Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/jIoXjdZ8Vhvv4kxVwhVkUgtraGw.roa
File: jIoXjdZ8Vhvv4kxVwhVkUgtraGw.roa (raw, json)
Hash identifier: E4lPjuaEzQFRLRuBjnstSfsPwIr0UcQll1zgb3s1pFI=
Subject key identifier: 8C:8A:17:8D:D6:7C:56:1B:EF:E2:4C:55:C2:15:64:52:0B:6B:68:6C
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018573438BB2FA8B481A19EE3C4F93DF5FCA
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/jIoXjdZ8Vhvv4kxVwhVkUgtraGw.roa
Signing time: Mon 02 Jan 2023 16:14:44 +0000
ROA not before: Mon 02 Jan 2023 16:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200185
IP address blocks: 89.36.216.0/22 maxlen: 24
94.177.244.0/22 maxlen: 24
86.105.48.0/21 maxlen: 24
217.61.0.0/21 maxlen: 24
89.40.116.0/22 maxlen: 24
89.40.124.0/22 maxlen: 24
194.182.104.0/22 maxlen: 24
94.177.224.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:8b:b2:fa:8b:48:1a:19:ee:3c:4f:93:df:5f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 2 16:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c8a178dd67c561befe24c55c21564520b6b686c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e6:4f:30:6f:d9:4c:29:dc:b7:ca:ce:3c:e5:
36:de:8c:9e:52:f4:f3:f6:1b:58:a0:4c:03:68:d4:
44:56:04:b0:42:56:38:b5:4d:9e:40:b6:4c:81:61:
17:ca:1f:14:c2:48:a9:0b:20:c0:27:f7:39:01:08:
e8:12:c7:62:bd:c2:2e:a4:ad:65:7b:08:e4:9b:d1:
9b:da:3e:bf:d7:99:20:cd:4d:d0:2a:ff:3c:63:39:
5d:56:6f:75:85:c8:62:48:c0:46:a9:7d:49:b8:e2:
65:15:4a:18:b0:ef:9e:52:e5:2a:f8:62:a5:44:9b:
e5:08:78:74:33:bd:4e:5f:9e:d1:fb:82:20:ac:4f:
3e:b8:fb:ec:a9:b2:4d:d8:96:3e:d8:6a:12:33:fa:
8c:0d:58:9f:8f:e7:d6:a4:1f:d9:88:8d:52:8d:d7:
15:4b:02:f1:f3:32:c7:07:59:4c:33:93:a4:ee:8f:
9e:1c:97:27:46:82:50:34:29:a6:10:d8:29:05:fa:
dd:59:86:9a:64:3a:c3:f9:b9:49:db:d3:a0:25:e7:
49:6b:38:2e:c0:99:52:56:56:e2:8a:78:65:48:f3:
6d:7e:b6:98:07:21:90:d0:5c:1a:c8:70:d9:92:d3:
e6:6e:87:49:11:68:1c:4e:fe:bf:c6:62:ec:ad:f1:
98:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8A:17:8D:D6:7C:56:1B:EF:E2:4C:55:C2:15:64:52:0B:6B:68:6C
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/jIoXjdZ8Vhvv4kxVwhVkUgtraGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.48.0/21
89.36.216.0/22
89.40.116.0/22
89.40.124.0/22
94.177.224.0/21
94.177.244.0/22
194.182.104.0/22
217.61.0.0/21
Signature Algorithm: sha256WithRSAEncryption
6a:e1:72:5d:96:89:ec:d4:c6:c4:99:0a:08:fc:cb:04:60:78:
8c:11:de:86:08:cf:21:9a:c8:d7:68:6a:1a:ca:08:56:7d:46:
99:58:7e:2f:55:72:5a:4d:42:20:c0:9b:6b:85:f0:a4:19:77:
b9:78:bc:4f:44:ee:3e:85:3f:88:6c:a9:bb:55:15:3b:37:a7:
db:4c:2b:31:50:3b:82:16:aa:6c:1d:03:2a:95:e3:62:ad:75:
05:f2:c1:e0:b1:07:95:56:6e:0d:23:77:79:a9:29:4b:a2:82:
76:b1:4d:41:ba:cc:7c:88:6e:49:5c:96:81:d1:07:82:79:ad:
bb:6f:30:75:10:4c:cb:93:d6:55:c6:88:15:90:ff:8c:58:b3:
fd:7f:ed:6b:fa:d2:e7:7f:83:fa:fd:84:d9:03:a1:f2:7f:cb:
8e:b6:fb:6d:2a:18:86:19:49:8c:5d:08:47:84:8f:c9:5c:89:
32:57:f5:17:84:40:07:47:89:9f:fe:0a:fe:d2:87:a5:cb:2f:
f7:39:d9:e8:74:5c:99:91:f9:fe:90:c8:06:66:30:00:4f:be:
e0:26:12:1f:ca:67:bb:a2:67:bc:4c:c9:53:96:5c:b0:2f:cb:
b5:03:c6:87:72:e3:a1:84:cc:0a:98:ee:50:29:e6:5d:f0:39:
b1:49:47:70
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVzQ4uy+otIGhnuPE+T31/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMwMTAyMTYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzhhMTc4ZGQ2N2M1NjFiZWZlMjRjNTVjMjE1NjQ1MjBiNmI2ODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuZPMG/ZTCnct8rOPOU23oyeUvTz
9htYoEwDaNREVgSwQlY4tU2eQLZMgWEXyh8UwkipCyDAJ/c5AQjoEsdivcIupK1l
ewjkm9Gb2j6/15kgzU3QKv88YzldVm91hchiSMBGqX1JuOJlFUoYsO+eUuUq+GKl
RJvlCHh0M71OX57R+4IgrE8+uPvsqbJN2JY+2GoSM/qMDVifj+fWpB/ZiI1SjdcV
SwLx8zLHB1lMM5Ok7o+eHJcnRoJQNCmmENgpBfrdWYaaZDrD+blJ29OgJedJazgu
wJlSVlbiinhlSPNtfraYByGQ0FwayHDZktPmbodJEWgcTv6/xmLsrfGYJwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIyKF43WfFYb7+JMVcIVZFILa2hsMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvaklvWGpkWjhWaHZ2NGt4VndoVmtVZ3RyYUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDVmkwAwQC
WSTYAwQCWSh0AwQCWSh8AwQDXrHgAwQCXrH0AwQCwrZoAwQD2T0AMA0GCSqGSIb3
DQEBCwUAA4IBAQBq4XJdlons1MbEmQoI/MsEYHiMEd6GCM8hmsjXaGoayghWfUaZ
WH4vVXJaTUIgwJtrhfCkGXe5eLxPRO4+hT+IbKm7VRU7N6fbTCsxUDuCFqpsHQMq
leNirXUF8sHgsQeVVm4NI3d5qSlLooJ2sU1Busx8iG5JXJaB0QeCea27bzB1EEzL
k9ZVxogVkP+MWLP9f+1r+tLnf4P6/YTZA6Hyf8uOtvttKhiGGUmMXQhHhI/JXIky
V/UXhEAHR4mf/gr+0oelyy/3OdnodFyZkfn+kMgGZjAAT77gJhIfyme7ome8TMlT
llywL8u1A8aHcuOhhMwKmO5QKeZd8DmxSUdw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:08 2024 by rpki-client on console-ams.rpki-client.org