Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JDWRONUUpjYS0x5hjp2mZBN94l0.roa
File: JDWRONUUpjYS0x5hjp2mZBN94l0.roa (raw, json)
Hash identifier: 6dQYv2Ii7UbC7FI1b4AHvkHKzsm8Icb9aNTPf3EXyb0=
Subject key identifier: 24:35:91:38:D5:14:A6:36:12:D3:1E:61:8E:9D:A6:64:13:7D:E2:5D
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018571E7A5E297F6930100AEDABEBCBD996F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JDWRONUUpjYS0x5hjp2mZBN94l0.roa
Signing time: Mon 02 Jan 2023 09:54:44 +0000
ROA not before: Mon 02 Jan 2023 09:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 88.209.249.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jan 2023 08:34:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e7:a5:e2:97:f6:93:01:00:ae:da:be:bc:bd:99:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 2 09:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24359138d514a63612d31e618e9da664137de25d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a2:34:8a:1e:58:68:b2:47:b3:aa:dc:75:89:
c0:70:53:cc:d4:4e:73:fc:8c:b7:fb:e9:e6:c0:e9:
3e:c0:5d:dc:99:ff:f6:54:97:54:9f:a9:4a:30:09:
9b:b1:58:86:c5:50:48:28:6a:af:e7:e6:8b:31:5e:
be:7e:4c:e1:bb:17:7e:6c:89:b6:06:1b:35:ab:e2:
8b:0c:b8:af:ee:bb:95:c1:de:19:f1:5d:c2:ca:be:
32:ab:26:b9:8e:88:ca:cb:d9:5b:e4:65:99:63:57:
a4:4d:03:e0:ff:9f:9b:2c:05:d5:3e:d1:92:cf:95:
29:31:65:8d:d5:99:89:21:4a:d1:f1:fe:a2:5a:c2:
c8:b0:1d:7a:bb:b6:b9:d3:bb:a3:72:ed:eb:d2:d7:
e2:c1:41:95:3e:09:0e:78:ab:7d:54:cb:d1:e6:97:
54:6f:73:f8:4d:00:59:86:4c:36:6e:0e:71:d9:cc:
ec:0c:cb:e1:ef:19:d3:fb:61:2c:41:03:ae:be:1b:
03:bf:ee:d1:3d:aa:86:46:46:cc:15:9f:24:cf:f8:
b2:c1:76:b8:93:9e:28:5f:e2:9b:5e:e7:b6:ba:57:
07:ac:c2:09:63:da:e1:4e:33:38:6f:97:3c:29:7d:
25:72:b9:4b:ad:d1:28:1d:e8:77:88:ea:e1:bb:c0:
a7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:35:91:38:D5:14:A6:36:12:D3:1E:61:8E:9D:A6:64:13:7D:E2:5D
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JDWRONUUpjYS0x5hjp2mZBN94l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.201.0/24
88.209.249.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:eb:81:e9:d8:ca:a8:30:85:0e:ed:66:b2:9a:ad:d8:93:35:
7b:c2:48:40:4a:f7:0d:31:b6:be:b4:1f:68:19:f5:23:19:7d:
9f:c9:c9:e4:f7:9c:84:18:6e:67:82:87:b2:5d:1a:b1:e3:84:
0d:b9:c9:56:8e:77:d7:8b:c6:17:dc:f5:a6:14:86:35:1d:0a:
52:31:5e:d2:e0:42:a7:5d:d6:c9:43:b6:65:40:25:04:f3:27:
f1:da:87:24:32:10:45:23:67:5e:5a:1a:05:05:ba:04:0a:9e:
71:39:fa:ff:a0:9c:f7:e0:29:1f:d4:4a:ee:b9:78:3f:91:b6:
16:7f:1f:c6:fc:9e:15:e8:7b:e2:44:8d:ff:cc:0e:46:8a:a2:
76:19:fd:40:a7:b9:b6:b1:03:32:6c:45:77:b3:64:3e:7b:ad:
e1:58:43:c9:6a:90:00:30:b6:61:a9:30:b7:fa:bf:0f:32:d9:
89:a7:6d:77:d6:3a:bc:b8:00:97:07:7e:ab:1d:f2:46:7f:63:
1e:1d:d8:05:4b:5a:e5:9c:e3:39:4e:c1:6a:f2:79:65:06:c4:
41:fc:b7:f5:94:80:67:f5:da:54:fa:bc:ed:3b:18:60:65:b4:
17:cf:77:72:df:b8:3e:a4:b3:09:b2:2b:a9:8f:4a:8a:23:3e:
79:06:a7:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx56Xil/aTAQCu2r68vZlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAyMDk1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDM1OTEzOGQ1MTRhNjM2MTJkMzFlNjE4ZTlkYTY2NDEzN2RlMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqI0ih5YaLJHs6rcdYnAcFPM1E5z
/Iy3++nmwOk+wF3cmf/2VJdUn6lKMAmbsViGxVBIKGqv5+aLMV6+fkzhuxd+bIm2
Bhs1q+KLDLiv7ruVwd4Z8V3Cyr4yqya5jojKy9lb5GWZY1ekTQPg/5+bLAXVPtGS
z5UpMWWN1ZmJIUrR8f6iWsLIsB16u7a507ujcu3r0tfiwUGVPgkOeKt9VMvR5pdU
b3P4TQBZhkw2bg5x2czsDMvh7xnT+2EsQQOuvhsDv+7RPaqGRkbMFZ8kz/iywXa4
k54oX+KbXue2ulcHrMIJY9rhTjM4b5c8KX0lcrlLrdEoHeh3iOrhu8CnDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCQ1kTjVFKY2EtMeYY6dpmQTfeJdMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSkRXUk9OVVVwallTMHg1aGpwMm1aQk45NGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHJAwQA
WNH5MA0GCSqGSIb3DQEBCwUAA4IBAQCq64Hp2MqoMIUO7Waymq3YkzV7wkhASvcN
Mba+tB9oGfUjGX2fycnk95yEGG5ngoeyXRqx44QNuclWjnfXi8YX3PWmFIY1HQpS
MV7S4EKnXdbJQ7ZlQCUE8yfx2ockMhBFI2deWhoFBboECp5xOfr/oJz34Ckf1Eru
uXg/kbYWfx/G/J4V6HviRI3/zA5GiqJ2Gf1Ap7m2sQMybEV3s2Q+e63hWEPJapAA
MLZhqTC3+r8PMtmJp2131jq8uACXB36rHfJGf2MeHdgFS1rlnOM5TsFq8nllBsRB
/Lf1lIBn9dpU+rztOxhgZbQXz3dy37g+pLMJsiupj0qKIz55BqeQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org