Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/136b3f-459e-4a96-a4ab-3b990878a52b/1/ajaMNIpPPqnc41dNvWzqfs-S0zk.roa
File: ajaMNIpPPqnc41dNvWzqfs-S0zk.roa (raw, json)
Hash identifier: j6OysTpxYQoY1wXdT7m9lfRx4CsLUuJV0zepksU+bRc=
Subject key identifier: 6A:36:8C:34:8A:4F:3E:A9:DC:E3:57:4D:BD:6C:EA:7E:CF:92:D3:39
Certificate issuer: /CN=d0ccd09a54bfa63141997cd653b77bc99392ef62
Certificate serial: 0188DDA8573BC41062F83D7F94AE778C8270
Authority key identifier: D0:CC:D0:9A:54:BF:A6:31:41:99:7C:D6:53:B7:7B:C9:93:92:EF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0MzQmlS_pjFBmXzWU7d7yZOS72I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/136b3f-459e-4a96-a4ab-3b990878a52b/1/ajaMNIpPPqnc41dNvWzqfs-S0zk.roa
Signing time: Wed 21 Jun 2023 11:12:57 +0000
ROA not before: Wed 21 Jun 2023 11:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51896
IP address blocks: 89.17.128.0/19 maxlen: 19
31.209.136.0/21 maxlen: 21
185.191.232.0/22 maxlen: 22
46.22.96.0/24 maxlen: 24
46.22.96.0/20 maxlen: 20
2a00:5000::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:a8:57:3b:c4:10:62:f8:3d:7f:94:ae:77:8c:82:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0ccd09a54bfa63141997cd653b77bc99392ef62
Validity
Not Before: Jun 21 11:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a368c348a4f3ea9dce3574dbd6cea7ecf92d339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:37:eb:1c:6d:e3:71:77:3d:4f:a1:9c:68:b9:
20:da:6b:56:d7:fe:5d:a7:ca:64:fc:dd:14:70:4a:
65:65:bd:23:93:56:34:42:1d:00:a3:ca:81:24:5f:
ab:1a:7d:4d:05:e9:4b:fa:b2:7c:ac:05:3a:1c:8b:
a7:a8:be:99:3f:d4:fb:69:e8:6a:8d:6d:e5:bf:61:
1a:62:7a:a6:b2:70:cd:5d:fa:6e:12:26:d8:59:35:
6d:7d:8c:3c:b9:8a:9e:1d:c1:35:0e:9b:be:76:9c:
e3:3f:6b:c0:26:63:3c:81:49:7c:25:94:72:0b:f0:
e2:aa:0e:bc:c8:40:18:10:38:cc:0d:86:fe:ca:ce:
a3:9e:3e:b1:a0:41:8e:23:52:fd:1e:0d:16:5c:8e:
93:d8:0f:60:13:a8:2a:00:2f:af:35:50:b4:81:cd:
a2:47:d3:af:d0:56:3d:01:46:35:fa:6e:58:58:d6:
f1:aa:96:2a:f1:91:b8:9f:eb:2c:86:de:28:ed:e6:
7b:17:9b:01:a0:c2:ed:f6:bf:80:92:8f:17:92:5a:
9e:23:b8:54:5e:53:86:75:a3:dc:14:4f:a7:0b:6a:
19:5a:97:e0:9d:33:dc:96:20:a5:c0:54:c5:f2:73:
75:83:76:2e:83:e8:a6:80:a9:cf:28:95:23:49:f9:
b7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:36:8C:34:8A:4F:3E:A9:DC:E3:57:4D:BD:6C:EA:7E:CF:92:D3:39
X509v3 Authority Key Identifier:
keyid:D0:CC:D0:9A:54:BF:A6:31:41:99:7C:D6:53:B7:7B:C9:93:92:EF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0MzQmlS_pjFBmXzWU7d7yZOS72I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/136b3f-459e-4a96-a4ab-3b990878a52b/1/ajaMNIpPPqnc41dNvWzqfs-S0zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/136b3f-459e-4a96-a4ab-3b990878a52b/1/0MzQmlS_pjFBmXzWU7d7yZOS72I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.136.0/21
