Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/958a2c-cef0-4bcc-99c2-321c9d66c847/1/jwr-AMkOm7z8Fmj6bZ_bQXXfck4.roa
File: jwr-AMkOm7z8Fmj6bZ_bQXXfck4.roa (raw, json)
Hash identifier: 6sQ+YZNAHVEwy/rsvEFPLWQVmEagP0UpRSVqnq295dw=
Subject key identifier: 8F:0A:FE:00:C9:0E:9B:BC:FC:16:68:FA:6D:9F:DB:41:75:DF:72:4E
Certificate issuer: /CN=83a062525292a29e97fe6a055b9bd6084a771977
Certificate serial: 018CC79554C3DE261369D9CDBC548EA1B39E
Authority key identifier: 83:A0:62:52:52:92:A2:9E:97:FE:6A:05:5B:9B:D6:08:4A:77:19:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g6BiUlKSop6X_moFW5vWCEp3GXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/958a2c-cef0-4bcc-99c2-321c9d66c847/1/jwr-AMkOm7z8Fmj6bZ_bQXXfck4.roa
Signing time: Tue 02 Jan 2024 00:31:41 +0000
ROA not before: Tue 02 Jan 2024 00:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202691
IP address blocks: 185.157.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:54:c3:de:26:13:69:d9:cd:bc:54:8e:a1:b3:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83a062525292a29e97fe6a055b9bd6084a771977
Validity
Not Before: Jan 2 00:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f0afe00c90e9bbcfc1668fa6d9fdb4175df724e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:09:fd:88:0f:55:b8:c7:f5:18:9f:17:15:5e:
fc:65:e8:ea:37:75:bd:ec:00:1c:f9:b8:e9:27:21:
ae:72:75:25:69:35:d7:88:05:9a:ef:e6:0d:8e:95:
49:d4:6b:64:62:a5:b4:2a:04:f3:62:ed:ac:c7:b7:
db:ea:eb:3c:ae:f3:d2:86:04:07:1b:da:f8:aa:5c:
db:e1:9c:46:cc:1f:15:b4:4c:99:a3:e9:e8:4f:4d:
c0:33:2e:04:4e:e5:43:3e:a3:22:fd:53:17:82:f7:
37:34:ae:77:a8:dc:54:8c:e9:c6:49:f0:ab:25:32:
c6:b9:66:ef:a9:f6:3d:c2:e7:9e:99:e6:c6:bc:1b:
38:52:d6:2e:af:46:09:c7:79:ff:28:a3:23:d9:4f:
e1:5b:4d:6a:5d:4b:10:b9:0a:26:80:e9:4a:c1:8b:
2f:7a:81:5b:43:0e:2b:2c:ef:39:46:a8:25:38:5d:
30:9d:28:00:45:c1:78:97:a5:78:0c:98:45:84:39:
19:6f:ec:8d:84:3b:6c:17:c5:81:f6:77:04:e1:d3:
97:53:ca:d9:02:3a:31:d1:24:13:fa:8d:02:cd:ee:
e3:30:eb:da:da:1c:52:e3:10:32:38:e6:ae:03:52:
f8:5b:6e:b2:b4:b8:8e:26:80:64:ae:f0:bc:fc:7f:
c9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:0A:FE:00:C9:0E:9B:BC:FC:16:68:FA:6D:9F:DB:41:75:DF:72:4E
X509v3 Authority Key Identifier:
keyid:83:A0:62:52:52:92:A2:9E:97:FE:6A:05:5B:9B:D6:08:4A:77:19:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g6BiUlKSop6X_moFW5vWCEp3GXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/958a2c-cef0-4bcc-99c2-321c9d66c847/1/jwr-AMkOm7z8Fmj6bZ_bQXXfck4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/958a2c-cef0-4bcc-99c2-321c9d66c847/1/g6BiUlKSop6X_moFW5vWCEp3GXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.72.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:3a:81:e4:61:4f:e5:6d:11:fc:a1:64:05:46:c0:e7:f2:4a:
