Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/35ffbf-485d-4906-8654-8ac7e036eb81/1/A-jWkw4jgkIsJ6sTCaQSNpzv_dk.roa
File: A-jWkw4jgkIsJ6sTCaQSNpzv_dk.roa (raw, json)
Hash identifier: g/sT+HbOIGl8n31qSxm4cerqrW7qVXT59O2IGodaNB4=
Subject key identifier: 03:E8:D6:93:0E:23:82:42:2C:27:AB:13:09:A4:12:36:9C:EF:FD:D9
Certificate issuer: /CN=e9bf904f418bfc7b49b85f3abdac417cca5e3759
Certificate serial: 018570D52511296D60B9B2492DDC754FCAA1
Authority key identifier: E9:BF:90:4F:41:8B:FC:7B:49:B8:5F:3A:BD:AC:41:7C:CA:5E:37:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b-QT0GL_HtJuF86vaxBfMpeN1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/35ffbf-485d-4906-8654-8ac7e036eb81/1/A-jWkw4jgkIsJ6sTCaQSNpzv_dk.roa
Signing time: Mon 02 Jan 2023 04:54:54 +0000
ROA not before: Mon 02 Jan 2023 04:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212642
IP address blocks: 89.221.111.0/24 maxlen: 24
2a00:1e1f:ff00::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:25:11:29:6d:60:b9:b2:49:2d:dc:75:4f:ca:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9bf904f418bfc7b49b85f3abdac417cca5e3759
Validity
Not Before: Jan 2 04:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03e8d6930e2382422c27ab1309a412369ceffdd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:20:7c:a0:4a:f6:fc:48:bf:f3:3d:2d:17:00:
d4:66:a9:45:92:d7:46:28:5f:52:b6:c1:49:ed:f0:
9b:30:68:78:bc:42:45:0c:75:f6:24:ae:aa:52:d4:
6b:7e:6e:24:4f:8e:7e:fa:25:9b:09:85:5f:78:e8:
9d:6e:a3:0a:e0:02:3b:37:ad:41:32:3c:39:12:8e:
63:d9:c9:74:33:19:99:e1:d5:d7:43:d0:48:b4:29:
cd:d1:b8:9d:2b:6a:1a:a5:56:9d:9c:28:84:dd:f5:
d6:86:31:77:9f:06:de:4d:68:5c:8f:b4:20:91:ee:
db:bf:8a:4d:b1:7d:9f:eb:f8:ad:14:e7:33:59:83:
ec:3c:62:51:83:d6:df:ec:0d:23:fb:c9:06:16:07:
7f:a3:6f:2f:55:fc:65:35:92:76:39:3c:3b:f0:d4:
bc:3a:47:99:56:41:a0:73:a4:9d:e9:1e:6f:a4:83:
06:90:08:c9:35:ad:a4:7d:73:8c:7f:e2:25:63:23:
1d:c8:3c:13:fe:5c:21:4f:35:e7:3e:76:d6:22:f7:
64:4b:1d:be:94:26:72:f4:df:ef:4c:2d:f8:21:b0:
9d:c6:30:57:0a:c4:3d:ad:54:65:24:94:83:da:6a:
41:b2:07:7f:3f:d4:18:51:b3:7c:20:85:8a:04:3b:
92:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E8:D6:93:0E:23:82:42:2C:27:AB:13:09:A4:12:36:9C:EF:FD:D9
X509v3 Authority Key Identifier:
keyid:E9:BF:90:4F:41:8B:FC:7B:49:B8:5F:3A:BD:AC:41:7C:CA:5E:37:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b-QT0GL_HtJuF86vaxBfMpeN1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/35ffbf-485d-4906-8654-8ac7e036eb81/1/A-jWkw4jgkIsJ6sTCaQSNpzv_dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/35ffbf-485d-4906-8654-8ac7e036eb81/1/6b-QT0GL_HtJuF86vaxBfMpeN1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.221.111.0/24
