Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/jq1_8TEaZeTm2VaarQPmc7C6h8I.roa
File: jq1_8TEaZeTm2VaarQPmc7C6h8I.roa (raw, json)
Hash identifier: eB8t0Y8lgyPZA5dpVyOuJ/XicINYd7F+0QFJ+vT4b4U=
Subject key identifier: 8E:AD:7F:F1:31:1A:65:E4:E6:D9:56:9A:AD:03:E6:73:B0:BA:87:C2
Certificate issuer: /CN=e2c137106c1a46aea07c24b11729fd7d216a24f5
Certificate serial: 01856D54056E64210B85EB416EA2422C36E9
Authority key identifier: E2:C1:37:10:6C:1A:46:AE:A0:7C:24:B1:17:29:FD:7D:21:6A:24:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sE3EGwaRq6gfCSxFyn9fSFqJPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/jq1_8TEaZeTm2VaarQPmc7C6h8I.roa
Signing time: Sun 01 Jan 2023 12:35:01 +0000
ROA not before: Sun 01 Jan 2023 12:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204456
IP address blocks: 185.222.233.0/24 maxlen: 24
185.222.232.0/22 maxlen: 22
185.222.232.0/24 maxlen: 24
185.222.235.0/24 maxlen: 24
185.222.234.0/24 maxlen: 24
2a0d:800::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:05:6e:64:21:0b:85:eb:41:6e:a2:42:2c:36:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c137106c1a46aea07c24b11729fd7d216a24f5
Validity
Not Before: Jan 1 12:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ead7ff1311a65e4e6d9569aad03e673b0ba87c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c7:ba:8a:86:cc:3f:74:b3:7e:38:9d:1e:32:
c9:e0:4f:05:25:c0:ce:16:55:40:0b:ee:8c:43:25:
f8:fa:09:7a:f9:33:76:ce:28:c6:f9:cc:f6:d1:32:
e3:d6:b3:ec:56:63:e6:ff:a3:e7:b9:71:99:dc:64:
ca:ab:45:32:d8:e2:3a:4f:79:eb:fd:6c:f9:82:23:
ac:22:c7:29:6e:ef:1d:3c:9d:0e:dd:c3:20:1b:74:
ac:9a:eb:ac:91:b0:a9:b1:70:21:bc:5d:df:2e:35:
f8:93:fa:00:01:38:49:e2:c1:e7:e7:8c:9a:b8:0e:
ae:24:92:5d:75:2e:ad:d2:15:8d:07:e5:e4:49:34:
82:dd:ba:64:ae:39:df:f9:ff:21:72:6b:f7:ec:11:
87:14:c4:66:5c:63:ac:26:13:37:99:73:b1:0e:80:
4a:08:59:d0:09:7e:60:2d:97:66:8c:95:fb:0b:83:
48:25:93:c3:4e:5b:e4:04:6b:02:c3:0d:5c:5d:d9:
89:1e:40:3b:09:fe:bc:9b:fd:1c:34:ee:f3:9e:ad:
ad:ae:d1:75:f1:2d:cb:a6:65:08:11:4a:41:b0:56:
42:87:89:78:a2:4d:e6:b2:89:6f:16:8c:53:58:41:
df:a5:2f:a8:2a:49:96:88:5e:e6:a2:12:42:0d:ad:
e2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:AD:7F:F1:31:1A:65:E4:E6:D9:56:9A:AD:03:E6:73:B0:BA:87:C2
X509v3 Authority Key Identifier:
keyid:E2:C1:37:10:6C:1A:46:AE:A0:7C:24:B1:17:29:FD:7D:21:6A:24:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sE3EGwaRq6gfCSxFyn9fSFqJPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/jq1_8TEaZeTm2VaarQPmc7C6h8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/4sE3EGwaRq6gfCSxFyn9fSFqJPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.232.0/22
