Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c8492d-c364-4d83-85b4-137b6e3b8c20/1/jk9ll4_CjPAu5WIanPN7HtAooeQ.roa
File: jk9ll4_CjPAu5WIanPN7HtAooeQ.roa (raw, json)
Hash identifier: xtP1ttogmjQWE+YnyhKD9yju5R2ltQAIULW6AaPavvE=
Subject key identifier: 8E:4F:65:97:8F:C2:8C:F0:2E:E5:62:1A:9C:F3:7B:1E:D0:28:A1:E4
Certificate issuer: /CN=e29471ae0aaacab83e293f1f8ea1bd7070ec335b
Certificate serial: 018750C13EF66693519CB3C3169121F5D8D2
Authority key identifier: E2:94:71:AE:0A:AA:CA:B8:3E:29:3F:1F:8E:A1:BD:70:70:EC:33:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4pRxrgqqyrg-KT8fjqG9cHDsM1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c8492d-c364-4d83-85b4-137b6e3b8c20/1/jk9ll4_CjPAu5WIanPN7HtAooeQ.roa
Signing time: Wed 05 Apr 2023 09:30:54 +0000
ROA not before: Wed 05 Apr 2023 09:30:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52157
IP address blocks: 185.237.36.0/22 maxlen: 22
185.193.92.0/22 maxlen: 22
185.209.224.0/22 maxlen: 22
93.89.112.0/20 maxlen: 20
2a02:25e8::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:c1:3e:f6:66:93:51:9c:b3:c3:16:91:21:f5:d8:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29471ae0aaacab83e293f1f8ea1bd7070ec335b
Validity
Not Before: Apr 5 09:30:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e4f65978fc28cf02ee5621a9cf37b1ed028a1e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:89:0b:c0:c8:d3:e8:91:ca:e2:9b:0a:35:f7:
49:47:d9:23:4c:cf:91:a5:8f:92:2e:d3:29:52:63:
a8:a8:da:56:fe:30:e1:79:46:fd:25:78:0d:f3:8e:
3e:4f:85:84:29:75:04:8e:d6:bf:fe:5c:c6:ba:2c:
1e:7d:4c:15:86:29:b0:fb:26:2a:fa:0f:cb:1e:1c:
0d:64:f1:73:7d:0b:cf:65:2c:dd:d3:4b:34:c5:b0:
b0:e9:ca:07:61:bf:a8:32:cb:d4:24:1b:a0:6b:57:
98:10:24:b2:78:34:8e:90:40:20:1e:06:fe:2e:06:
b4:49:c9:a5:f5:0f:c3:ba:ee:10:1e:fb:76:a1:3d:
93:2d:cd:53:ca:76:23:81:e8:28:bc:b1:d9:5c:39:
ff:8e:5d:87:5d:4d:5c:16:0b:a2:23:94:64:f0:b2:
1f:a4:9a:be:bc:82:a1:7b:7a:26:65:1b:f8:ef:3a:
19:28:03:ee:d2:cf:d8:74:18:75:10:a6:4c:6e:5d:
55:45:ac:02:ca:82:ae:2d:52:fa:5f:59:03:a5:34:
46:b8:23:35:11:e6:7b:a4:bb:66:b9:4c:ae:be:f8:
c2:10:15:ce:36:1d:95:30:c9:e0:69:ee:f7:7f:8f:
8c:e4:9d:f2:14:e5:0e:0b:8c:fa:a1:e2:20:64:c4:
21:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4F:65:97:8F:C2:8C:F0:2E:E5:62:1A:9C:F3:7B:1E:D0:28:A1:E4
X509v3 Authority Key Identifier:
keyid:E2:94:71:AE:0A:AA:CA:B8:3E:29:3F:1F:8E:A1:BD:70:70:EC:33:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4pRxrgqqyrg-KT8fjqG9cHDsM1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c8492d-c364-4d83-85b4-137b6e3b8c20/1/jk9ll4_CjPAu5WIanPN7HtAooeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c8492d-c364-4d83-85b4-137b6e3b8c20/1/4pRxrgqqyrg-KT8fjqG9cHDsM1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.112.0/20
