Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/c078fd-d2b6-46ba-a6ba-44c3b75d3f33/1/jWM6I8CJSpiHB_zENb8hA2jizMA.roa
File: jWM6I8CJSpiHB_zENb8hA2jizMA.roa (raw, json)
Hash identifier: quN096a1/cH+0ldTHNC5EhNgfE4LS69R2m3edpfRR74=
Subject key identifier: 8D:63:3A:23:C0:89:4A:98:87:07:FC:C4:35:BF:21:03:68:E2:CC:C0
Certificate issuer: /CN=9d2d86c028bfc38e875455cf82689a36265302c2
Certificate serial: 01856F5DBC58B38B8CE365445204649E01DC
Authority key identifier: 9D:2D:86:C0:28:BF:C3:8E:87:54:55:CF:82:68:9A:36:26:53:02:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nS2GwCi_w46HVFXPgmiaNiZTAsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/c078fd-d2b6-46ba-a6ba-44c3b75d3f33/1/jWM6I8CJSpiHB_zENb8hA2jizMA.roa
Signing time: Sun 01 Jan 2023 22:04:52 +0000
ROA not before: Sun 01 Jan 2023 22:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205321
IP address blocks: 185.217.248.0/22 maxlen: 24
2a0c:af00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:bc:58:b3:8b:8c:e3:65:44:52:04:64:9e:01:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2d86c028bfc38e875455cf82689a36265302c2
Validity
Not Before: Jan 1 22:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d633a23c0894a988707fcc435bf210368e2ccc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a7:74:bf:3c:9e:e4:23:ad:25:a3:a9:c6:da:
b7:01:aa:0f:c5:5f:44:91:b4:af:be:2b:de:7f:27:
fc:21:97:cf:f8:07:97:e8:7f:64:39:76:9c:a5:72:
62:d7:79:99:7b:d4:ef:20:37:d2:15:cd:7d:47:d8:
dc:f7:81:4b:8d:5f:16:1c:3e:d8:b2:9f:bd:bb:a7:
6f:cb:4a:d3:ec:ff:27:29:bb:f8:09:e3:1b:db:7a:
2f:00:2a:00:2c:1a:f2:7c:d3:f7:3d:54:3e:10:70:
0c:b9:8b:4c:1e:48:09:90:96:c6:b2:ff:45:7f:db:
1c:01:a1:1e:3a:00:54:04:67:5b:3b:d8:95:9d:66:
f1:22:3d:0f:be:2e:30:4a:59:b0:ad:11:f3:ea:4a:
61:12:0e:50:03:8f:81:38:3d:6b:c1:ea:0d:cb:4d:
28:0c:ef:d3:1c:7b:a3:5d:9f:23:49:b7:1a:eb:f3:
8e:d7:0b:73:f7:ca:45:00:a1:6e:80:d6:4a:70:b0:
b4:ac:83:e2:9b:e2:08:c3:d6:af:ef:a1:77:c9:76:
07:fb:f0:c1:48:e0:cd:60:e2:2a:3f:b6:ba:31:1e:
8d:c3:6f:25:67:d2:50:e5:d1:d7:ab:7d:6a:22:bb:
db:c8:88:c6:17:e4:71:2c:56:a4:97:2f:dc:1d:04:
2e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:63:3A:23:C0:89:4A:98:87:07:FC:C4:35:BF:21:03:68:E2:CC:C0
X509v3 Authority Key Identifier:
keyid:9D:2D:86:C0:28:BF:C3:8E:87:54:55:CF:82:68:9A:36:26:53:02:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nS2GwCi_w46HVFXPgmiaNiZTAsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c078fd-d2b6-46ba-a6ba-44c3b75d3f33/1/jWM6I8CJSpiHB_zENb8hA2jizMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c078fd-d2b6-46ba-a6ba-44c3b75d3f33/1/nS2GwCi_w46HVFXPgmiaNiZTAsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.248.0/22
