Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/JNtBCtMHUaFYCx86F_LKpHrWc2U.roa
File: JNtBCtMHUaFYCx86F_LKpHrWc2U.roa (raw, json)
Hash identifier: HvGdVPgYpy75xhui3H6f+zhn1pXeRCbkdscPNO9dAR8=
Subject key identifier: 24:DB:41:0A:D3:07:51:A1:58:0B:1F:3A:17:F2:CA:A4:7A:D6:73:65
Certificate issuer: /CN=c017a4a82172b206afee1c13d296ee260385b571
Certificate serial: 018CC56EFD49C5C1D975C9A21BF0B58728CB
Authority key identifier: C0:17:A4:A8:21:72:B2:06:AF:EE:1C:13:D2:96:EE:26:03:85:B5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wBekqCFysgav7hwT0pbuJgOFtXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/JNtBCtMHUaFYCx86F_LKpHrWc2U.roa
Signing time: Mon 01 Jan 2024 14:30:34 +0000
ROA not before: Mon 01 Jan 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200874
IP address blocks: 185.89.116.0/22 maxlen: 24
2a03:8320::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 27 Mar 2024 14:42:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:fd:49:c5:c1:d9:75:c9:a2:1b:f0:b5:87:28:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c017a4a82172b206afee1c13d296ee260385b571
Validity
Not Before: Jan 1 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24db410ad30751a1580b1f3a17f2caa47ad67365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b4:13:85:41:a6:cd:31:83:6f:7c:47:a3:95:
b0:cd:7a:d1:1d:22:9f:53:9a:e2:59:87:72:39:fb:
78:c8:79:5e:5f:6c:5f:86:cf:ad:62:3c:c0:48:a8:
ad:8d:7f:3e:a7:92:33:45:2e:b0:ae:96:34:07:cf:
69:12:d4:73:f1:75:69:75:cf:1c:63:0b:6a:9a:57:
bc:91:e4:7a:ca:bd:06:e1:b3:ea:bc:88:11:cf:5b:
c5:42:e0:6e:bf:cd:7b:03:b9:7d:11:b4:43:08:2d:
61:ac:11:b0:67:9e:7c:33:ee:40:22:7f:a6:f2:49:
e9:a4:d7:af:52:10:41:26:60:3e:a2:ed:08:5f:3e:
c9:9f:97:95:25:95:be:a6:f7:08:de:59:7b:e2:08:
0b:dd:f8:7a:2e:95:03:af:85:5b:85:be:4f:e6:a8:
97:6a:3d:7f:1d:75:6b:7f:f5:eb:35:a9:e1:13:8d:
a0:aa:44:2d:84:3a:dd:dd:54:c8:52:3d:31:00:58:
b9:53:23:26:9b:b0:3b:ec:44:f7:bc:9f:c2:fc:59:
13:5e:bf:b0:e3:81:88:86:3a:50:f0:c2:77:1a:38:
60:4c:24:b2:a6:d4:4c:f5:8a:ef:5c:06:ee:b2:93:
31:f3:b0:71:8c:4d:1f:d3:01:01:4f:38:27:86:dc:
40:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DB:41:0A:D3:07:51:A1:58:0B:1F:3A:17:F2:CA:A4:7A:D6:73:65
X509v3 Authority Key Identifier:
keyid:C0:17:A4:A8:21:72:B2:06:AF:EE:1C:13:D2:96:EE:26:03:85:B5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBekqCFysgav7hwT0pbuJgOFtXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/JNtBCtMHUaFYCx86F_LKpHrWc2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/wBekqCFysgav7hwT0pbuJgOFtXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.116.0/22
IPv6:
