Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/JCyvrbnQaCgJHN4pypbHztZvMYE.roa
File: JCyvrbnQaCgJHN4pypbHztZvMYE.roa (raw, json)
Hash identifier: rg/DH6wlO+JM00xk7hLB6IkawPMQw/pzorT5FAFBBgg=
Subject key identifier: 24:2C:AF:AD:B9:D0:68:28:09:1C:DE:29:CA:96:C7:CE:D6:6F:31:81
Certificate issuer: /CN=528d5814c7156420dec3a3f7e526ef0f8333eef6
Certificate serial: 018CC3B72105125AFD675140299FE3776D28
Authority key identifier: 52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/JCyvrbnQaCgJHN4pypbHztZvMYE.roa
Signing time: Mon 01 Jan 2024 06:30:07 +0000
ROA not before: Mon 01 Jan 2024 06:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209609
IP address blocks: 195.210.38.0/24 maxlen: 24
195.210.39.0/24 maxlen: 24
109.71.76.0/24 maxlen: 24
2001:678:900::/48 maxlen: 48
2a0c:3340::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 06 Apr 2024 12:07:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:21:05:12:5a:fd:67:51:40:29:9f:e3:77:6d:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=528d5814c7156420dec3a3f7e526ef0f8333eef6
Validity
Not Before: Jan 1 06:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=242cafadb9d06828091cde29ca96c7ced66f3181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c0:a5:d7:a8:ef:8a:8f:c3:ea:6b:8b:c2:33:
d9:b6:01:f6:7a:8d:bf:e2:e5:52:de:ed:92:3d:c3:
d5:d5:92:4a:c9:02:12:45:57:a4:03:6f:8e:7a:45:
06:cc:74:3e:ce:df:8e:08:06:59:28:0c:bb:69:79:
29:1a:d8:6d:c6:da:48:98:35:a2:1a:96:cf:d0:01:
a3:9e:4f:ea:3e:95:b7:a5:0d:5d:e6:38:b1:ce:7c:
d4:ef:9f:09:14:79:7e:4d:81:f0:7a:cb:76:24:bc:
03:d8:c0:e0:fe:0e:07:46:aa:9c:75:2a:f9:af:47:
56:82:60:36:7e:50:ed:8f:b8:2d:43:e0:02:0e:52:
45:7b:cc:08:14:51:fe:ec:82:ed:0d:dd:c3:a3:a1:
cc:3c:6b:00:34:da:f2:07:12:66:53:42:e2:8e:3d:
aa:1b:08:da:23:4a:2d:30:85:e2:6b:39:e1:ea:ef:
a1:07:e8:cc:01:f7:e4:75:e0:53:87:65:50:ae:c6:
16:77:2a:7b:7f:91:80:ad:0c:66:d1:c1:c9:4a:74:
8e:b1:11:72:9d:1c:46:8b:5f:cc:6c:aa:eb:52:2d:
93:96:c0:e1:81:ef:1d:8c:c9:9c:b5:ad:41:ed:df:
24:aa:66:c2:71:69:14:8b:48:87:79:d4:b2:83:9c:
dd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2C:AF:AD:B9:D0:68:28:09:1C:DE:29:CA:96:C7:CE:D6:6F:31:81
X509v3 Authority Key Identifier:
keyid:52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/JCyvrbnQaCgJHN4pypbHztZvMYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/Uo1YFMcVZCDew6P35SbvD4Mz7vY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.76.0/24
195.210.38.0/23
IPv6:
2001:678:900::/48
2a0c:3340::/29
Signature Algorithm: sha256WithRSAEncryption