46.22.96.0/20
89.17.128.0/19
185.191.232.0/22
IPv6:
2a00:5000::/29
Signature Algorithm: sha256WithRSAEncryption
00:88:82:ae:97:d7:95:41:38:ae:c4:91:ef:f8:23:9c:c7:2a:
ec:27:e2:08:69:fd:4f:2c:41:6f:de:1f:21:b2:4b:7c:bf:f8:
27:34:45:8f:ac:cd:47:12:bb:ec:c5:df:42:e5:11:62:19:6e:
73:14:5d:c9:44:09:9b:4b:96:c0:a6:4e:b0:7d:51:8e:20:a8:
d6:6b:72:b9:b3:84:a1:76:e6:1e:4a:b0:f1:ac:29:bd:63:37:
23:02:30:4c:5b:06:f0:5f:42:76:ce:65:46:5b:fb:7b:cc:5d:
bd:22:74:a5:63:b7:ee:ac:71:88:74:88:c4:86:46:5c:bc:67:
fa:1b:bf:ba:15:7c:de:1e:22:37:b5:2f:60:21:fb:4f:6c:4b:
58:a7:eb:ea:f8:47:75:c4:61:d0:cc:b4:3f:de:0c:61:b2:24:
01:f6:77:c5:12:b4:fc:3f:30:f6:02:9a:62:f1:e4:68:5f:4c:
23:44:8a:34:38:3d:38:2a:b7:a4:bb:4f:d1:ac:10:ca:8b:21:
af:8c:57:52:d6:60:fc:2f:8d:cf:bc:89:e0:52:5a:8a:43:c9:
97:16:7c:70:e8:8e:a7:27:74:8e:38:39:16:98:c3:f7:78:56:
d8:4d:ab:e4:6e:71:dc:9c:04:81:f5:c0:e4:35:38:5f:e9:af:
69:a3:16:a2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYjdqFc7xBBi+D1/lK53jIJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwY2NkMDlhNTRiZmE2MzE0MTk5N2NkNjUzYjc3YmM5OTM5
MmVmNjIwHhcNMjMwNjIxMTExMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTM2OGMzNDhhNGYzZWE5ZGNlMzU3NGRiZDZjZWE3ZWNmOTJkMzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTfrHG3jcXc9T6GcaLkg2mtW1/5d
p8pk/N0UcEplZb0jk1Y0Qh0Ao8qBJF+rGn1NBelL+rJ8rAU6HIunqL6ZP9T7aehq
jW3lv2EaYnqmsnDNXfpuEibYWTVtfYw8uYqeHcE1Dpu+dpzjP2vAJmM8gUl8JZRy
C/Diqg68yEAYEDjMDYb+ys6jnj6xoEGOI1L9Hg0WXI6T2A9gE6gqAC+vNVC0gc2i
R9Ov0FY9AUY1+m5YWNbxqpYq8ZG4n+ssht4o7eZ7F5sBoMLt9r+Ako8XklqeI7hU
XlOGdaPcFE+nC2oZWpfgnTPcliClwFTF8nN1g3Yug+imgKnPKJUjSfm3dwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGo2jDSKTz6p3ONXTb1s6n7PktM5MB8GA1UdIwQY
MBaAFNDM0JpUv6YxQZl81lO3e8mTku9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME16UW1sU19wakZCbVh6V1U3ZDd5Wk9TNzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xMzZiM2YtNDU5ZS00YTk2LWE0YWIt
M2I5OTA4NzhhNTJiLzEvYWphTU5JcFBQcW5jNDFkTnZXenFmcy1TMHprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xMzZiM2YtNDU5ZS00YTk2LWE0YWItM2I5OTA4NzhhNTJi
LzEvME16UW1sU19wakZCbVh6V1U3ZDd5Wk9TNzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH9GIAwQE
LhZgAwQFWRGAAwQCub/oMA0EAgACMAcDBQMqAFAAMA0GCSqGSIb3DQEBCwUAA4IB
AQAAiIKul9eVQTiuxJHv+COcxyrsJ+IIaf1PLEFv3h8hskt8v/gnNEWPrM1HErvs
xd9C5RFiGW5zFF3JRAmbS5bApk6wfVGOIKjWa3K5s4ShduYeSrDxrCm9YzcjAjBM
WwbwX0J2zmVGW/t7zF29InSlY7furHGIdIjEhkZcvGf6G7+6FXzeHiI3tS9gIftP
bEtYp+vq+Ed1xGHQzLQ/3gxhsiQB9nfFErT8PzD2Appi8eRoX0wjRIo0OD04Krek
u0/RrBDKiyGvjFdS1mD8L43PvIngUlqKQ8mXFnxw6I6nJ3SOODkWmMP3eFbYTavk
bnHcnASB9cDkNThf6a9poxai
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:16 2024 by rpki-client on console.sobornost.net