185.193.92.0/22
185.209.224.0/22
185.237.36.0/22
IPv6:
2a02:25e8::/29
Signature Algorithm: sha256WithRSAEncryption
6a:9b:6d:a3:c0:bb:67:54:20:4d:5b:26:0d:ab:f3:17:89:fe:
07:7d:4a:89:ba:ee:44:50:92:dd:e5:0f:86:e5:54:84:af:10:
9e:17:eb:fd:54:55:8e:0c:05:2a:ad:9a:40:ee:72:ef:db:9c:
c0:4b:29:ee:fb:00:cb:12:7c:a7:4a:69:9a:18:b8:08:d2:6a:
6a:a3:4c:60:2e:c4:9c:eb:21:46:cb:68:99:ed:85:1f:0f:f8:
65:43:7c:68:7c:b9:d9:dd:a1:dd:35:0c:73:f5:b0:19:b8:28:
9f:f4:2e:c6:bb:b5:67:ad:64:95:ab:fa:79:63:fa:11:01:a5:
26:24:4c:02:15:e6:d0:b5:a0:0c:89:86:65:00:19:67:6a:ff:
89:ac:10:da:fc:6d:8f:57:1d:9f:59:64:ec:87:5e:de:68:d0:
84:ac:bf:7e:d6:6d:96:32:c5:bf:fd:24:e8:e6:b0:3e:2a:ce:
be:f9:c8:c4:ef:bf:3a:0b:c9:0e:b1:de:57:42:a2:1b:81:fe:
a8:94:33:c6:34:29:6c:90:40:9f:fb:31:ff:64:a8:29:bb:4c:
c8:7a:04:d1:96:02:77:4d:5b:5c:52:6b:ac:70:2a:d1:d9:62:
0a:7a:d7:71:d4:19:53:ff:8a:79:74:2c:e5:ab:fd:d9:62:d8:
ef:38:0f:42
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYdQwT72ZpNRnLPDFpEh9djSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOTQ3MWFlMGFhYWNhYjgzZTI5M2YxZjhlYTFiZDcwNzBl
YzMzNWIwHhcNMjMwNDA1MDkzMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTRmNjU5NzhmYzI4Y2YwMmVlNTYyMWE5Y2YzN2IxZWQwMjhhMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwokLwMjT6JHK4psKNfdJR9kjTM+R
pY+SLtMpUmOoqNpW/jDheUb9JXgN844+T4WEKXUEjta//lzGuiwefUwVhimw+yYq
+g/LHhwNZPFzfQvPZSzd00s0xbCw6coHYb+oMsvUJBuga1eYECSyeDSOkEAgHgb+
Lga0Scml9Q/Duu4QHvt2oT2TLc1TynYjgegovLHZXDn/jl2HXU1cFguiI5Rk8LIf
pJq+vIKhe3omZRv47zoZKAPu0s/YdBh1EKZMbl1VRawCyoKuLVL6X1kDpTRGuCM1
EeZ7pLtmuUyuvvjCEBXONh2VMMngae73f4+M5J3yFOUOC4z6oeIgZMQhUQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFI5PZZePwozwLuViGpzzex7QKKHkMB8GA1UdIwQY
MBaAFOKUca4Kqsq4Pik/H46hvXBw7DNbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHBSeHJncXF5cmctS1Q4ZmpxRzljSERzTTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODQ5MmQtYzM2NC00ZDgzLTg1YjQt
MTM3YjZlM2I4YzIwLzEvams5bGw0X0NqUEF1NVdJYW5QTjdIdEFvb2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jODQ5MmQtYzM2NC00ZDgzLTg1YjQtMTM3YjZlM2I4YzIw
LzEvNHBSeHJncXF5cmctS1Q4ZmpxRzljSERzTTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEXVlwAwQC
ucFcAwQCudHgAwQCue0kMA0EAgACMAcDBQMqAiXoMA0GCSqGSIb3DQEBCwUAA4IB
AQBqm22jwLtnVCBNWyYNq/MXif4HfUqJuu5EUJLd5Q+G5VSErxCeF+v9VFWODAUq
rZpA7nLv25zASynu+wDLEnynSmmaGLgI0mpqo0xgLsSc6yFGy2iZ7YUfD/hlQ3xo
fLnZ3aHdNQxz9bAZuCif9C7Gu7VnrWSVq/p5Y/oRAaUmJEwCFebQtaAMiYZlABln
av+JrBDa/G2PVx2fWWTsh17eaNCErL9+1m2WMsW//STo5rA+Ks6++cjE7786C8kO
sd5XQqIbgf6olDPGNClskECf+zH/ZKgpu0zIegTRlgJ3TVtcUmuscCrR2WIKetdx
1BlT/4p5dCzlq/3ZYtjvOA9C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:42 2024 by rpki-client on console-fra.rpki-client.org