2a03:8320::/32
Signature Algorithm: sha256WithRSAEncryption
61:d7:b5:fc:9f:78:cb:db:8a:54:7b:1d:d5:4a:d8:a9:6f:58:
e2:54:51:60:ee:f6:44:c1:2b:12:f7:a3:ac:58:4c:2f:24:fe:
dc:53:d7:2a:6d:85:56:a2:b4:60:e2:25:81:c4:4a:bf:01:0d:
4c:42:05:68:06:66:b1:f2:ab:8c:48:1d:5e:80:a7:05:f9:54:
f5:29:6f:2d:44:34:de:be:0d:20:81:6e:c9:4c:2f:09:7c:9f:
2f:1a:65:52:57:3f:3f:66:52:2c:10:e7:00:77:a7:8d:63:51:
31:b0:2e:be:b1:2a:59:17:86:54:e2:87:3d:87:b9:bb:3d:6d:
44:c6:b1:65:e3:d5:d4:0e:83:77:af:14:b7:3e:2c:04:56:58:
6e:ce:9c:dc:53:e7:15:f5:b9:0d:8e:4c:76:56:35:ec:13:25:
68:6a:a1:a0:1b:3b:83:b7:69:04:0a:e1:67:68:67:00:8c:6b:
88:fe:5d:fb:c4:f4:06:29:f0:f3:c7:69:80:16:05:66:1b:6a:
be:3b:3b:10:ce:6d:0e:8a:b6:67:27:6c:d3:0f:23:f4:39:87:
75:5f:74:38:4a:c9:87:b1:a4:5c:e4:f7:3c:b4:1f:6d:bb:91:
6d:fe:b0:c9:f1:b8:6f:fb:63:ee:52:36:bc:71:e5:e3:d3:d1:
5d:6f:ef:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbv1JxcHZdcmiG/C1hyjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMTdhNGE4MjE3MmIyMDZhZmVlMWMxM2QyOTZlZTI2MDM4
NWI1NzEwHhcNMjQwMTAxMTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGRiNDEwYWQzMDc1MWExNTgwYjFmM2ExN2YyY2FhNDdhZDY3MzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubQThUGmzTGDb3xHo5WwzXrRHSKf
U5riWYdyOft4yHleX2xfhs+tYjzASKitjX8+p5IzRS6wrpY0B89pEtRz8XVpdc8c
Ywtqmle8keR6yr0G4bPqvIgRz1vFQuBuv817A7l9EbRDCC1hrBGwZ558M+5AIn+m
8knppNevUhBBJmA+ou0IXz7Jn5eVJZW+pvcI3ll74ggL3fh6LpUDr4Vbhb5P5qiX
aj1/HXVrf/XrNanhE42gqkQthDrd3VTIUj0xAFi5UyMmm7A77ET3vJ/C/FkTXr+w
44GIhjpQ8MJ3GjhgTCSyptRM9YrvXAbuspMx87BxjE0f0wEBTzgnhtxAQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCTbQQrTB1GhWAsfOhfyyqR61nNlMB8GA1UdIwQY
MBaAFMAXpKghcrIGr+4cE9KW7iYDhbVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0Jla3FDRnlzZ2F2N2h3VDBwYnVKZ09GdFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8zMzA1MWQtYzJhMC00YWM3LWI3ZjMt
OTBhZGVjODVkZDg1LzEvSk50QkN0TUhVYUZZQ3g4NkZfTEtwSHJXYzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8zMzA1MWQtYzJhMC00YWM3LWI3ZjMtOTBhZGVjODVkZDg1
LzEvd0Jla3FDRnlzZ2F2N2h3VDBwYnVKZ09GdFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVl0MA0E
AgACMAcDBQAqA4MgMA0GCSqGSIb3DQEBCwUAA4IBAQBh17X8n3jL24pUex3VStip
b1jiVFFg7vZEwSsS96OsWEwvJP7cU9cqbYVWorRg4iWBxEq/AQ1MQgVoBmax8quM
SB1egKcF+VT1KW8tRDTevg0ggW7JTC8JfJ8vGmVSVz8/ZlIsEOcAd6eNY1ExsC6+
sSpZF4ZU4oc9h7m7PW1ExrFl49XUDoN3rxS3PiwEVlhuzpzcU+cV9bkNjkx2VjXs
EyVoaqGgGzuDt2kECuFnaGcAjGuI/l37xPQGKfDzx2mAFgVmG2q+OzsQzm0OirZn
J2zTDyP0OYd1X3Q4SsmHsaRc5Pc8tB9tu5Ft/rDJ8bhv+2PuUja8ceXj09Fdb+8t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:20 2024 by rpki-client on console-fra.rpki-client.org