IPv6:
2a00:1e1f:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
1a:99:64:ab:2a:9d:a9:23:c6:0a:8b:96:c7:d6:8b:30:ee:c8:
89:43:75:6a:2b:b4:53:82:33:2c:c6:ec:b0:3c:47:85:62:4d:
92:8e:eb:be:7d:e7:a3:3b:c7:72:ce:af:64:59:db:f6:27:d1:
a6:15:c5:50:77:bb:a6:58:01:10:2e:96:44:1b:da:84:49:ce:
4d:a6:ec:15:a3:b6:a3:c2:b1:9c:77:6d:9c:5a:51:0b:8b:ff:
cd:42:8e:bf:8b:d4:cd:2c:38:be:4b:d8:d6:94:2f:a8:8c:15:
35:27:c4:11:be:b6:c2:c6:8f:ce:e0:32:c4:25:4e:f2:fa:4c:
05:6b:73:3c:79:28:35:63:e6:6b:38:48:03:5c:8d:81:37:b3:
28:83:a2:36:c6:7f:a1:ca:36:bb:c0:3f:5a:1f:cd:dc:41:6f:
8e:0e:45:7b:a8:19:3e:6d:00:23:6a:6f:23:c8:c0:4b:d2:f2:
b7:e3:27:a9:b4:18:87:8e:c0:55:d5:33:79:97:d7:d9:ed:47:
d7:ec:08:53:66:cf:d3:b8:9f:5b:29:5a:66:41:f8:32:92:ab:
de:1f:d8:cf:58:1d:bb:c5:27:6c:64:c1:dd:ec:a3:3c:6d:a1:
6e:47:fb:54:3a:35:ac:1a:08:a7:04:ed:b6:11:78:2f:73:2f:
da:bd:ce:a6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVw1SURKW1gubJJLdx1T8qhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmY5MDRmNDE4YmZjN2I0OWI4NWYzYWJkYWM0MTdjY2E1
ZTM3NTkwHhcNMjMwMTAyMDQ1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2U4ZDY5MzBlMjM4MjQyMmMyN2FiMTMwOWE0MTIzNjljZWZmZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSB8oEr2/Ei/8z0tFwDUZqlFktdG
KF9StsFJ7fCbMGh4vEJFDHX2JK6qUtRrfm4kT45++iWbCYVfeOidbqMK4AI7N61B
Mjw5Eo5j2cl0MxmZ4dXXQ9BItCnN0bidK2oapVadnCiE3fXWhjF3nwbeTWhcj7Qg
ke7bv4pNsX2f6/itFOczWYPsPGJRg9bf7A0j+8kGFgd/o28vVfxlNZJ2OTw78NS8
OkeZVkGgc6Sd6R5vpIMGkAjJNa2kfXOMf+IlYyMdyDwT/lwhTzXnPnbWIvdkSx2+
lCZy9N/vTC34IbCdxjBXCsQ9rVRlJJSD2mpBsgd/P9QYUbN8IIWKBDuSAQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAPo1pMOI4JCLCerEwmkEjac7/3ZMB8GA1UdIwQY
MBaAFOm/kE9Bi/x7SbhfOr2sQXzKXjdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmItUVQwR0xfSHRKdUY4NnZheEJmTXBlTjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8zNWZmYmYtNDg1ZC00OTA2LTg2NTQt
OGFjN2UwMzZlYjgxLzEvQS1qV2t3NGpna0lzSjZzVENhUVNOcHp2X2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8zNWZmYmYtNDg1ZC00OTA2LTg2NTQtOGFjN2UwMzZlYjgx
LzEvNmItUVQwR0xfSHRKdUY4NnZheEJmTXBlTjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAWd1vMA4E
AgACMAgDBgAqAB4f/zANBgkqhkiG9w0BAQsFAAOCAQEAGplkqyqdqSPGCouWx9aL
MO7IiUN1aiu0U4IzLMbssDxHhWJNko7rvn3nozvHcs6vZFnb9ifRphXFUHe7plgB
EC6WRBvahEnOTabsFaO2o8KxnHdtnFpRC4v/zUKOv4vUzSw4vkvY1pQvqIwVNSfE
Eb62wsaPzuAyxCVO8vpMBWtzPHkoNWPmazhIA1yNgTezKIOiNsZ/oco2u8A/Wh/N
3EFvjg5Fe6gZPm0AI2pvI8jAS9Lyt+MnqbQYh47AVdUzeZfX2e1H1+wIU2bP07if
WylaZkH4MpKr3h/Yz1gdu8UnbGTB3eyjPG2hbkf7VDo1rBoIpwTtthF4L3Mv2r3O
pg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:46 2024 by rpki-client on console-fra.rpki-client.org