Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jnJtws6bZDua0-xdjb9WNPAKAvQ.roa
File: jnJtws6bZDua0-xdjb9WNPAKAvQ.roa (raw, json)
Hash identifier: 7rVIOzhAKM8mWBzIw2OAItXVAZk1XjYelYauq5pSCEo=
Subject key identifier: 8E:72:6D:C2:CE:9B:64:3B:9A:D3:EC:5D:8D:BF:56:34:F0:0A:02:F4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189D953DEB461F76AF367762D2462D04773
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jnJtws6bZDua0-xdjb9WNPAKAvQ.roa
Signing time: Wed 09 Aug 2023 08:04:59 +0000
ROA not before: Wed 09 Aug 2023 08:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43548
IP address blocks: 94.156.4.0/23 maxlen: 23
93.123.65.0/24 maxlen: 24
85.217.164.0/22 maxlen: 22
87.120.99.0/24 maxlen: 24
85.217.176.0/21 maxlen: 21
91.92.168.0/22 maxlen: 22
87.120.246.0/24 maxlen: 24
94.156.80.0/21 maxlen: 21
87.121.108.0/23 maxlen: 23
94.156.97.0/24 maxlen: 24
2a00:1728:2d::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d9:53:de:b4:61:f7:6a:f3:67:76:2d:24:62:d0:47:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 9 08:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e726dc2ce9b643b9ad3ec5d8dbf5634f00a02f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0a:27:39:cb:5b:f5:8a:c7:26:9d:c2:6c:53:
0f:14:97:26:cf:83:bd:1d:44:65:e8:39:f1:6a:09:
42:75:d2:91:13:54:42:26:22:9d:b5:00:f6:2b:9b:
47:4b:6f:ec:9e:b8:bb:f1:2c:8e:70:cb:fe:52:5c:
09:98:2f:da:fb:ce:88:b8:fb:de:59:85:bf:e3:bd:
5e:6a:43:4d:0b:fc:3f:27:95:51:45:17:7c:6b:4d:
56:ac:28:c5:97:2c:5f:d9:88:b8:26:79:95:83:66:
9c:50:5f:4a:ac:36:40:73:8b:66:14:cf:84:80:b4:
c2:97:0d:35:99:68:bc:ce:a9:5a:5a:a5:7d:53:e4:
9e:db:68:b6:65:40:36:7f:13:be:5c:66:f1:29:88:
1f:eb:f0:85:e1:0a:11:9f:26:6a:2e:37:fe:ba:15:
05:13:ca:91:7d:7b:fe:27:4d:7c:93:33:3d:a3:ed:
a1:af:69:1e:cc:5c:ed:56:ce:65:a5:d1:57:9d:a2:
ad:20:fe:b7:e8:1b:37:fd:00:83:f4:8e:64:23:bf:
0f:c6:a8:49:b7:18:8c:02:e5:d7:5d:b4:18:a2:e3:
b7:33:9a:5c:18:44:14:ea:dd:e5:b5:8e:c7:5c:bf:
86:e5:10:f8:a9:fa:26:46:ab:59:14:d3:11:de:7d:
d8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:72:6D:C2:CE:9B:64:3B:9A:D3:EC:5D:8D:BF:56:34:F0:0A:02:F4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jnJtws6bZDua0-xdjb9WNPAKAvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.164.0/22
85.217.176.0/21
87.120.99.0/24
87.120.246.0/24
87.121.108.0/23
91.92.168.0/22
93.123.65.0/24
94.156.4.0/23
