/23
91.237.12.0/22
176.111.176.0/20
195.42.126.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:d2:53:59:98:86:e8:bd:cf:28:2d:45:ab:8d:f1:95:1c:42:
a1:15:3a:93:c2:6f:03:7b:6e:95:be:93:6d:57:77:35:0c:9d:
e3:c3:13:33:0e:b8:00:12:90:1d:48:bd:18:85:31:b8:3a:63:
7f:2e:18:77:ec:dd:a3:b6:3f:be:d8:0c:cf:6f:25:de:22:43:
b3:cd:de:a9:92:50:20:b0:42:b3:84:b9:75:bb:a7:63:5f:9e:
a4:03:40:0a:a0:36:2d:cb:ca:3c:fa:a6:c3:95:18:50:ea:d3:
8f:53:f6:bd:39:73:d1:31:ff:56:ec:b1:31:cd:5c:ed:22:43:
67:3c:b3:d8:1d:a5:94:25:95:8e:84:dd:31:e3:2f:4d:a1:99:
6d:15:17:ac:f0:0a:86:d6:ad:29:ac:2c:0b:df:d3:86:ba:d4:
d7:e9:db:c0:dc:d8:62:26:8f:3d:00:55:9a:49:e3:b2:38:66:
b4:2e:94:a4:46:d9:1f:b4:b4:36:d3:59:2c:da:db:c8:67:d1:
03:42:64:18:1e:b8:4a:97:af:ff:e9:b0:26:37:9d:0f:0d:2e:
11:bd:5e:cf:02:85:13:01:a3:16:c5:de:a2:55:f9:98:d3:25:
18:81:67:1a:2f:94:83:fd:7b:5f:d8:2f:b5:f9:a9:2d:bd:73:
d1:23:a6:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyL45mN5ug4G27gGZECsQNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzU2NThiNThiNzE0MTk2ZWVmMzcxYmQ5NjdjMGM1ZTJj
YWJkNjYwHhcNMjMxMjIxMTAxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzkyYzlkZGYwNDNjNGZiOTc2Zjc0ZWE1YmVmNzQ5MTU0MmI3MGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLY+mS1PujNDpwuekqB8hjplMPSY
GVJXo9GUtxB4FmX//k2vm0tqIzAOBB8un+cfod0zsWmhP6diLkL3T28RAJ9zEVhx
68H5rcRtE4wMHJQ2I1qhsqW50QO8KRNgxR8wbRwfaMFHME0vYvNrfW6CexUqUsfT
wTzvOPo30mOZcYdjeWP/Ys/3ZCF4bz3PNPGYxq3BbRTG1HtA4OLEfyF4n3ICb6nh
XzVuLD14c3btha7FUp8GEQm7z/A4Xwj3mz6MNorN5klHJnEPZhH54UQ6X72Z3yZL
wRPiDeD5dZHSjFpZfDBRNi7+Jyyj1K+XhwRB95oRNqbh5n5boLBOAZzcUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIySyd3wQ8T7l2906lvvdJFUK3DlMB8GA1UdIwQY
MBaAFNQ1ZYtYtxQZbu83G9lnwMXiyr1mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURWbGkxaTNGQmx1N3pjYjJXZkF4ZUxLdldZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85MWY4ZjktZmMzZi00YmI4LTg0NTQt
NDA1YjBiZGEyYzI2LzEvakpMSjNmQkR4UHVYYjNUcVctOTBrVlFyY09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi85MWY4ZjktZmMzZi00YmI4LTg0NTQtNDA1YjBiZGEyYzI2
LzEvMURWbGkxaTNGQmx1N3pjYjJXZkF4ZUxLdldZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFLpZAAwQB
W+0GAwQCW+0MAwQEsG+wAwQBwyp+MA0GCSqGSIb3DQEBCwUAA4IBAQCb0lNZmIbo
vc8oLUWrjfGVHEKhFTqTwm8De26VvpNtV3c1DJ3jwxMzDrgAEpAdSL0YhTG4OmN/
Lhh37N2jtj++2AzPbyXeIkOzzd6pklAgsEKzhLl1u6djX56kA0AKoDYty8o8+qbD
lRhQ6tOPU/a9OXPRMf9W7LExzVztIkNnPLPYHaWUJZWOhN0x4y9NoZltFRes8AqG
1q0prCwL39OGutTX6dvA3NhiJo89AFWaSeOyOGa0LpSkRtkftLQ201ks2tvIZ9ED
QmQYHrhKl6//6bAmN50PDS4RvV7PAoUTAaMWxd6iVfmY0yUYgWcaL5SD/Xtf2C+1
+aktvXPRI6Yf
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:23 2024 by rpki-client on console-fra.rpki-client.org