Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/JurMIuHvbEiCCoF2P-PMFTCG2dg.roa
File: JurMIuHvbEiCCoF2P-PMFTCG2dg.roa (raw, json)
Hash identifier: piwip6aQF8U+r9SvG9fWgZ4qimXgyz9RBQTVqYp5XQU=
Subject key identifier: 26:EA:CC:22:E1:EF:6C:48:82:0A:81:76:3F:E3:CC:15:30:86:D9:D8
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01857082AC137BF88887D1108C3DC3221456
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/JurMIuHvbEiCCoF2P-PMFTCG2dg.roa
Signing time: Mon 02 Jan 2023 03:24:49 +0000
ROA not before: Mon 02 Jan 2023 03:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43160
IP address blocks: 5.40.191.0/24 maxlen: 24
89.140.40.0/23 maxlen: 24
62.82.238.0/24 maxlen: 24
5.40.128.0/24 maxlen: 24
89.140.197.0/24 maxlen: 24
89.140.112.0/24 maxlen: 24
62.175.202.0/24 maxlen: 24
62.82.84.0/24 maxlen: 24
84.124.116.0/24 maxlen: 24
89.140.120.0/24 maxlen: 24
89.140.122.0/24 maxlen: 24
5.40.86.0/24 maxlen: 24
5.40.32.0/23 maxlen: 23
5.40.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:ac:13:7b:f8:88:87:d1:10:8c:3d:c3:22:14:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 2 03:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26eacc22e1ef6c48820a81763fe3cc153086d9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ff:cf:41:4a:f3:b0:0d:76:23:90:6f:3f:05:
95:4e:a2:5e:b8:d9:41:09:44:55:25:11:b0:d9:0d:
ba:8d:aa:f2:90:6b:02:4b:87:79:a4:1f:ba:0a:58:
41:0a:ca:52:bd:34:ae:2a:f6:e6:66:e9:32:c4:74:
34:07:ab:76:eb:22:24:8b:03:5b:f3:9f:ed:65:4d:
83:47:f6:34:2a:da:9b:85:42:32:60:e3:de:af:dc:
9c:5d:8e:63:81:2b:0d:cc:f4:d9:a7:c4:e5:ed:ef:
b7:fd:a0:bf:90:3e:d6:ea:fb:20:35:c6:2a:56:84:
26:c2:43:70:c2:41:47:69:d8:64:57:8f:56:70:d1:
79:ae:c2:85:e9:e0:d1:c5:0a:0b:39:85:80:0b:37:
2c:ea:10:c0:4c:ac:c2:6a:b1:76:20:ba:75:ee:7f:
e0:5d:56:da:a2:25:24:39:ee:4b:8d:03:ff:89:76:
1e:07:14:52:7c:79:2b:54:15:65:ce:95:92:65:c7:
81:f4:89:f2:c8:3f:c8:90:54:86:2f:0b:ab:3b:06:
93:42:d0:d9:2f:c2:87:57:38:d0:7b:16:ef:12:0a:
fa:c9:ba:3b:15:87:2b:33:fc:c3:59:22:11:21:f9:
13:63:cd:ee:85:61:02:53:61:34:38:d6:5d:17:1e:
fe:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:EA:CC:22:E1:EF:6C:48:82:0A:81:76:3F:E3:CC:15:30:86:D9:D8
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/JurMIuHvbEiCCoF2P-PMFTCG2dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.32.0/23
5.40.86.0/24
5.40.128.0/24
5.40.191.0/24
5.40.252.0/24
62.82.84.0/24
62.82.238.0/24
62.175.202.0/24