IPv6:
2a0d:800::/29
Signature Algorithm: sha256WithRSAEncryption
bb:c1:3e:75:e0:66:0d:55:b6:6a:62:3c:4e:48:24:cb:1f:1a:
ba:b1:85:3c:1e:7e:6b:62:ad:eb:2a:f0:b9:fc:ef:0f:69:a1:
d4:2c:d5:ec:42:f7:00:a9:9f:94:03:a2:c7:30:5c:f8:0f:55:
10:00:6d:4e:e9:37:ea:06:ba:98:41:0a:27:3f:d0:23:e0:b5:
80:3a:7f:31:4b:d0:aa:d8:7d:97:55:f1:58:fe:1d:ef:14:d9:
3e:6c:dc:38:73:97:bd:b0:b7:8a:0c:dc:c6:fc:2f:c7:c7:4b:
8d:e9:e1:60:6b:95:b6:87:81:c3:8c:0c:c7:72:4f:66:a6:b7:
32:7b:a1:3e:65:70:8b:6a:6c:60:d4:22:e5:ab:5d:12:c8:65:
42:d0:33:52:2f:e5:52:9f:41:55:e5:7f:64:1a:1e:b8:7f:64:
88:73:c2:fd:49:8d:b6:a5:33:41:8b:2c:71:7c:a0:4a:bd:fc:
56:a7:9f:5e:2e:fd:b9:7b:f6:f5:f2:d2:3b:19:b0:65:f3:c2:
e8:77:4b:cb:f6:10:02:cd:bd:85:d9:b4:d8:cb:b8:1a:81:fc:
a3:e8:fa:86:37:ba:fe:79:55:52:04:fa:dd:43:ee:01:08:c2:
41:f2:89:e9:94:55:b0:72:88:dc:5c:f7:65:7c:d8:b1:2e:76:
20:29:a4:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtVAVuZCELhetBbqJCLDbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzEzNzEwNmMxYTQ2YWVhMDdjMjRiMTE3MjlmZDdkMjE2
YTI0ZjUwHhcNMjMwMTAxMTIzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWFkN2ZmMTMxMWE2NWU0ZTZkOTU2OWFhZDAzZTY3M2IwYmE4N2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArce6iobMP3SzfjidHjLJ4E8FJcDO
FlVAC+6MQyX4+gl6+TN2zijG+cz20TLj1rPsVmPm/6PnuXGZ3GTKq0Uy2OI6T3nr
/Wz5giOsIscpbu8dPJ0O3cMgG3SsmuuskbCpsXAhvF3fLjX4k/oAAThJ4sHn54ya
uA6uJJJddS6t0hWNB+XkSTSC3bpkrjnf+f8hcmv37BGHFMRmXGOsJhM3mXOxDoBK
CFnQCX5gLZdmjJX7C4NIJZPDTlvkBGsCww1cXdmJHkA7Cf68m/0cNO7znq2trtF1
8S3LpmUIEUpBsFZCh4l4ok3msolvFoxTWEHfpS+oKkmWiF7mohJCDa3ivQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI6tf/ExGmXk5tlWmq0D5nOwuofCMB8GA1UdIwQY
MBaAFOLBNxBsGkauoHwksRcp/X0haiT1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNFM0VHd2FScTZnZkNTeEZ5bjlmU0ZxSlBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yNDM1Y2MtNTUzMy00ZjcwLWJiODIt
OWNhZjI1YTQ5OWQ3LzEvanExXzhURWFaZVRtMlZhYXJRUG1jN0M2aDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yNDM1Y2MtNTUzMy00ZjcwLWJiODItOWNhZjI1YTQ5OWQ3
LzEvNHNFM0VHd2FScTZnZkNTeEZ5bjlmU0ZxSlBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud7oMA0E
AgACMAcDBQMqDQgAMA0GCSqGSIb3DQEBCwUAA4IBAQC7wT514GYNVbZqYjxOSCTL
Hxq6sYU8Hn5rYq3rKvC5/O8PaaHULNXsQvcAqZ+UA6LHMFz4D1UQAG1O6TfqBrqY
QQonP9Aj4LWAOn8xS9Cq2H2XVfFY/h3vFNk+bNw4c5e9sLeKDNzG/C/Hx0uN6eFg
a5W2h4HDjAzHck9mprcye6E+ZXCLamxg1CLlq10SyGVC0DNSL+VSn0FV5X9kGh64
f2SIc8L9SY22pTNBiyxxfKBKvfxWp59eLv25e/b18tI7GbBl88Lod0vL9hACzb2F
2bTYy7gagfyj6PqGN7r+eVVSBPrdQ+4BCMJB8onplFWwcojcXPdlfNixLnYgKaTp
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:01 2024 by rpki-client on console.sobornost.net