Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/JOLykskWxbMXIR7z8ciGpDjkIJQ.roa
File: JOLykskWxbMXIR7z8ciGpDjkIJQ.roa (raw, json)
Hash identifier: C5wqwywL5MveLyH7kQz1JW+lzfUPbdfmHa/3ac96BAE=
Subject key identifier: 24:E2:F2:92:C9:16:C5:B3:17:21:1E:F3:F1:C8:86:A4:38:E4:20:94
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018CC94E6BDBDFCF51F02A9167DE8A0B398D
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/JOLykskWxbMXIR7z8ciGpDjkIJQ.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30885
IP address blocks: 86.105.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6b:db:df:cf:51:f0:2a:91:67:de:8a:0b:39:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24e2f292c916c5b317211ef3f1c886a438e42094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6a:ce:e2:f3:76:fe:50:44:38:d4:f1:ed:42:
c2:b5:ed:78:73:aa:ef:97:01:13:be:76:60:a7:43:
91:b0:0b:3d:81:7f:da:fa:f4:c7:84:52:04:f2:65:
3d:a1:02:ab:5c:95:0a:f3:f7:ca:14:09:2d:4b:19:
e8:9c:ec:4a:41:35:8d:43:dd:bf:00:33:e4:78:fc:
df:ed:12:f5:70:b2:d8:c2:86:a4:a1:90:44:37:80:
b8:8c:04:84:e3:87:92:40:75:a3:80:ad:32:70:1f:
87:8d:40:93:b8:88:69:58:ad:e6:51:a6:1d:ae:98:
49:1e:b3:24:e0:1e:01:2f:45:ee:84:18:7a:af:ce:
b2:5c:62:a9:0f:15:11:57:ba:e9:69:21:e9:84:34:
cf:13:5f:12:dd:35:d8:bd:7d:46:ae:3b:a9:1a:ac:
36:1b:54:f3:c3:39:11:36:75:61:af:49:f2:35:17:
aa:a0:27:9c:1b:f4:11:68:14:c5:25:25:c1:32:c4:
25:cc:8e:77:29:d4:54:8f:41:8a:01:79:db:44:d1:
e7:b5:14:9d:9c:d1:fb:ad:f2:0f:28:cd:7b:49:aa:
bc:b6:5e:34:12:06:e0:24:6f:e9:7c:bb:ac:57:a6:
52:e4:cd:b3:1e:33:bd:3d:42:19:f7:a6:bc:80:85:
a8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E2:F2:92:C9:16:C5:B3:17:21:1E:F3:F1:C8:86:A4:38:E4:20:94
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/JOLykskWxbMXIR7z8ciGpDjkIJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.193.0/24
Signature Algorithm: sha256WithRSAEncryption
36:22:52:bf:ac:e4:03:c0:ed:38:6b:bd:f9:fd:39:90:c3:7f:
19:ce:08:0f:11:df:12:a1:f9:35:a5:16:64:b7:b3:5f:fd:2f:
99:5f:a2:1c:bb:96:4e:5f:80:ba:f4:8b:14:bd:43:4f:7f:22:
dd:89:24:1f:77:ca:67:a2:12:c6:6c:6a:ee:7c:89:ef:ae:d5:
0b:f3:7d:39:14:12:f6:a3:7b:9b:33:c4:84:d3:ff:d5:64:7a:
97:3a:c4:35:03:4e:7d:ef:8e:7c:fc:83:79:77:9b:5b:e7:80:
8f:76:32:b6:a7:4a:0b:35:ca:67:28:c0:db:e3:71:90:7b:51:
73:9b:04:e0:9a:eb:e2:8d:38:ac:6f:48:fa:7c:d5:a9:f2:fe:
cb:b8:8f:e0:ac:8f:a7:91:6f:82:66:8e:21:94:fb:80:8c:d1:
48:a9:47:92:a9:33:7f:11:9f:21:c6:6c:c0:36:64:da:c6:eb:
dd:3c:18:85:f6:c8:cf:43:9d:dc:64:87:6a:a2:dd:7c:ff:12:
db:4e:eb:55:78:5f:4d:4f:24:d5:2f:0e:ad:01:3e:f9:6a:20:
e5:d2:39:89:75:ca:ae:4f:11:9f:33:49:66:2e:e1:97:ba:7c:
a9:eb:43:b2:1f:0c:df:5d:54:f5:31:26:41:3d:5e:66:2b:da:
7f:af:03:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmvb389R8CqRZ96KCzmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGUyZjI5MmM5MTZjNWIzMTcyMTFlZjNmMWM4ODZhNDM4ZTQyMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWrO4vN2/lBEONTx7ULCte14c6rv
lwETvnZgp0ORsAs9gX/a+vTHhFIE8mU9oQKrXJUK8/fKFAktSxnonOxKQTWNQ92/
ADPkePzf7RL1cLLYwoakoZBEN4C4jASE44eSQHWjgK0ycB+HjUCTuIhpWK3mUaYd
rphJHrMk4B4BL0XuhBh6r86yXGKpDxURV7rpaSHphDTPE18S3TXYvX1GrjupGqw2
G1TzwzkRNnVhr0nyNReqoCecG/QRaBTFJSXBMsQlzI53KdRUj0GKAXnbRNHntRSd
nNH7rfIPKM17Saq8tl40EgbgJG/pfLusV6ZS5M2zHjO9PUIZ96a8gIWobwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTi8pLJFsWzFyEe8/HIhqQ45CCUMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvSk9MeWtza1d4Yk1YSVI3ejhjaUdwRGprSUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmnBMA0G
CSqGSIb3DQEBCwUAA4IBAQA2IlK/rOQDwO04a735/TmQw38ZzggPEd8Sofk1pRZk
t7Nf/S+ZX6Icu5ZOX4C69IsUvUNPfyLdiSQfd8pnohLGbGrufInvrtUL8305FBL2
o3ubM8SE0//VZHqXOsQ1A0597458/IN5d5tb54CPdjK2p0oLNcpnKMDb43GQe1Fz
mwTgmuvijTisb0j6fNWp8v7LuI/grI+nkW+CZo4hlPuAjNFIqUeSqTN/EZ8hxmzA
NmTaxuvdPBiF9sjPQ53cZIdqot18/xLbTutVeF9NTyTVLw6tAT75aiDl0jmJdcqu
TxGfM0lmLuGXunyp60OyHwzfXVT1MSZBPV5mK9p/rwOy
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:54:48 2025 by rpki-client