Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/jjjxltXfYhbLUofK3ZADQiczCp4.roa
File: jjjxltXfYhbLUofK3ZADQiczCp4.roa (raw, json)
Hash identifier: Kn9jMl/7SmKMSv7fdIhWGLmgBHhHusRZ0dMh4nNacKg=
Subject key identifier: 8E:38:F1:96:D5:DF:62:16:CB:52:87:CA:DD:90:03:42:27:33:0A:9E
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 018692C9D2B6BA6092A45787B794C1C355D7
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/jjjxltXfYhbLUofK3ZADQiczCp4.roa
Signing time: Mon 27 Feb 2023 12:12:25 +0000
ROA not before: Mon 27 Feb 2023 12:12:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213354
IP address blocks: 194.62.246.0/23 maxlen: 23
194.62.244.0/23 maxlen: 23
194.15.112.0/24 maxlen: 24
194.15.113.0/24 maxlen: 24
185.248.192.0/23 maxlen: 23
185.248.194.0/23 maxlen: 23
194.26.18.0/24 maxlen: 24
91.228.68.0/22 maxlen: 22
2a11:9c00::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:c9:d2:b6:ba:60:92:a4:57:87:b7:94:c1:c3:55:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Feb 27 12:12:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e38f196d5df6216cb5287cadd90034227330a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c9:5c:07:10:dc:63:22:70:b1:58:86:e0:f4:
05:6f:6c:f3:84:fc:00:84:7a:8f:22:2f:53:90:0c:
ce:65:f5:97:61:29:91:77:a7:8f:b3:b7:aa:e2:31:
ad:56:93:f4:79:ad:70:94:db:0c:17:d6:2b:d8:73:
f7:c9:7a:7b:04:5b:ef:69:8a:b1:33:7d:16:db:8f:
ca:88:30:b1:88:11:1d:a0:1c:55:93:3e:68:c9:60:
e2:3a:f8:8a:92:44:9e:5a:01:76:a1:2b:88:e7:0c:
94:03:8f:c1:6c:50:31:c8:93:06:d1:52:c3:82:a0:
72:3c:53:60:43:9d:8b:8d:34:b2:f1:66:35:fe:47:
c6:4b:00:6e:44:e0:e7:2d:f8:10:3f:c2:83:98:ad:
26:52:3c:91:cc:71:d0:8a:84:23:f5:ed:0f:ef:db:
26:c5:fe:a7:c2:52:74:a6:8d:be:cc:c5:8c:1f:59:
a5:20:fe:81:d9:2b:a0:82:06:cb:e4:25:5c:26:c5:
0b:6a:05:12:8a:3d:b9:9d:a8:ec:1d:cb:04:db:45:
c0:86:cb:61:59:c3:f8:1a:77:0a:63:f1:30:d1:64:
ad:89:09:68:24:78:1f:70:61:c7:a3:52:3f:bd:35:
46:76:d3:b1:9a:aa:63:01:9a:a3:fb:4f:b3:ce:28:
68:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:38:F1:96:D5:DF:62:16:CB:52:87:CA:DD:90:03:42:27:33:0A:9E
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/jjjxltXfYhbLUofK3ZADQiczCp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.68.0/22
185.248.192.0/22
194.15.112.0/23
194.26.18.0/24
194.62.244.0/22
IPv6:
2a11:9c00::/40
Signature Algorithm: sha256WithRSAEncryption
44:ae:bb:80:c4:03:c2:13:8a:b6:67:66:8a:c9:ac:e4:57:62:
a4:24:a1:0f:88:10:59:c7:00:63:9d:eb:18:eb:4d:8d:44:5e:
d9:f2:a7:4f:18:f7:ff:32:e1:41:74:46:23:94:be:f8:29:79:
a3:fe:23:40:37:94:ed:d2:43:8a:2a:08:b6:64:32:86:22:0f:
08:92:e7:3d:fd:63:cf:2a:8a:96:62:b9:c2:a6:cd:96:4d:87:
22:46:ce:47:9d:a2:d6:2c:81:bd:06:c9:00:d5:f0:c5:df:6a:
5f:f7:51:78:20:b0:d6:33:55:c9:a1:1e:01:17:b7:a8:0b:c5:
a0:4f:7e:71:71:cd:8b:d3:fd:9e:e5:a3:4a:8d:70:a6:40:87:
b1:4d:54:69:ca:41:6d:ad:40:f5:b4:03:30:16:c3:b0:84:f2:
32:2b:d2:00:ea:31:0b:da:6e:00:67:5b:78:a6:16:4c:2f:86:
d7:86:d1:1b:32:bc:48:e2:cb:e9:95:65:5a:76:65:25:b6:79:
d6:6c:46:93:5c:79:c8:23:8e:86:e1:ba:a2:d3:3d:d7:e9:70:
a4:ec:31:d8:10:b4:9f:16:80:6a:70:3d:25:0a:3c:d5:6f:19:
9d:02:f0:71:57:57:5c:eb:56:27:f9:60:f3:d8:36:4b:e2:7d:
ea:e4:73:9e
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYaSydK2umCSpFeHt5TBw1XXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMjI3MTIxMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM4ZjE5NmQ1ZGY2MjE2Y2I1Mjg3Y2FkZDkwMDM0MjI3MzMwYTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MlcBxDcYyJwsViG4PQFb2zzhPwA
hHqPIi9TkAzOZfWXYSmRd6ePs7eq4jGtVpP0ea1wlNsMF9Yr2HP3yXp7BFvvaYqx
M30W24/KiDCxiBEdoBxVkz5oyWDiOviKkkSeWgF2oSuI5wyUA4/BbFAxyJMG0VLD
gqByPFNgQ52LjTSy8WY1/kfGSwBuRODnLfgQP8KDmK0mUjyRzHHQioQj9e0P79sm
xf6nwlJ0po2+zMWMH1mlIP6B2SugggbL5CVcJsULagUSij25najsHcsE20XAhsth
WcP4GncKY/Ew0WStiQloJHgfcGHHo1I/vTVGdtOxmqpjAZqj+0+zzihopQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFI448ZbV32IWy1KHyt2QA0InMwqeMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvampqeGx0WGZZaGJMVW9mSzNaQURRaWN6Q3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQCW+REAwQC
ufjAAwQBwg9wAwQAwhoSAwQCwj70MA4EAgACMAgDBgAqEZwAADANBgkqhkiG9w0B
AQsFAAOCAQEARK67gMQDwhOKtmdmisms5FdipCShD4gQWccAY53rGOtNjURe2fKn
Txj3/zLhQXRGI5S++Cl5o/4jQDeU7dJDiioItmQyhiIPCJLnPf1jzyqKlmK5wqbN
lk2HIkbOR52i1iyBvQbJANXwxd9qX/dReCCw1jNVyaEeARe3qAvFoE9+cXHNi9P9
nuWjSo1wpkCHsU1UacpBba1A9bQDMBbDsITyMivSAOoxC9puAGdbeKYWTC+G14bR
GzK8SOLL6ZVlWnZlJbZ51mxGk1x5yCOOhuG6otM91+lwpOwx2BC0nxaAanA9JQo8
1W8ZnQLwcVdXXOtWJ/lg89g2S+J96uRzng==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:38 2024 by rpki-client on console-fra.rpki-client.org