Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jjaz6FeN8D_RLEgopQrd7DxuHzM.roa
File: jjaz6FeN8D_RLEgopQrd7DxuHzM.roa (raw, json)
Hash identifier: IUV3l6s3ka4MmewQmzf+Qdh+7CWeLz+qHSt8eA6I3/A=
Subject key identifier: 8E:36:B3:E8:57:8D:F0:3F:D1:2C:48:28:A5:0A:DD:EC:3C:6E:1F:33
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BFB01342BD7EECEF38BB3213133C7D28A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jjaz6FeN8D_RLEgopQrd7DxuHzM.roa
Signing time: Thu 23 Nov 2023 07:07:21 +0000
ROA not before: Thu 23 Nov 2023 07:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142299
IP address blocks: 45.141.26.0/23 maxlen: 23
89.38.101.0/24 maxlen: 24
185.241.210.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:01:34:2b:d7:ee:ce:f3:8b:b3:21:31:33:c7:d2:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 23 07:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e36b3e8578df03fd12c4828a50addec3c6e1f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4d:fb:c6:9b:70:1e:9d:f4:e9:79:58:21:38:
c6:a1:ae:c7:a2:5d:ed:74:5d:07:1c:a6:7d:a0:a9:
78:8e:fb:4d:67:52:f4:ef:00:f0:99:47:57:aa:88:
f4:21:b3:ad:42:10:53:49:eb:bb:00:e5:3a:45:b7:
a4:a4:29:cb:ad:27:6a:73:c0:66:08:65:8c:46:1c:
28:f0:fe:d6:bd:f5:49:24:c9:34:9b:7d:38:a0:a4:
5b:0c:49:60:30:1e:fb:df:06:3d:b6:7c:f3:bc:46:
3e:c1:c7:34:9b:95:00:41:50:5b:1c:27:af:96:52:
1a:b6:66:92:58:32:84:8d:b8:8c:5e:e5:7e:8c:37:
8b:13:12:3f:c4:5a:a6:49:99:f4:4a:0c:47:23:23:
7f:49:22:12:4d:e1:f7:47:43:77:00:d0:26:97:3d:
4c:c9:da:5a:5b:d0:5d:76:f6:19:8b:20:a8:ac:e4:
4a:44:2f:79:6a:db:fb:9d:f4:bc:d0:05:23:54:94:
fa:04:3f:81:8d:3a:10:36:43:68:1f:cc:e0:10:7c:
02:4d:7d:6e:9b:d5:c8:4a:ce:7e:83:9a:89:7a:76:
fd:44:a7:74:7a:19:71:4f:0b:66:69:43:5f:a5:ba:
db:db:54:c9:ea:55:26:a4:9a:88:eb:05:bc:1b:a3:
7e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:B3:E8:57:8D:F0:3F:D1:2C:48:28:A5:0A:DD:EC:3C:6E:1F:33
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jjaz6FeN8D_RLEgopQrd7DxuHzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.26.0/23
89.38.101.0/24
185.241.210.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:8a:d6:bd:17:f3:d7:47:40:96:6c:7f:f3:b2:21:56:17:cf:
26:ee:58:64:ad:49:d1:80:b3:bd:8c:de:f4:4f:3a:d7:3b:1b:
c7:69:ad:79:cc:9b:25:7a:ac:fb:10:ea:5b:80:1d:1f:67:22:
5f:57:59:48:c0:23:77:b2:e9:28:af:73:25:44:97:f6:2b:fe:
d3:bd:e2:a2:47:b1:f6:11:58:87:29:95:b3:03:0e:d6:97:3c:
76:99:66:96:a7:9b:5a:f6:1e:82:d2:9c:de:9e:c0:90:8d:89:
18:7e:13:1a:ef:db:69:2c:ee:70:c3:26:75:9a:f2:eb:e0:67:
f7:fc:e0:a9:be:2c:cd:28:ab:bf:23:86:3e:9b:89:a3:5d:05:
98:c4:2c:1a:4a:45:97:51:8e:5a:ae:b0:37:b3:07:09:48:5e:
98:89:08:7a:80:11:8a:fb:c7:f0:6f:db:76:66:0e:f2:31:c7:
53:12:3f:01:d1:9a:25:d6:08:df:57:1b:7c:cf:c5:06:51:7f:
ab:8e:1c:3d:46:15:b4:c3:a2:f9:0d:4a:c6:aa:89:a3:75:b3:
db:4b:d9:3b:fa:81:8f:d5:3c:46:b4:df:fa:46:e4:b9:01:91:
89:41:f0:c4:1b:bd:f0:4d:5a:50:02:4c:51:99:15:20:22:dd:
57:58:a7:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYv7ATQr1+7O84uzITEzx9KKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTIzMDcwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM2YjNlODU3OGRmMDNmZDEyYzQ4MjhhNTBhZGRlYzNjNmUxZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr037xptwHp306XlYITjGoa7Hol3t
dF0HHKZ9oKl4jvtNZ1L07wDwmUdXqoj0IbOtQhBTSeu7AOU6RbekpCnLrSdqc8Bm
CGWMRhwo8P7WvfVJJMk0m304oKRbDElgMB773wY9tnzzvEY+wcc0m5UAQVBbHCev
llIatmaSWDKEjbiMXuV+jDeLExI/xFqmSZn0SgxHIyN/SSISTeH3R0N3ANAmlz1M
ydpaW9BddvYZiyCorORKRC95atv7nfS80AUjVJT6BD+BjToQNkNoH8zgEHwCTX1u
m9XISs5+g5qJenb9RKd0ehlxTwtmaUNfpbrb21TJ6lUmpJqI6wW8G6N+JQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI42s+hXjfA/0SxIKKUK3ew8bh8zMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvamphejZGZU44RF9STEVnb3BRcmQ3RHh1SHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLY0aAwQA
WSZlAwQAufHSMA0GCSqGSIb3DQEBCwUAA4IBAQArita9F/PXR0CWbH/zsiFWF88m
7lhkrUnRgLO9jN70TzrXOxvHaa15zJsleqz7EOpbgB0fZyJfV1lIwCN3sukor3Ml
RJf2K/7TveKiR7H2EViHKZWzAw7Wlzx2mWaWp5ta9h6C0pzensCQjYkYfhMa79tp
LO5wwyZ1mvLr4Gf3/OCpvizNKKu/I4Y+m4mjXQWYxCwaSkWXUY5arrA3swcJSF6Y
iQh6gBGK+8fwb9t2Zg7yMcdTEj8B0Zol1gjfVxt8z8UGUX+rjhw9RhW0w6L5DUrG
qomjdbPbS9k7+oGP1TxGtN/6RuS5AZGJQfDEG73wTVpQAkxRmRUgIt1XWKca
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org