IPv6:
2a0c:af00::/29
Signature Algorithm: sha256WithRSAEncryption
2d:d2:f5:e9:c4:44:28:28:d5:d3:c8:28:15:db:70:d6:24:ec:
39:55:f2:4b:77:9f:d7:64:29:d9:ca:76:48:3d:30:7d:28:b4:
95:6f:b6:82:24:27:29:9f:8f:c3:95:ff:0e:93:9d:6c:54:6f:
02:ec:2e:6a:63:d4:d9:5b:de:45:29:bd:c6:51:9e:45:88:c5:
15:7e:34:69:f4:60:41:12:8b:9f:42:04:4e:35:4b:56:35:78:
6a:38:b1:1c:02:7f:5e:80:2f:33:4b:44:76:bd:96:5a:b1:2a:
88:cc:7d:13:a9:41:d5:db:45:70:1f:ed:5c:97:a8:ab:22:e7:
a4:eb:17:97:88:90:9e:91:2b:c8:0f:9c:c2:34:c5:e4:be:ff:
b5:fb:d9:e1:2a:0b:f3:4b:b7:11:0e:f7:f8:54:8e:d7:6d:80:
02:e1:a0:06:67:ba:a4:bb:74:32:64:2c:f8:51:b9:c7:09:e4:
4e:9c:8f:1b:86:12:2e:dc:25:8a:72:08:02:91:cc:77:66:e5:
bd:e9:37:59:84:59:18:37:55:a2:25:bc:7a:f7:ff:5f:b0:09:
95:2a:69:3e:ea:fd:db:d8:1e:11:6f:99:72:15:1c:a7:4e:3b:
f7:55:0d:c9:6b:57:38:0c:ef:ba:91:7e:ea:9f:68:d4:15:4c:
3e:b5:5e:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvXbxYs4uM42VEUgRkngHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmQ4NmMwMjhiZmMzOGU4NzU0NTVjZjgyNjg5YTM2MjY1
MzAyYzIwHhcNMjMwMTAxMjIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDYzM2EyM2MwODk0YTk4ODcwN2ZjYzQzNWJmMjEwMzY4ZTJjY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6d0vzye5COtJaOpxtq3AaoPxV9E
kbSvvivefyf8IZfP+AeX6H9kOXacpXJi13mZe9TvIDfSFc19R9jc94FLjV8WHD7Y
sp+9u6dvy0rT7P8nKbv4CeMb23ovACoALBryfNP3PVQ+EHAMuYtMHkgJkJbGsv9F
f9scAaEeOgBUBGdbO9iVnWbxIj0Pvi4wSlmwrRHz6kphEg5QA4+BOD1rweoNy00o
DO/THHujXZ8jSbca6/OO1wtz98pFAKFugNZKcLC0rIPim+IIw9av76F3yXYH+/DB
SODNYOIqP7a6MR6Nw28lZ9JQ5dHXq31qIrvbyIjGF+RxLFakly/cHQQuNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI1jOiPAiUqYhwf8xDW/IQNo4szAMB8GA1UdIwQY
MBaAFJ0thsAov8OOh1RVz4JomjYmUwLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblMyR3dDaV93NDZIVkZYUGdtaWFOaVpUQXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9jMDc4ZmQtZDJiNi00NmJhLWE2YmEt
NDRjM2I3NWQzZjMzLzEvaldNNkk4Q0pTcGlIQl96RU5iOGhBMmppek1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9jMDc4ZmQtZDJiNi00NmJhLWE2YmEtNDRjM2I3NWQzZjMz
LzEvblMyR3dDaV93NDZIVkZYUGdtaWFOaVpUQXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudn4MA0E
AgACMAcDBQMqDK8AMA0GCSqGSIb3DQEBCwUAA4IBAQAt0vXpxEQoKNXTyCgV23DW
JOw5VfJLd5/XZCnZynZIPTB9KLSVb7aCJCcpn4/Dlf8Ok51sVG8C7C5qY9TZW95F
Kb3GUZ5FiMUVfjRp9GBBEoufQgRONUtWNXhqOLEcAn9egC8zS0R2vZZasSqIzH0T
qUHV20VwH+1cl6irIuek6xeXiJCekSvID5zCNMXkvv+1+9nhKgvzS7cRDvf4VI7X
bYAC4aAGZ7qku3QyZCz4UbnHCeROnI8bhhIu3CWKcggCkcx3ZuW96TdZhFkYN1Wi
Jbx69/9fsAmVKmk+6v3b2B4Rb5lyFRynTjv3VQ3Ja1c4DO+6kX7qn2jUFUw+tV6+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:59 2024 by rpki-client on console-fra.rpki-client.org