Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/va_gQ4Yc-AXgw8A6uBAk4ocDx1w.roa
File: va_gQ4Yc-AXgw8A6uBAk4ocDx1w.roa (raw, json)
Hash identifier: Y4HUQZIpeiv+rasGBdGzcZY3GXh2Q8ZJCHIrLTJ5TUk=
Subject key identifier: BD:AF:E0:43:86:1C:F8:05:E0:C3:C0:3A:B8:10:24:E2:87:03:C7:5C
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 018FE338E48D7E653D7404A52FEBBE443894
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/va_gQ4Yc-AXgw8A6uBAk4ocDx1w.roa
Signing time: Tue 04 Jun 2024 12:28:27 +0000
ROA not before: Tue 04 Jun 2024 12:28:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 86.111.224.0/24 maxlen: 24
86.111.225.0/24 maxlen: 24
86.111.226.0/24 maxlen: 24
86.111.227.0/24 maxlen: 24
86.111.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 18:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:38:e4:8d:7e:65:3d:74:04:a5:2f:eb:be:44:38:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Jun 4 12:28:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdafe043861cf805e0c3c03ab81024e28703c75c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8d:84:fc:36:f5:37:6c:1b:a9:8c:6d:97:40:
54:07:97:0d:21:c6:a8:bf:1b:c4:f7:16:16:e0:40:
49:60:31:54:5b:64:5b:89:7c:a2:0d:5a:fc:db:a9:
7c:5f:4e:60:40:3f:11:51:93:39:8b:6b:df:e4:6e:
e0:b3:ea:f6:49:e8:9e:8b:a7:00:96:ed:3e:16:aa:
6a:88:03:c7:f9:c8:91:a4:ee:be:a1:81:53:31:58:
57:fe:a4:d0:f6:59:2d:f5:cf:52:29:ad:92:7b:68:
9d:38:da:9b:3b:dc:ed:6e:0b:ee:92:7d:9a:0a:30:
53:5b:3c:39:ae:14:5a:c0:34:53:cd:9c:d7:4a:f5:
81:89:a9:fb:6b:e3:d8:70:96:0b:79:ea:e4:ab:8e:
ea:0c:16:b3:b6:b6:44:a6:17:8d:83:c9:19:6e:13:
85:46:87:fa:6b:6a:b5:95:d7:3b:58:6e:f6:14:d3:
e1:fa:47:1b:8d:92:64:6d:42:c6:a0:b2:21:e5:5c:
04:0c:de:a2:41:53:ec:20:11:12:46:65:4c:29:2b:
6c:7e:b9:4f:21:2f:9e:4a:53:c5:91:76:f9:ba:c1:
a6:54:ec:35:db:05:a5:a9:60:dc:e5:de:07:0c:90:
40:1a:c0:30:64:4c:72:8b:55:ee:d0:c3:13:a5:58:
5c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AF:E0:43:86:1C:F8:05:E0:C3:C0:3A:B8:10:24:E2:87:03:C7:5C
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/va_gQ4Yc-AXgw8A6uBAk4ocDx1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.224.0/22
86.111.229.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e8:5e:f6:6c:86:6c:30:03:aa:9d:14:d8:29:7c:13:79:c4:
99:76:e4:d4:e3:12:84:a6:ce:90:ff:05:7e:80:87:4d:8f:7b:
52:c6:46:cd:b4:85:0c:f2:ec:2e:db:04:83:1f:8f:db:7f:87:
2d:39:37:0f:de:3f:27:69:72:fa:6c:1a:e9:f2:34:8d:63:08:
7b:6d:41:d8:89:79:6c:c5:8c:7c:4b:a6:81:85:0b:7a:ae:a6:
62:69:a1:7e:3b:35:f9:a2:2e:32:09:6d:f1:aa:33:5f:ca:28:
60:83:0c:e6:65:4c:3e:94:c8:c1:2c:89:20:b9:57:0b:39:87:
b3:7d:f2:96:9e:7a:14:e3:c6:b1:d3:86:ee:33:db:e4:b2:b8:
64:e5:0c:b4:d9:fc:d1:8b:32:7d:b9:b9:a1:1f:1a:84:7c:15:
97:18:cc:db:65:1c:45:e1:6c:02:26:41:6a:68:d1:81:1f:4c:
1b:72:ae:9c:44:e7:ef:82:64:56:dd:b3:b8:29:4d:03:44:db:
a6:63:45:c3:5d:03:f2:7e:0c:f8:25:5b:0a:52:09:78:b0:4e:
6a:e4:db:da:fe:c7:e4:37:10:95:0d:11:26:ef:fb:2d:a5:d7:
ab:6e:5b:d9:4c:19:a3:68:76:2e:81:b8:35:4c:ee:ae:2b:79:
21:4c:f6:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/jOOSNfmU9dASlL+u+RDiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjQwNjA0MTIyODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGFmZTA0Mzg2MWNmODA1ZTBjM2MwM2FiODEwMjRlMjg3MDNjNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI2E/Db1N2wbqYxtl0BUB5cNIcao
vxvE9xYW4EBJYDFUW2RbiXyiDVr826l8X05gQD8RUZM5i2vf5G7gs+r2Seiei6cA
lu0+FqpqiAPH+ciRpO6+oYFTMVhX/qTQ9lkt9c9SKa2Se2idONqbO9ztbgvukn2a
CjBTWzw5rhRawDRTzZzXSvWBian7a+PYcJYLeerkq47qDBaztrZEpheNg8kZbhOF
Rof6a2q1ldc7WG72FNPh+kcbjZJkbULGoLIh5VwEDN6iQVPsIBESRmVMKStsfrlP
IS+eSlPFkXb5usGmVOw12wWlqWDc5d4HDJBAGsAwZExyi1Xu0MMTpVhc4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL2v4EOGHPgF4MPAOrgQJOKHA8dcMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvdmFfZ1E0WWMtQVhndzhBNnVCQWs0b2NEeDF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVm/gAwQA
Vm/lMA0GCSqGSIb3DQEBCwUAA4IBAQCC6F72bIZsMAOqnRTYKXwTecSZduTU4xKE
ps6Q/wV+gIdNj3tSxkbNtIUM8uwu2wSDH4/bf4ctOTcP3j8naXL6bBrp8jSNYwh7
bUHYiXlsxYx8S6aBhQt6rqZiaaF+OzX5oi4yCW3xqjNfyihggwzmZUw+lMjBLIkg
uVcLOYezffKWnnoU48ax04buM9vksrhk5Qy02fzRizJ9ubmhHxqEfBWXGMzbZRxF
4WwCJkFqaNGBH0wbcq6cROfvgmRW3bO4KU0DRNumY0XDXQPyfgz4JVsKUgl4sE5q
5Nva/sfkNxCVDREm7/stpderblvZTBmjaHYugbg1TO6uK3khTPYA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:10 2024 by rpki-client on console-fra.rpki-client.org