Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/JW_cMwJWzy85hKjDmtGozGMJpqk.roa
File: JW_cMwJWzy85hKjDmtGozGMJpqk.roa (raw, json)
Hash identifier: M0JTL9HIXYXTnlej1mQbIcRXkFHjRG/Tt/8vTsru/ZE=
Subject key identifier: 25:6F:DC:33:02:56:CF:2F:39:84:A8:C3:9A:D1:A8:CC:63:09:A6:A9
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 019324E8B2AFFCF16FF0C8B9D7182EA4B885
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/JW_cMwJWzy85hKjDmtGozGMJpqk.roa
Signing time: Wed 13 Nov 2024 09:44:10 +0000
ROA not before: Wed 13 Nov 2024 09:44:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.113.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 08:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:e8:b2:af:fc:f1:6f:f0:c8:b9:d7:18:2e:a4:b8:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 13 09:44:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=256fdc330256cf2f3984a8c39ad1a8cc6309a6a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:18:b6:13:f9:bf:6c:0f:38:b3:5c:29:73:
af:28:7e:a5:4e:a0:35:b2:50:3e:f5:cd:0f:a9:b0:
58:37:cf:da:7d:50:1a:cf:58:b8:82:cd:c6:38:0b:
3c:de:0e:24:ab:30:60:23:09:be:be:4f:b1:31:3f:
f2:dd:6e:d4:a9:31:23:f7:e6:62:6d:26:7c:bc:c7:
79:6c:0b:8a:16:01:02:10:d2:f8:c8:7d:9d:8a:fe:
5a:5f:00:dc:7d:e7:6b:23:b9:c3:37:38:99:99:7d:
4e:07:1d:21:b0:58:51:60:cf:19:19:38:60:99:d4:
ec:26:e6:09:45:d7:67:66:c1:5c:f1:ae:f1:62:4c:
d4:6c:57:91:07:fc:27:8f:ab:a3:73:68:24:b5:53:
aa:b9:21:57:db:9f:9e:09:58:0d:5b:18:6f:55:0f:
06:52:3f:9a:4f:fd:c1:21:0f:3b:29:a6:87:fe:6f:
21:f2:83:86:84:9d:dd:6d:36:fe:57:63:29:7c:16:
91:b7:cf:81:fa:5a:2a:62:0f:51:f7:d5:5a:f6:57:
9b:3e:91:3a:20:60:ef:f2:89:84:8c:76:3b:25:53:
e8:f0:22:e6:65:fd:25:71:93:f1:dc:16:49:25:f8:
e7:27:16:45:1d:da:6e:0b:48:3d:e3:5f:e2:d3:cc:
85:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:6F:DC:33:02:56:CF:2F:39:84:A8:C3:9A:D1:A8:CC:63:09:A6:A9
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/JW_cMwJWzy85hKjDmtGozGMJpqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.113.0/24
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
96:61:e3:0a:8e:f6:17:fa:cd:da:24:f2:90:7d:05:7f:b1:40:
b1:63:d5:74:25:aa:2c:94:f2:38:ef:d2:ad:85:9b:0d:84:c8:
d3:a0:6f:7c:26:7e:c8:10:65:5c:ae:ec:90:14:a3:75:74:ee:
ce:44:1b:df:a0:aa:d0:89:c8:0b:d5:a9:3a:03:52:6c:57:84:
a3:b8:41:47:e2:cb:11:c5:c2:5e:61:09:06:f7:6b:a9:f3:74:
e8:f3:95:d1:f2:99:91:e8:de:10:9a:3c:9a:45:17:24:43:7e:
85:0c:d8:de:e7:ea:fa:96:72:27:cf:27:40:5d:18:4d:9d:f1:
1d:74:63:79:46:75:a7:e2:50:19:14:ad:9e:7c:de:27:6a:5b:
5f:71:de:86:a4:3c:85:a3:28:ff:9a:bb:dd:7b:69:d1:48:6c:
59:74:a9:0d:b5:46:41:ab:99:9a:8e:24:cd:78:0b:ef:f2:69:
21:2d:3f:e9:40:c7:50:51:f0:e7:41:51:e7:38:d7:04:d6:b4:
2c:70:47:ec:a0:7e:e2:2f:0b:a7:dc:2c:bc:87:dd:3b:eb:cd:
4e:20:c3:83:38:50:8d:f9:70:fa:e4:0f:bb:19:ff:1f:b1:7a:
04:38:ba:b5:8b:44:42:96:1d:d5:fb:65:b1:56:1f:0a:f6:f0:
32:46:8e:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMk6LKv/PFv8Mi51xgupLiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQxMTEzMDk0NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTZmZGMzMzAyNTZjZjJmMzk4NGE4YzM5YWQxYThjYzYzMDlhNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwAYthP5v2wPOLNcKXOvKH6lTqA1
slA+9c0PqbBYN8/afVAaz1i4gs3GOAs83g4kqzBgIwm+vk+xMT/y3W7UqTEj9+Zi
bSZ8vMd5bAuKFgECENL4yH2div5aXwDcfedrI7nDNziZmX1OBx0hsFhRYM8ZGThg
mdTsJuYJRddnZsFc8a7xYkzUbFeRB/wnj6ujc2gktVOquSFX25+eCVgNWxhvVQ8G
Uj+aT/3BIQ87KaaH/m8h8oOGhJ3dbTb+V2MpfBaRt8+B+loqYg9R99Va9lebPpE6
IGDv8omEjHY7JVPo8CLmZf0lcZPx3BZJJfjnJxZFHdpuC0g941/i08yFcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCVv3DMCVs8vOYSow5rRqMxjCaapMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvSldfY013Sld6eTg1aEtqRG10R296R01KcHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDURaIAwQC
WbkAAwQAbUhxAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCWYeMKjvYX+s3aJPKQ
fQV/sUCxY9V0JaoslPI479KthZsNhMjToG98Jn7IEGVcruyQFKN1dO7ORBvfoKrQ
icgL1ak6A1JsV4SjuEFH4ssRxcJeYQkG92up83To85XR8pmR6N4QmjyaRRckQ36F
DNje5+r6lnInzydAXRhNnfEddGN5RnWn4lAZFK2efN4naltfcd6GpDyFoyj/mrvd
e2nRSGxZdKkNtUZBq5majiTNeAvv8mkhLT/pQMdQUfDnQVHnONcE1rQscEfsoH7i
Lwun3Cy8h907681OIMODOFCN+XD65A+7Gf8fsXoEOLq1i0RClh3V+2WxVh8K9vAy
Ro4T
-----END CERTIFICATE-----
Generated at Fri Nov 15 10:01:39 2024 by rpki-client on console-fra.rpki-client.org