Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/jXEaF3KmZtKrAcblkkRfe964qBg.roa
File: jXEaF3KmZtKrAcblkkRfe964qBg.roa (raw, json)
Hash identifier: oO7qLGOAXm2kqGC0W8T0BvUlddO2wxU8smCRxtuWoZQ=
Subject key identifier: 8D:71:1A:17:72:A6:66:D2:AB:01:C6:E5:92:44:5F:7B:DE:B8:A8:18
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 01877EA7D6F6B0661677CED86596A1835CAD
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/jXEaF3KmZtKrAcblkkRfe964qBg.roa
Signing time: Fri 14 Apr 2023 07:25:41 +0000
ROA not before: Fri 14 Apr 2023 07:25:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20847
IP address blocks: 195.211.72.0/22 maxlen: 24
141.138.168.0/22 maxlen: 24
2a03:3c00::/33 maxlen: 33
2a03:3c00:8000::/34 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7e:a7:d6:f6:b0:66:16:77:ce:d8:65:96:a1:83:5c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Apr 14 07:25:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d711a1772a666d2ab01c6e592445f7bdeb8a818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:08:c3:eb:8f:dc:d9:63:04:39:fd:42:e2:4e:
f2:d1:a6:42:ce:ed:48:54:45:6d:20:7d:56:45:69:
5c:91:78:21:48:02:66:70:61:bb:67:eb:c9:bf:0a:
9c:ed:c8:1f:d9:f7:18:7e:df:22:9e:09:89:93:b5:
e8:f7:93:33:a9:9f:86:53:b0:41:ba:8c:8a:d4:cf:
7d:ca:a2:8e:2a:19:58:cc:b0:dd:35:c2:35:9a:63:
32:a1:d1:98:68:a6:e6:b6:03:04:30:ca:27:65:1a:
d3:ba:fe:99:5c:cd:a7:8f:ee:33:28:a1:49:bd:8d:
f6:f4:24:5c:96:a6:14:aa:6b:9b:7b:da:16:53:d4:
7f:05:84:41:68:65:6a:f3:f0:7b:9c:94:b7:55:48:
ce:e4:f6:65:50:f8:ff:e3:e1:34:1a:dc:c0:67:8d:
c1:cd:99:97:b3:76:18:5e:ef:b6:e2:99:9a:c0:1f:
e5:27:3b:e1:38:2e:db:ba:a9:51:eb:ca:67:a8:9b:
88:bc:c1:24:de:8d:ed:73:fc:b4:a6:ee:16:71:48:
ab:99:64:30:5c:20:91:6c:d5:d6:64:27:8c:36:51:
e0:0f:33:6e:b9:eb:88:b5:f2:5a:78:9c:bd:d5:8a:
2f:46:f1:bd:e0:5b:99:23:92:4f:59:1e:ea:e5:ad:
b7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:71:1A:17:72:A6:66:D2:AB:01:C6:E5:92:44:5F:7B:DE:B8:A8:18
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/jXEaF3KmZtKrAcblkkRfe964qBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.168.0/22
195.211.72.0/22
IPv6:
2a03:3c00::-2a03:3c00:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:6a:47:59:d4:78:db:d1:2a:46:82:d4:1e:60:3c:d9:a7:8e:
2e:b0:65:64:c0:80:71:59:f6:77:ca:d9:5c:fe:83:be:7b:2b:
02:2f:ad:9c:ec:88:bb:87:40:ad:ac:c4:d5:df:54:7d:74:d8:
30:b2:21:aa:75:a7:55:9f:da:c2:c4:ff:ea:fb:22:f6:59:b7:
99:64:7e:01:73:e4:38:21:c2:fc:cb:b0:57:f9:82:63:32:27:
4a:c8:2d:38:f2:38:2c:43:4d:61:45:73:84:f1:6f:79:62:48:
af:7e:f7:1b:cc:e3:16:e2:5e:16:5a:6a:e0:56:3c:0f:62:1d:
b8:f1:78:94:58:95:70:be:ca:bb:9d:29:6a:2b:72:33:c2:26:
c7:bd:8e:8d:89:5a:72:35:4c:38:73:89:bb:ad:a9:03:5f:f2:
3e:bb:15:ba:0e:fb:fa:d9:b5:2f:fb:af:0c:75:5d:b3:05:52:
47:f6:21:ba:b9:0d:b6:76:ce:79:1b:5b:bb:dc:ea:ce:bb:7c:
fb:72:c4:c9:18:b6:eb:06:a3:1e:32:b8:44:23:80:6b:77:9c:
78:11:dd:bc:55:64:59:87:8c:9e:67:f0:32:19:17:5d:02:68:
a4:fd:af:9d:7e:9d:df:c8:16:6e:74:b9:fa:54:18:0c:60:de:
87:1e:d9:d0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYd+p9b2sGYWd87YZZahg1ytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjMwNDE0MDcyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDcxMWExNzcyYTY2NmQyYWIwMWM2ZTU5MjQ0NWY3YmRlYjhhODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgjD64/c2WMEOf1C4k7y0aZCzu1I
VEVtIH1WRWlckXghSAJmcGG7Z+vJvwqc7cgf2fcYft8ingmJk7Xo95MzqZ+GU7BB
uoyK1M99yqKOKhlYzLDdNcI1mmMyodGYaKbmtgMEMMonZRrTuv6ZXM2nj+4zKKFJ
vY329CRclqYUqmube9oWU9R/BYRBaGVq8/B7nJS3VUjO5PZlUPj/4+E0GtzAZ43B
zZmXs3YYXu+24pmawB/lJzvhOC7buqlR68pnqJuIvMEk3o3tc/y0pu4WcUirmWQw
XCCRbNXWZCeMNlHgDzNuueuItfJaeJy91YovRvG94FuZI5JPWR7q5a23OQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI1xGhdypmbSqwHG5ZJEX3veuKgYMB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEvalhFYUYzS21adEtyQWNibGtrUmZlOTY0cUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCjYqoAwQC
w9NIMBYEAgACMBAwDgMEAioDPAMGBioDPACAMA0GCSqGSIb3DQEBCwUAA4IBAQBr
akdZ1Hjb0SpGgtQeYDzZp44usGVkwIBxWfZ3ytlc/oO+eysCL62c7Ii7h0CtrMTV
31R9dNgwsiGqdadVn9rCxP/q+yL2WbeZZH4Bc+Q4IcL8y7BX+YJjMidKyC048jgs
Q01hRXOE8W95YkivfvcbzOMW4l4WWmrgVjwPYh248XiUWJVwvsq7nSlqK3IzwibH
vY6NiVpyNUw4c4m7rakDX/I+uxW6Dvv62bUv+68MdV2zBVJH9iG6uQ22ds55G1u7
3OrOu3z7csTJGLbrBqMeMrhEI4Brd5x4Ed28VWRZh4yeZ/AyGRddAmik/a+dfp3f
yBZudLn6VBgMYN6HHtnQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:31:06 2024 by rpki-client on console.sobornost.net