Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/7jNrMxkrnZI6CNNhp0v0bt2s35o.roa
File: 7jNrMxkrnZI6CNNhp0v0bt2s35o.roa (raw, json)
Hash identifier: v7lmvP/rFZllVJKWItxSWQNmNZDrnmpT+KHd+MljxVA=
Subject key identifier: EE:33:6B:33:19:2B:9D:92:3A:08:D3:61:A7:4B:F4:6E:DD:AC:DF:9A
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 01856BEEC02664267A8C438EB2EDCFC67EFF
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/7jNrMxkrnZI6CNNhp0v0bt2s35o.roa
Signing time: Sun 01 Jan 2023 06:04:46 +0000
ROA not before: Sun 01 Jan 2023 06:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203004
IP address blocks: 92.255.99.0/24 maxlen: 24
89.223.100.0/24 maxlen: 24
2a04:ac00:9::/48 maxlen: 48
2a04:ac00:2::/48 maxlen: 48
2a04:ac00:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:c0:26:64:26:7a:8c:43:8e:b2:ed:cf:c6:7e:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 06:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee336b33192b9d923a08d361a74bf46eddacdf9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c5:b0:5d:22:a2:94:83:f8:2d:53:16:57:9b:
ca:c4:56:f6:6b:ea:7e:08:12:c2:f8:8d:c6:ef:1f:
74:a0:9b:24:9a:f4:0b:c5:d9:b3:23:92:97:20:b3:
cf:db:02:9b:d0:2b:95:0b:7f:dd:fa:65:a5:1c:f4:
54:eb:51:4f:2f:cf:c8:2a:85:6d:ee:ae:de:db:aa:
ea:b5:b7:1f:57:1f:75:54:63:b0:ef:5c:a0:21:90:
34:39:5f:84:1a:f5:39:41:78:b3:2a:5c:9b:3c:14:
2c:d2:72:6b:b8:a9:a3:33:98:42:f3:e3:8e:61:40:
03:72:eb:fe:b4:69:83:d5:9a:8a:f9:80:16:57:48:
64:1f:5e:d5:bf:62:26:35:37:02:75:e1:e9:0d:cc:
af:6c:a7:cf:63:bf:d0:3a:4e:ca:2b:21:81:b4:e0:
63:2c:29:11:14:3f:58:db:45:ff:f7:71:d2:11:cc:
75:16:c5:ea:2a:54:c7:79:4a:e3:4b:00:28:79:ab:
df:81:cb:8a:34:b6:f0:bf:cb:ab:1b:ca:5b:96:65:
c2:df:48:ab:cb:31:a3:fa:80:a2:a0:43:5f:8c:6f:
bb:fd:31:ef:71:cc:91:f2:0b:62:88:ca:6d:61:76:
cd:e3:e8:43:02:6d:b2:ed:5b:3e:8b:96:df:cf:3a:
03:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:33:6B:33:19:2B:9D:92:3A:08:D3:61:A7:4B:F4:6E:DD:AC:DF:9A
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/7jNrMxkrnZI6CNNhp0v0bt2s35o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.100.0/24
92.255.99.0/24
IPv6:
2a04:ac00:2::/48
2a04:ac00:9::-2a04:ac00:a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
15:86:8f:ff:e6:24:55:b1:64:2c:1e:b9:16:f5:5d:f4:47:ef:
ca:5d:21:5c:91:a9:0d:ee:e3:cd:43:f4:30:81:70:74:90:2b:
8d:50:a1:f9:a1:8f:1b:5a:34:b2:c2:f9:53:23:c5:3f:4d:bb:
1d:ed:09:2d:97:3b:41:95:81:f0:2e:0b:b1:3f:7e:de:66:ed:
75:64:0c:83:22:64:b0:8b:46:3b:de:3f:10:2b:81:3c:af:29:
de:ef:64:f5:c3:77:72:16:c1:81:dd:b9:d6:4d:82:42:d1:3d:
9b:14:31:24:e2:1e:0f:70:e5:f7:ec:39:f1:73:f9:13:f7:02:
86:5b:19:96:bc:6e:27:98:e1:6b:a4:43:4a:2f:73:3a:90:c5:
af:b8:95:68:93:9b:a2:08:5a:4c:7c:89:82:ae:27:68:44:96:
8d:99:67:15:01:fe:db:00:09:14:7f:12:19:26:ab:af:43:52:
26:0c:74:87:f0:bf:b8:52:c7:d9:68:b3:08:d6:b4:f3:fe:c6:
ee:21:09:15:38:d6:2b:fa:ec:e4:30:cb:6f:47:4f:d1:c6:85:
c0:94:0f:74:ad:76:93:c6:64:f8:cf:dd:49:01:68:72:f6:0c:
fa:14:3f:07:30:f5:5c:90:ba:d0:ac:d8:3c:a1:dd:1f:d8:f0:
a3:08:42:31
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVr7sAmZCZ6jEOOsu3Pxn7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTMzNmIzMzE5MmI5ZDkyM2EwOGQzNjFhNzRiZjQ2ZWRkYWNkZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycWwXSKilIP4LVMWV5vKxFb2a+p+
CBLC+I3G7x90oJskmvQLxdmzI5KXILPP2wKb0CuVC3/d+mWlHPRU61FPL8/IKoVt
7q7e26rqtbcfVx91VGOw71ygIZA0OV+EGvU5QXizKlybPBQs0nJruKmjM5hC8+OO
YUADcuv+tGmD1ZqK+YAWV0hkH17Vv2ImNTcCdeHpDcyvbKfPY7/QOk7KKyGBtOBj
LCkRFD9Y20X/93HSEcx1FsXqKlTHeUrjSwAoeavfgcuKNLbwv8urG8pblmXC30ir
yzGj+oCioENfjG+7/THvccyR8gtiiMptYXbN4+hDAm2y7Vs+i5bfzzoDpwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFO4zazMZK52SOgjTYadL9G7drN+aMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvN2pOck14a3JuWkk2Q05OaHAwdjBidDJzMzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQAWd9kAwQA
XP9jMCMEAgACMB0DBwAqBKwAAAIwEgMHACoErAAACQMHACoErAAACjANBgkqhkiG
9w0BAQsFAAOCAQEAFYaP/+YkVbFkLB65FvVd9Efvyl0hXJGpDe7jzUP0MIFwdJAr
jVCh+aGPG1o0ssL5UyPFP027He0JLZc7QZWB8C4LsT9+3mbtdWQMgyJksItGO94/
ECuBPK8p3u9k9cN3chbBgd251k2CQtE9mxQxJOIeD3Dl9+w58XP5E/cChlsZlrxu
J5jha6RDSi9zOpDFr7iVaJOboghaTHyJgq4naESWjZlnFQH+2wAJFH8SGSarr0NS
Jgx0h/C/uFLH2WizCNa08/7G7iEJFTjWK/rs5DDLb0dP0caFwJQPdK12k8Zk+M/d
SQFocvYM+hQ/BzD1XJC60KzYPKHdH9jwowhCMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org