28:d6:d7:76:67:53:80:37:f9:17:5c:49:a2:31:41:06:c6:51:
b0:c6:cd:5b:db:a1:43:8d:bc:6a:78:ff:b5:80:e0:b6:6e:0f:
59:dc:0e:32:21:dc:76:77:cd:43:cd:fd:7b:b8:60:05:87:79:
b9:ef:50:e7:c5:c5:e2:d7:03:73:e3:07:86:b0:48:24:27:65:
97:d1:35:d9:97:8f:65:fe:9c:da:5c:d4:1c:5c:a1:dd:6f:6c:
3f:39:2f:7e:92:00:43:2e:03:e1:21:66:f5:c9:37:a3:af:b6:
bb:de:28:45:d7:b5:a8:52:ef:a6:41:df:fe:3c:98:01:84:3e:
f9:ff:cc:b7:62:e8:20:8b:c8:37:dd:98:7e:c1:d2:50:1e:44:
f1:25:fd:a6:6f:b1:8e:1b:67:a4:dc:00:e6:e6:06:c9:d4:2d:
66:92:8f:d3:79:04:cb:c5:be:17:89:c5:64:7f:5d:52:94:db:
b4:99:f8:18:fa:8a:03:9f:db:3e:ff:31:4a:a2:9f:ce:a5:38:
1c:de:bc:93:00:b6:69:05:99:2f:a9:bf:df:60:ff:72:15:fc:
9f:87:d1:71:59:e3:6f:ba:ac:8e:a5:26:e5:73:d6:f8:8d:79:
ef:b1:f6:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlVTD3iYTadnNvFSOobOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYTA2MjUyNTI5MmEyOWU5N2ZlNmEwNTViOWJkNjA4NGE3
NzE5NzcwHhcNMjQwMTAyMDAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjBhZmUwMGM5MGU5YmJjZmMxNjY4ZmE2ZDlmZGI0MTc1ZGY3MjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgn9iA9VuMf1GJ8XFV78ZejqN3W9
7AAc+bjpJyGucnUlaTXXiAWa7+YNjpVJ1GtkYqW0KgTzYu2sx7fb6us8rvPShgQH
G9r4qlzb4ZxGzB8VtEyZo+noT03AMy4ETuVDPqMi/VMXgvc3NK53qNxUjOnGSfCr
JTLGuWbvqfY9wueemebGvBs4UtYur0YJx3n/KKMj2U/hW01qXUsQuQomgOlKwYsv
eoFbQw4rLO85RqglOF0wnSgARcF4l6V4DJhFhDkZb+yNhDtsF8WB9ncE4dOXU8rZ
Ajox0SQT+o0Cze7jMOva2hxS4xAyOOauA1L4W26ytLiOJoBkrvC8/H/JswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI8K/gDJDpu8/BZo+m2f20F133JOMB8GA1UdIwQY
MBaAFIOgYlJSkqKel/5qBVub1ghKdxl3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzZCaVVsS1NvcDZYX21vRlc1dldDRXAzR1hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85NThhMmMtY2VmMC00YmNjLTk5YzIt
MzIxYzlkNjZjODQ3LzEvandyLUFNa09tN3o4Rm1qNmJaX2JRWFhmY2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85NThhMmMtY2VmMC00YmNjLTk5YzItMzIxYzlkNjZjODQ3
LzEvZzZCaVVsS1NvcDZYX21vRlc1dldDRXAzR1hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ1IMA0G
CSqGSIb3DQEBCwUAA4IBAQAqOoHkYU/lbRH8oWQFRsDn8koo1td2Z1OAN/kXXEmi
MUEGxlGwxs1b26FDjbxqeP+1gOC2bg9Z3A4yIdx2d81Dzf17uGAFh3m571DnxcXi
1wNz4weGsEgkJ2WX0TXZl49l/pzaXNQcXKHdb2w/OS9+kgBDLgPhIWb1yTejr7a7
3ihF17WoUu+mQd/+PJgBhD75/8y3Yuggi8g33Zh+wdJQHkTxJf2mb7GOG2ek3ADm
5gbJ1C1mko/TeQTLxb4XicVkf11SlNu0mfgY+ooDn9s+/zFKop/OpTgc3ryTALZp
BZkvqb/fYP9yFfyfh9FxWeNvuqyOpSblc9b4jXnvsfZj
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:32 2025 by rpki-client