84.124.116.0/24
89.140.40.0/23
89.140.112.0/24
89.140.120.0/24
89.140.122.0/24
89.140.197.0/24
Signature Algorithm: sha256WithRSAEncryption
20:00:e3:da:e9:bc:a7:6d:3a:28:88:60:86:6a:1d:67:b8:55:
39:f3:93:c5:61:a3:44:76:d2:29:1d:1a:61:9b:3d:4a:ac:5c:
30:91:5f:8c:c8:a4:c5:90:a7:53:4e:f1:bd:84:a2:bf:9e:ba:
81:5b:3b:61:87:51:2a:19:b7:d0:6b:ba:df:d7:af:19:2c:94:
d9:8c:8a:ba:88:0d:ca:aa:0b:3e:53:ac:bc:bd:8a:b2:d0:56:
63:a9:1e:e6:eb:d4:06:97:47:ab:25:ff:65:df:d8:f6:3b:9b:
05:c3:f6:17:27:ae:9b:e4:f1:0f:a4:1a:78:17:a9:59:a6:ed:
30:55:bc:04:2b:3c:dd:5e:cc:d9:5f:4b:6c:ba:92:e8:1b:6f:
81:cf:ae:9e:ad:fd:b4:ce:4e:76:b1:b0:d8:c4:13:62:e7:6f:
28:2e:3d:e4:1d:69:e4:66:2f:2b:79:da:2d:18:2f:6f:90:c9:
66:e7:8d:0c:ca:2c:ad:ee:70:dd:ce:98:94:35:0c:aa:58:f9:
7b:5c:87:d6:b1:7c:84:f8:c4:35:9e:85:ca:f3:92:ab:da:3c:
7f:76:c1:3e:c1:3e:33:ff:7f:36:65:af:20:9c:0e:a7:27:60:
fc:40:73:6c:7d:ed:1e:db:f1:f3:b0:af:30:f9:4e:fa:88:fc:
88:95:4d:63
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVwgqwTe/iIh9EQjD3DIhRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwMTAyMDMyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmVhY2MyMmUxZWY2YzQ4ODIwYTgxNzYzZmUzY2MxNTMwODZkOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi//PQUrzsA12I5BvPwWVTqJeuNlB
CURVJRGw2Q26jarykGsCS4d5pB+6ClhBCspSvTSuKvbmZukyxHQ0B6t26yIkiwNb
85/tZU2DR/Y0KtqbhUIyYOPer9ycXY5jgSsNzPTZp8Tl7e+3/aC/kD7W6vsgNcYq
VoQmwkNwwkFHadhkV49WcNF5rsKF6eDRxQoLOYWACzcs6hDATKzCarF2ILp17n/g
XVbaoiUkOe5LjQP/iXYeBxRSfHkrVBVlzpWSZceB9InyyD/IkFSGLwurOwaTQtDZ
L8KHVzjQexbvEgr6ybo7FYcrM/zDWSIRIfkTY83uhWECU2E0ONZdFx7+ZwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCbqzCLh72xIggqBdj/jzBUwhtnYMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvSnVyTUl1SHZiRWlDQ29GMlAtUE1GVENHMmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBBSggAwQA
BShWAwQABSiAAwQABSi/AwQABSj8AwQAPlJUAwQAPlLuAwQAPq/KAwQAVHx0AwQB
WYwoAwQAWYxwAwQAWYx4AwQAWYx6AwQAWYzFMA0GCSqGSIb3DQEBCwUAA4IBAQAg
AOPa6bynbTooiGCGah1nuFU585PFYaNEdtIpHRphmz1KrFwwkV+MyKTFkKdTTvG9
hKK/nrqBWzthh1EqGbfQa7rf168ZLJTZjIq6iA3Kqgs+U6y8vYqy0FZjqR7m69QG
l0erJf9l39j2O5sFw/YXJ66b5PEPpBp4F6lZpu0wVbwEKzzdXszZX0tsupLoG2+B
z66erf20zk52sbDYxBNi528oLj3kHWnkZi8redotGC9vkMlm540Myiyt7nDdzpiU
NQyqWPl7XIfWsXyE+MQ1noXK85Kr2jx/dsE+wT4z/382Za8gnA6nJ2D8QHNsfe0e
2/HzsK8w+U76iPyIlU1j
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:15 2024 by rpki-client on console-ams.rpki-client.org