Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/JoTcl8-bBMBUSJdgo9W4USttRoM.roa
File: JoTcl8-bBMBUSJdgo9W4USttRoM.roa (raw, json)
Hash identifier: akHuCyk201R9uC4owL9MuG8lU7TvEMGV7VAoKWgdH4E=
Subject key identifier: 26:84:DC:97:CF:9B:04:C0:54:48:97:60:A3:D5:B8:51:2B:6D:46:83
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 018E58023CC3850DD5C57963444D063AE110
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/JoTcl8-bBMBUSJdgo9W4USttRoM.roa
Signing time: Tue 19 Mar 2024 18:38:45 +0000
ROA not before: Tue 19 Mar 2024 18:38:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398343
IP address blocks: 86.111.224.0/22 maxlen: 22
86.111.228.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 19 Apr 2024 18:37:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:58:02:3c:c3:85:0d:d5:c5:79:63:44:4d:06:3a:e1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Mar 19 18:38:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2684dc97cf9b04c054489760a3d5b8512b6d4683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e1:29:23:a8:e7:90:3f:67:45:09:46:ac:f4:
07:0f:03:ce:4e:bc:0a:f8:1f:f4:9f:42:a1:9c:ed:
f8:94:91:1e:05:ca:0c:08:5f:b3:80:7b:90:b5:67:
83:7b:97:07:0e:ba:08:2d:fb:95:62:4c:8b:b4:92:
51:45:f2:8f:65:c2:4e:e3:c7:ac:75:3a:aa:df:a9:
60:82:c9:f1:c5:3e:50:2e:78:10:d8:a3:bc:4b:19:
ec:d1:c1:e0:e9:d9:0f:59:fc:6a:36:bc:37:e5:91:
7c:34:99:ca:7a:28:d5:e4:d2:bc:3c:2d:37:9b:33:
8a:74:2b:08:16:b5:fb:cf:d0:77:e4:2f:1d:5a:54:
97:42:dc:20:a7:05:26:32:38:7e:16:71:fc:c5:c7:
e7:4a:d2:da:55:17:27:ca:c1:fd:00:a0:ed:f2:d7:
38:7c:36:6e:f6:5b:92:bf:d6:d8:3f:33:6d:1f:08:
0c:96:df:80:38:fd:cc:5e:3d:ec:cf:3f:d6:aa:c8:
dc:39:65:61:fc:cd:fa:91:7a:d5:08:27:d3:a5:ec:
2b:08:e4:01:ae:11:75:93:80:7a:00:a4:b3:c4:d1:
dd:f9:54:56:b5:60:1d:0e:a4:f9:22:52:6d:1e:47:
b4:bc:89:ca:ff:55:b2:03:bd:1e:93:b1:37:69:53:
ae:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:84:DC:97:CF:9B:04:C0:54:48:97:60:A3:D5:B8:51:2B:6D:46:83
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/JoTcl8-bBMBUSJdgo9W4USttRoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.224.0-86.111.229.255
Signature Algorithm: sha256WithRSAEncryption
50:a5:6e:6d:99:e5:74:2c:26:5f:9d:de:95:a5:71:9c:6f:9f:
ca:e6:56:01:ba:f8:f5:70:14:f9:b2:71:9c:3a:f6:73:bc:8e:
bc:c4:db:c3:a9:c1:f3:a6:ab:01:42:10:c8:15:06:65:fe:89:
c6:17:c6:84:31:53:0c:12:c9:7e:96:71:9d:3d:4b:a9:b8:a2:
27:2d:4a:ed:41:8b:a9:34:d5:7b:db:cc:52:85:31:3b:ed:1f:
8d:33:21:15:96:cb:cf:50:a4:46:77:3a:d9:da:78:78:dc:17:
c0:ab:1e:65:27:33:17:89:a3:7b:66:13:35:07:1f:e9:fb:2d:
e2:b5:57:7a:ab:9e:db:68:c1:2c:14:31:69:78:ce:b3:d8:13:
33:a8:5c:4c:b3:51:4c:8b:76:dc:a7:8c:62:42:71:a9:b5:c8:
22:86:7d:a1:88:44:2d:1a:c9:3a:cb:44:73:0b:f0:a3:81:bb:
90:83:31:4a:13:3a:7c:1a:c8:e8:e7:34:86:54:6c:fc:68:fe:
6c:6f:b4:53:9a:ec:cf:9e:9d:f3:d1:9e:b6:24:9d:dd:08:50:
fc:a8:88:b2:16:53:33:f5:59:f5:99:55:e4:93:da:81:07:a8:
83:7f:92:cd:27:ec:85:bb:d3:98:f5:11:31:c8:b9:8e:e4:56:
e3:13:73:ef
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5YAjzDhQ3VxXljRE0GOuEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjQwMzE5MTgzODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjg0ZGM5N2NmOWIwNGMwNTQ0ODk3NjBhM2Q1Yjg1MTJiNmQ0NjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguEpI6jnkD9nRQlGrPQHDwPOTrwK
+B/0n0KhnO34lJEeBcoMCF+zgHuQtWeDe5cHDroILfuVYkyLtJJRRfKPZcJO48es
dTqq36lggsnxxT5QLngQ2KO8Sxns0cHg6dkPWfxqNrw35ZF8NJnKeijV5NK8PC03
mzOKdCsIFrX7z9B35C8dWlSXQtwgpwUmMjh+FnH8xcfnStLaVRcnysH9AKDt8tc4
fDZu9luSv9bYPzNtHwgMlt+AOP3MXj3szz/WqsjcOWVh/M36kXrVCCfTpewrCOQB
rhF1k4B6AKSzxNHd+VRWtWAdDqT5IlJtHke0vInK/1WyA70ek7E3aVOuIQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCaE3JfPmwTAVEiXYKPVuFErbUaDMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvSm9UY2w4LWJCTUJVU0pkZ285VzRVU3R0Um9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVWb+AD
BAFWb+QwDQYJKoZIhvcNAQELBQADggEBAFClbm2Z5XQsJl+d3pWlcZxvn8rmVgG6
+PVwFPmycZw69nO8jrzE28OpwfOmqwFCEMgVBmX+icYXxoQxUwwSyX6WcZ09S6m4
oictSu1Bi6k01XvbzFKFMTvtH40zIRWWy89QpEZ3OtnaeHjcF8CrHmUnMxeJo3tm
EzUHH+n7LeK1V3qrnttowSwUMWl4zrPYEzOoXEyzUUyLdtynjGJCcam1yCKGfaGI
RC0ayTrLRHML8KOBu5CDMUoTOnwayOjnNIZUbPxo/mxvtFOa7M+enfPRnrYknd0I
UPyoiLIWUzP1WfWZVeST2oEHqIN/ks0n7IW705j1ETHIuY7kVuMTc+8=
-----END CERTIFICATE-----
Generated at Fri Apr 19 21:32:48 2024 by rpki-client on console-ams.rpki-client.org