Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/JOTFBkeEnqOHETmi_xnQB1VLZUs.roa
File: JOTFBkeEnqOHETmi_xnQB1VLZUs.roa (raw, json)
Hash identifier: sD5TOQ+XflmgVfUpSxRyuaHsLU7eEghTv2/C+g+XgVM=
Subject key identifier: 24:E4:C5:06:47:84:9E:A3:87:11:39:A2:FF:19:D0:07:55:4B:65:4B
Certificate issuer: /CN=d594e95fa59b52b599dba406d7b76f383ca90fa8
Certificate serial: 01862C9DE053B33060C4C10CD46962780AA8
Authority key identifier: D5:94:E9:5F:A5:9B:52:B5:99:DB:A4:06:D7:B7:6F:38:3C:A9:0F:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ZTpX6WbUrWZ26QG17dvODypD6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/JOTFBkeEnqOHETmi_xnQB1VLZUs.roa
Signing time: Tue 07 Feb 2023 16:03:09 +0000
ROA not before: Tue 07 Feb 2023 16:03:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208446
IP address blocks: 185.137.99.0/24 maxlen: 24
2a12:7c40::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:9d:e0:53:b3:30:60:c4:c1:0c:d4:69:62:78:0a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d594e95fa59b52b599dba406d7b76f383ca90fa8
Validity
Not Before: Feb 7 16:03:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24e4c50647849ea3871139a2ff19d007554b654b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:02:6c:36:a8:0b:e6:b0:bd:fa:87:c2:38:4e:
ec:82:02:2c:21:07:b5:3e:f0:ec:69:d2:dd:d7:64:
3d:1e:d8:84:4c:48:83:64:68:f2:e3:8b:4b:5f:7f:
77:88:06:d9:c6:d9:b4:0c:3a:7b:11:69:a1:12:78:
f1:90:67:c4:8c:3a:36:c0:99:a1:36:fb:6f:e0:6b:
d3:f1:ff:8e:a4:b0:08:62:a3:f1:f0:80:4c:37:f1:
f1:35:26:84:93:2c:cd:09:7f:ee:4b:25:96:46:b4:
44:53:d2:e7:73:a4:8b:b8:bf:ac:e3:76:cc:e9:f7:
fb:7f:74:03:ca:90:af:96:99:2f:b4:e2:83:38:35:
51:46:2b:53:3d:35:3f:04:2c:45:8b:d6:9e:62:4a:
bb:27:53:b6:d6:4f:64:8a:f8:06:fb:31:7a:f2:59:
b2:25:a5:5a:e3:60:0f:12:b0:2d:4b:90:49:f0:57:
b7:ba:fd:22:56:45:33:25:f9:31:80:e8:8b:8e:2d:
6c:0c:30:54:b2:9d:33:87:61:c1:85:a8:88:5b:3e:
3d:e9:8e:2e:80:86:d6:7e:c1:1b:10:a2:85:97:89:
34:6f:fd:ee:5a:7a:7a:e6:c4:10:82:68:dc:73:f0:
79:7a:f0:df:7c:aa:db:00:ef:d6:77:1b:2b:56:96:
d9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E4:C5:06:47:84:9E:A3:87:11:39:A2:FF:19:D0:07:55:4B:65:4B
X509v3 Authority Key Identifier:
keyid:D5:94:E9:5F:A5:9B:52:B5:99:DB:A4:06:D7:B7:6F:38:3C:A9:0F:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ZTpX6WbUrWZ26QG17dvODypD6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/JOTFBkeEnqOHETmi_xnQB1VLZUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/eedbcd-ab18-4ab3-b5dd-e3b0b41e25c5/1/1ZTpX6WbUrWZ26QG17dvODypD6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.99.0/24
IPv6:
2a12:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
84:82:1b:02:ca:65:86:0a:da:ad:79:61:1e:08:8a:af:13:7e:
ec:6a:39:63:ae:87:23:af:54:d9:bf:6d:8e:b6:68:dc:46:33:
22:aa:74:26:a3:de:26:2d:74:e2:2b:ae:52:cb:69:ab:b9:31:
80:4a:19:ea:f7:13:7b:a3:35:c1:30:e5:1f:6d:c6:5e:99:c7:
3c:9b:1d:66:7b:94:2c:bd:71:55:55:19:f8:18:01:45:f5:6a:
22:6a:05:9a:61:d3:08:88:8f:da:88:ce:3e:da:b6:c5:e9:34:
47:12:d4:8c:38:d6:99:ce:c9:87:75:24:3a:14:f3:e0:e8:71:
ac:37:32:ed:64:d5:47:c2:83:42:c7:22:3c:12:0b:55:81:e7:
20:8f:a0:31:90:ff:af:b2:47:6f:1e:c4:c7:9a:81:51:81:67:
5b:7f:d2:97:2e:39:38:4b:6b:da:5f:df:77:6f:f9:93:6d:36:
cf:50:42:cb:8c:ed:d0:67:43:4c:9f:4d:28:5d:b7:b0:8f:ff:
89:bc:a1:da:a8:39:b3:43:02:d0:aa:d3:d1:0b:b7:50:d2:40:
70:ef:f4:04:02:f5:b8:48:bb:e2:02:41:37:79:24:fd:df:c0:
64:98:2c:8f:e0:be:bd:8c:14:f1:e7:42:f8:10:ee:18:b6:36:
f8:23:1c:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYsneBTszBgxMEM1GlieAqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1OTRlOTVmYTU5YjUyYjU5OWRiYTQwNmQ3Yjc2ZjM4M2Nh
OTBmYTgwHhcNMjMwMjA3MTYwMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU0YzUwNjQ3ODQ5ZWEzODcxMTM5YTJmZjE5ZDAwNzU1NGI2NTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQJsNqgL5rC9+ofCOE7sggIsIQe1
PvDsadLd12Q9HtiETEiDZGjy44tLX393iAbZxtm0DDp7EWmhEnjxkGfEjDo2wJmh
Nvtv4GvT8f+OpLAIYqPx8IBMN/HxNSaEkyzNCX/uSyWWRrREU9Lnc6SLuL+s43bM
6ff7f3QDypCvlpkvtOKDODVRRitTPTU/BCxFi9aeYkq7J1O21k9kivgG+zF68lmy
JaVa42APErAtS5BJ8Fe3uv0iVkUzJfkxgOiLji1sDDBUsp0zh2HBhaiIWz496Y4u
gIbWfsEbEKKFl4k0b/3uWnp65sQQgmjcc/B5evDffKrbAO/WdxsrVpbZTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCTkxQZHhJ6jhxE5ov8Z0AdVS2VLMB8GA1UdIwQY
MBaAFNWU6V+lm1K1mdukBte3bzg8qQ+oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVpUcFg2V2JVcldaMjZRRzE3ZHZPRHlwRDZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9lZWRiY2QtYWIxOC00YWIzLWI1ZGQt
ZTNiMGI0MWUyNWM1LzEvSk9URkJrZUVucU9IRVRtaV94blFCMVZMWlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9lZWRiY2QtYWIxOC00YWIzLWI1ZGQtZTNiMGI0MWUyNWM1
LzEvMVpUcFg2V2JVcldaMjZRRzE3ZHZPRHlwRDZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYljMA0E
AgACMAcDBQMqEnxAMA0GCSqGSIb3DQEBCwUAA4IBAQCEghsCymWGCtqteWEeCIqv
E37sajljrocjr1TZv22OtmjcRjMiqnQmo94mLXTiK65Sy2mruTGAShnq9xN7ozXB
MOUfbcZemcc8mx1me5QsvXFVVRn4GAFF9WoiagWaYdMIiI/aiM4+2rbF6TRHEtSM
ONaZzsmHdSQ6FPPg6HGsNzLtZNVHwoNCxyI8EgtVgecgj6AxkP+vskdvHsTHmoFR
gWdbf9KXLjk4S2vaX993b/mTbTbPUELLjO3QZ0NMn00oXbewj/+JvKHaqDmzQwLQ
qtPRC7dQ0kBw7/QEAvW4SLviAkE3eST938BkmCyP4L69jBTx50L4EO4Ytjb4Ixzy
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:34 2024 by rpki-client on console-fra.rpki-client.org