94.156.80.0/21
94.156.97.0/24
IPv6:
2a00:1728:2d::/48
Signature Algorithm: sha256WithRSAEncryption
a7:1e:f8:76:85:a6:7e:33:42:0d:34:f6:65:10:b9:39:54:38:
42:57:10:a3:ac:2a:b1:91:d8:a4:1c:6a:93:80:25:d1:79:6e:
28:c1:af:45:03:cc:e9:a4:58:20:fd:13:a7:21:f7:a1:f9:27:
61:19:b6:02:67:10:81:26:34:12:a0:a9:95:96:76:c8:70:ee:
cf:bf:d5:60:34:a2:c8:ce:5f:ce:e0:67:24:8b:26:ef:4a:29:
2c:f0:86:71:25:e8:5a:73:31:1e:c7:6a:31:ca:33:ab:70:35:
51:c2:9e:2f:0e:3d:86:4c:64:2f:1f:b0:78:1a:fc:35:b9:4c:
ce:58:6a:fc:2a:74:87:9c:47:8a:87:bb:07:79:9c:cc:fc:6e:
53:6e:f4:f4:f1:87:8b:e5:5a:91:de:db:78:80:d3:9d:82:52:
97:cc:aa:20:10:0a:b8:b4:7b:88:7b:50:ca:e7:bb:f4:72:14:
ce:b2:a7:b5:95:e3:f6:5e:94:2e:70:ed:9b:3d:5e:a8:d4:b6:
49:ba:da:d6:03:ec:33:b1:b2:02:66:a4:32:e3:b4:a2:4f:4d:
f5:fe:e8:d9:48:89:01:1c:2b:da:50:c6:9a:0b:ab:34:5e:78:
de:e2:30:32:2d:91:72:26:6d:31:a6:bb:89:65:92:3e:b5:72:
70:a0:0f:d7
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYnZU960Yfdq82d2LSRi0EdzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODA5MDgwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTcyNmRjMmNlOWI2NDNiOWFkM2VjNWQ4ZGJmNTYzNGYwMGEwMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwonOctb9YrHJp3CbFMPFJcmz4O9
HURl6DnxaglCddKRE1RCJiKdtQD2K5tHS2/snri78SyOcMv+UlwJmC/a+86IuPve
WYW/471eakNNC/w/J5VRRRd8a01WrCjFlyxf2Yi4JnmVg2acUF9KrDZAc4tmFM+E
gLTClw01mWi8zqlaWqV9U+Se22i2ZUA2fxO+XGbxKYgf6/CF4QoRnyZqLjf+uhUF
E8qRfXv+J018kzM9o+2hr2kezFztVs5lpdFXnaKtIP636Bs3/QCD9I5kI78PxqhJ
txiMAuXXXbQYouO3M5pcGEQU6t3ltY7HXL+G5RD4qfomRqtZFNMR3n3YFQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFI5ybcLOm2Q7mtPsXY2/VjTwCgL0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvam5KdHdzNmJaRHVhMC14ZGpiOVdOUEFLQXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBCBAIAATA8AwQCVdmkAwQD
VdmwAwQAV3hjAwQAV3j2AwQBV3lsAwQCW1yoAwQAXXtBAwQBXpwEAwQDXpxQAwQA
XpxhMA8EAgACMAkDBwAqABcoAC0wDQYJKoZIhvcNAQELBQADggEBAKce+HaFpn4z
Qg009mUQuTlUOEJXEKOsKrGR2KQcapOAJdF5bijBr0UDzOmkWCD9E6ch96H5J2EZ
tgJnEIEmNBKgqZWWdshw7s+/1WA0osjOX87gZySLJu9KKSzwhnEl6FpzMR7HajHK
M6twNVHCni8OPYZMZC8fsHga/DW5TM5YavwqdIecR4qHuwd5nMz8blNu9PTxh4vl
WpHe23iA052CUpfMqiAQCri0e4h7UMrnu/RyFM6yp7WV4/ZelC5w7Zs9XqjUtkm6
2tYD7DOxsgJmpDLjtKJPTfX+6NlIiQEcK9pQxpoLqzReeN7iMDItkXImbTGmu4ll
kj61cnCgD9c=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:13 2024 by rpki-client on console-ams.rpki-client.org