Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/JYkxs_9xoFZXgxkZiHFtqpKAkb4.roa
File: JYkxs_9xoFZXgxkZiHFtqpKAkb4.roa (raw, json)
Hash identifier: qgBKG1lWjlf2/vmYwuLYdwEQkBhQbR0frhNKmDshclE=
Subject key identifier: 25:89:31:B3:FF:71:A0:56:57:83:19:19:88:71:6D:AA:92:80:91:BE
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 018BF0EA7E82764FF8CC3626644CB5FAF275
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/JYkxs_9xoFZXgxkZiHFtqpKAkb4.roa
Signing time: Tue 21 Nov 2023 08:06:21 +0000
ROA not before: Tue 21 Nov 2023 08:06:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199739
IP address blocks: 185.141.11.0/24 maxlen: 24
185.141.10.0/24 maxlen: 24
185.141.9.0/24 maxlen: 24
109.224.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:ea:7e:82:76:4f:f8:cc:36:26:64:4c:b5:fa:f2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Nov 21 08:06:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=258931b3ff71a0565783191988716daa928091be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f6:e8:01:2d:4e:1c:fd:f9:58:28:b2:1c:15:
b7:38:00:5f:58:b0:50:1b:da:05:38:83:83:81:92:
59:11:d3:80:72:bc:c7:9f:59:e6:7a:90:05:5f:e3:
5e:c8:27:d3:1e:2d:7c:de:50:8f:37:9a:8d:9b:eb:
06:81:3f:77:29:78:2c:2a:86:e5:7d:b3:24:0a:79:
b9:86:77:1f:dc:91:f1:28:48:bb:95:89:dc:ac:46:
5e:cd:50:81:6a:28:8a:89:5f:75:a1:38:07:3d:26:
72:4d:ee:53:b1:a9:b4:4f:68:36:1e:76:fc:86:62:
cd:5b:59:2e:92:f8:dc:cc:c6:17:10:78:46:b6:d0:
5c:6a:59:b5:af:2f:4a:5f:61:5d:68:b5:20:8b:e9:
8c:62:69:72:ca:7f:76:2a:ae:ac:10:4d:76:e8:26:
fc:d8:e1:cf:e5:0b:79:ae:b7:31:22:37:8e:c9:e3:
db:2b:70:52:e0:f1:4f:3a:40:50:01:59:25:32:a3:
96:9c:b0:aa:68:11:b6:f3:1d:11:dc:f3:8d:e2:9b:
29:e9:d1:bf:99:da:e9:31:45:42:bc:d1:db:83:98:
6b:1a:e6:c5:b9:39:c7:3b:99:d6:a1:ac:47:a1:fa:
07:ac:5f:11:78:b0:6b:b0:50:20:d8:f4:44:28:c1:
8b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:89:31:B3:FF:71:A0:56:57:83:19:19:88:71:6D:AA:92:80:91:BE
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/JYkxs_9xoFZXgxkZiHFtqpKAkb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.32.0/24
185.141.9.0-185.141.11.255
Signature Algorithm: sha256WithRSAEncryption
00:1f:17:97:d6:06:de:53:7f:91:db:af:5d:eb:14:0c:e8:64:
48:fc:66:54:e7:32:9f:6c:4e:13:90:f0:03:b2:aa:f8:05:84:
0a:34:10:f5:84:9d:f6:8c:bc:88:3a:dd:8b:b7:b4:10:5e:6f:
1a:75:70:14:77:dc:95:ce:7e:85:e0:a9:6b:0e:de:e1:48:fe:
c6:01:9f:5e:44:8e:e3:1d:49:77:63:1b:79:67:eb:53:29:9c:
8a:fc:b0:f8:27:de:a0:d1:f9:5b:c0:31:7d:e8:cd:55:44:90:
d8:a6:25:00:07:36:24:98:37:e1:80:a5:22:e6:d6:68:47:1d:
63:45:6d:90:53:91:41:91:a6:e1:7f:45:b1:ba:36:df:62:98:
58:48:94:b4:7d:f8:bc:5f:76:02:89:33:fc:c4:8a:e8:9a:e2:
fc:ff:28:5c:62:92:74:b3:3f:94:51:fc:1e:25:33:4c:ac:58:
6b:64:a0:bf:a2:8e:36:5e:59:44:3c:5a:bc:1d:a3:d5:4d:91:
18:6b:6f:48:6c:32:80:6a:f4:f9:0b:88:b7:67:fb:a6:6d:1e:
c4:86:e0:03:0b:3d:ff:26:2e:9b:97:4f:53:91:b3:04:7e:73:
d2:de:2f:e8:c2:2c:79:d0:e6:3e:49:de:da:6f:bc:0a:63:f3:
b2:32:c3:6e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYvw6n6Cdk/4zDYmZEy1+vJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjMxMTIxMDgwNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTg5MzFiM2ZmNzFhMDU2NTc4MzE5MTk4ODcxNmRhYTkyODA5MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/boAS1OHP35WCiyHBW3OABfWLBQ
G9oFOIODgZJZEdOAcrzHn1nmepAFX+NeyCfTHi183lCPN5qNm+sGgT93KXgsKobl
fbMkCnm5hncf3JHxKEi7lYncrEZezVCBaiiKiV91oTgHPSZyTe5Tsam0T2g2Hnb8
hmLNW1kukvjczMYXEHhGttBcalm1ry9KX2FdaLUgi+mMYmlyyn92Kq6sEE126Cb8
2OHP5Qt5rrcxIjeOyePbK3BS4PFPOkBQAVklMqOWnLCqaBG28x0R3PON4psp6dG/
mdrpMUVCvNHbg5hrGubFuTnHO5nWoaxHofoHrF8ReLBrsFAg2PREKMGL/QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCWJMbP/caBWV4MZGYhxbaqSgJG+MB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvSllreHNfOXhvRlpYZ3hrWmlIRnRxcEtBa2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAbeAgMAwD
BAC5jQkDBAK5jQgwDQYJKoZIhvcNAQELBQADggEBAAAfF5fWBt5Tf5Hbr13rFAzo
ZEj8ZlTnMp9sThOQ8AOyqvgFhAo0EPWEnfaMvIg63Yu3tBBebxp1cBR33JXOfoXg
qWsO3uFI/sYBn15EjuMdSXdjG3ln61MpnIr8sPgn3qDR+VvAMX3ozVVEkNimJQAH
NiSYN+GApSLm1mhHHWNFbZBTkUGRpuF/RbG6Nt9imFhIlLR9+LxfdgKJM/zEiuia
4vz/KFxiknSzP5RR/B4lM0ysWGtkoL+ijjZeWUQ8Wrwdo9VNkRhrb0hsMoBq9PkL
iLdn+6ZtHsSG4AMLPf8mLpuXT1ORswR+c9LeL+jCLHnQ5j5J3tpvvApj87Iyw24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:11 2024 by rpki-client on console-fra.rpki-client.org