1a:7f:c3:83:74:5e:c0:2b:08:12:79:2f:09:41:95:33:85:f7:
38:eb:50:e7:56:f2:9d:d7:47:88:9d:3a:c2:8b:a0:e3:22:1e:
70:1c:f3:ad:cc:ef:b3:08:e1:c8:46:47:e5:e3:2b:ac:58:78:
41:ca:52:74:51:53:7f:98:0e:ba:ac:27:48:de:9c:5f:e9:29:
93:45:a6:cb:ec:42:f7:a0:41:d2:be:f1:c7:8d:fd:05:f1:56:
79:4f:0b:1e:81:a6:ad:1d:ea:ff:88:4b:a3:42:4c:77:d9:06:
17:62:b9:c1:18:9d:f0:b3:24:78:fd:cc:d3:96:5c:21:aa:f4:
0c:d7:12:d3:18:53:94:52:6d:88:5c:ef:b9:12:78:ee:b1:55:
5d:c7:98:45:a1:ee:39:25:e8:7c:a8:16:ec:50:1e:d2:bd:3e:
79:1b:37:e3:85:fb:cc:e6:a7:32:57:9a:4a:f2:93:3a:ce:55:
57:bb:b3:aa:89:08:27:33:f8:80:0d:5b:bf:cd:94:d5:03:da:
80:43:62:01:97:67:d6:2a:76:b1:4d:70:17:16:df:d1:4b:b9:
07:6d:bf:ff:a0:c6:93:4e:87:d8:ec:e9:5f:5b:56:ab:a6:4f:
f9:49:47:e9:e6:1b:dc:a4:75:b6:af:a2:f0:5f:ad:53:1e:9f:
66:de:04:f2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzDtyEFElr9Z1FAKZ/jd20oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOGQ1ODE0YzcxNTY0MjBkZWMzYTNmN2U1MjZlZjBmODMz
M2VlZjYwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDJjYWZhZGI5ZDA2ODI4MDkxY2RlMjljYTk2YzdjZWQ2NmYzMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcCl16jvio/D6muLwjPZtgH2eo2/
4uVS3u2SPcPV1ZJKyQISRVekA2+OekUGzHQ+zt+OCAZZKAy7aXkpGthtxtpImDWi
GpbP0AGjnk/qPpW3pQ1d5jixznzU758JFHl+TYHwest2JLwD2MDg/g4HRqqcdSr5
r0dWgmA2flDtj7gtQ+ACDlJFe8wIFFH+7ILtDd3Do6HMPGsANNryBxJmU0Lijj2q
GwjaI0otMIXiaznh6u+hB+jMAffkdeBTh2VQrsYWdyp7f5GArQxm0cHJSnSOsRFy
nRxGi1/MbKrrUi2TlsDhge8djMmcta1B7d8kqmbCcWkUi0iHedSyg5zdZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCQsr6250GgoCRzeKcqWx87WbzGBMB8GA1UdIwQY
MBaAFFKNWBTHFWQg3sOj9+Um7w+DM+72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW8xWUZNY1ZaQ0RldzZQMzVTYnZENE16N3ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iZWFjMDktYzQ5Zi00YzcwLTk4MTgt
NDMxYzM5YmI3YjM4LzEvSkN5dnJiblFhQ2dKSE40cHlwYkh6dFp2TVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iZWFjMDktYzQ5Zi00YzcwLTk4MTgtNDMxYzM5YmI3YjM4
LzEvVW8xWUZNY1ZaQ0RldzZQMzVTYnZENE16N3ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAbUdMAwQB
w9ImMBYEAgACMBADBwAgAQZ4CQADBQMqDDNAMA0GCSqGSIb3DQEBCwUAA4IBAQAa
f8ODdF7AKwgSeS8JQZUzhfc461DnVvKd10eInTrCi6DjIh5wHPOtzO+zCOHIRkfl
4yusWHhBylJ0UVN/mA66rCdI3pxf6SmTRabL7EL3oEHSvvHHjf0F8VZ5Twsegaat
Her/iEujQkx32QYXYrnBGJ3wsyR4/czTllwhqvQM1xLTGFOUUm2IXO+5EnjusVVd
x5hFoe45Jeh8qBbsUB7SvT55GzfjhfvM5qcyV5pK8pM6zlVXu7OqiQgnM/iADVu/
zZTVA9qAQ2IBl2fWKnaxTXAXFt/RS7kHbb//oMaTTofY7OlfW1arpk/5SUfp5hvc
pHW2r6LwX61THp9m3gTy
-----END CERTIFICATE-----
Generated at Sat Apr 6 16:34:37 2024 by rpki-client on console.sobornost.net