Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-xpggkM8ehaFitkV8luDhNrfaCc.roa
File: 1-xpggkM8ehaFitkV8luDhNrfaCc.roa (raw, json)
Hash identifier: ITNb+UV3R70QmJ6zkZ8jBL+nA8GH2NCiE2lASxTRKBk=
Subject key identifier: FB:1A:60:82:43:3C:7A:16:85:8A:D9:15:F2:5B:83:84:DA:DF:68:27
Certificate issuer: /CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8
Certificate serial: 018A83E223CB2F5071B47EB29AF28B6E6FE2
Authority key identifier: FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-xpggkM8ehaFitkV8luDhNrfaCc.roa
Signing time: Mon 11 Sep 2023 10:55:50 +0000
ROA not before: Mon 11 Sep 2023 10:55:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35470
IP address blocks: 87.239.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:e2:23:cb:2f:50:71:b4:7e:b2:9a:f2:8b:6e:6f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8
Validity
Not Before: Sep 11 10:55:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb1a6082433c7a16858ad915f25b8384dadf6827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2c:d4:cd:c2:62:d6:43:f3:4d:ea:15:bc:2e:
72:aa:79:1a:0f:7e:22:3c:00:2a:ab:67:17:5c:47:
b0:ac:de:bd:25:57:78:7d:48:7e:5d:70:1c:11:fb:
d8:bf:85:c6:88:4d:32:a0:c8:06:ef:c0:c1:55:a9:
02:c7:c8:7c:10:bc:57:51:78:2b:ba:c1:44:28:9d:
90:0c:9a:97:5d:99:df:20:6e:5d:d9:98:06:a8:9e:
5c:51:a5:da:d0:ba:33:5e:8a:7e:66:11:dc:d5:c7:
e5:f1:b8:5e:65:a1:94:3c:44:59:51:82:a9:5d:f7:
d1:63:fa:d3:14:d7:11:19:ac:2e:ac:b8:71:4a:22:
db:92:f7:96:df:f1:c1:ef:c1:12:e4:a6:81:79:df:
95:17:15:b8:92:c8:e0:8b:89:da:bb:61:fb:1e:d4:
3d:f4:22:63:ae:c8:b4:fd:fb:9b:3b:a7:db:4c:dc:
a6:6e:e6:d8:b0:63:c9:ec:1d:a8:d6:1d:10:e3:33:
78:f0:69:de:07:46:bb:86:6a:54:ce:30:b9:c1:4d:
c1:4a:ef:b4:51:71:53:a9:6a:d1:c4:a7:04:d4:b9:
8f:04:e3:70:e2:4e:69:07:ac:22:d8:77:70:31:b7:
0c:58:f2:a6:fc:26:d9:9d:21:1a:22:fe:6d:8c:1c:
a1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:1A:60:82:43:3C:7A:16:85:8A:D9:15:F2:5B:83:84:DA:DF:68:27
X509v3 Authority Key Identifier:
keyid:FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-xpggkM8ehaFitkV8luDhNrfaCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-hskeN_g8zonixP0LdMZYB1jeKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.11.0/24
Signature Algorithm: sha256WithRSAEncryption
07:fe:11:b4:7b:18:74:d3:75:21:65:83:ea:b7:17:40:86:a1:
f8:38:d1:be:84:67:bb:6c:1a:8e:21:c0:e7:5e:17:93:76:12:
92:28:eb:a1:1a:d7:86:10:5d:69:0b:29:ad:5c:19:2a:6a:61:
d7:31:fd:56:95:90:27:07:b1:9d:0c:61:9f:2b:f4:a0:86:55:
4e:0a:7b:1b:d6:14:8b:ff:75:45:d1:27:56:c2:77:1e:31:be:
67:91:5a:b7:73:1d:e6:4b:ff:88:70:34:a1:1e:02:b6:74:de:
dc:19:07:e1:28:02:1b:b1:9a:2d:55:6c:5b:83:31:28:21:cf:
65:fb:af:85:88:53:c8:da:26:b8:7b:92:95:6e:93:84:b7:44:
10:69:2a:30:82:ed:d8:2f:b6:84:5d:dd:c9:a6:d1:00:76:f1:
81:e6:c4:8d:a7:73:37:00:7a:e4:40:a3:7e:a5:5d:67:e5:89:
57:97:f1:53:42:cd:48:19:61:89:47:3c:5f:00:94:3c:57:14:
e7:2d:25:04:79:69:b2:8e:56:69:23:11:c3:63:36:44:c5:f3:
45:01:38:4f:bf:f9:f0:d9:41:5f:f0:2a:b0:8d:07:de:4d:61:
6d:13:d0:37:c9:30:d6:1b:6b:3b:c2:c1:3e:d9:6e:89:31:84:
7f:69:3f:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqD4iPLL1BxtH6ymvKLbm/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMWIyNDc4ZGZlMGYzM2EyNzhiMTNmNDJkZDMxOTYwMWQ2
Mzc4YTgwHhcNMjMwOTExMTA1NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjFhNjA4MjQzM2M3YTE2ODU4YWQ5MTVmMjViODM4NGRhZGY2ODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjizUzcJi1kPzTeoVvC5yqnkaD34i
PAAqq2cXXEewrN69JVd4fUh+XXAcEfvYv4XGiE0yoMgG78DBVakCx8h8ELxXUXgr
usFEKJ2QDJqXXZnfIG5d2ZgGqJ5cUaXa0LozXop+ZhHc1cfl8bheZaGUPERZUYKp
XffRY/rTFNcRGawurLhxSiLbkveW3/HB78ES5KaBed+VFxW4ksjgi4nau2H7HtQ9
9CJjrsi0/fubO6fbTNymbubYsGPJ7B2o1h0Q4zN48GneB0a7hmpUzjC5wU3BSu+0
UXFTqWrRxKcE1LmPBONw4k5pB6wi2HdwMbcMWPKm/CbZnSEaIv5tjByh6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPsaYIJDPHoWhYrZFfJbg4Ta32gnMB8GA1UdIwQY
MBaAFPobJHjf4PM6J4sT9C3TGWAdY3ioMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oc2tlTl9nOHpvbml4UDBMZE1aWUIxamVLZy5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgy
LTJhMWNjZTdkMmM2NS8xLzEteHBnZ2tNOGVoYUZpdGtWOGx1RGhOcmZhQ2Mucm9h
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL2FmLzA4YTljOC00YmUzLTQ2ODItYWY4Mi0yYTFjY2U3ZDJj
NjUvMS8xLWhza2VOX2c4em9uaXhQMExkTVpZQjFqZUtnLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+8L
MA0GCSqGSIb3DQEBCwUAA4IBAQAH/hG0exh003UhZYPqtxdAhqH4ONG+hGe7bBqO
IcDnXheTdhKSKOuhGteGEF1pCymtXBkqamHXMf1WlZAnB7GdDGGfK/SghlVOCnsb
1hSL/3VF0SdWwnceMb5nkVq3cx3mS/+IcDShHgK2dN7cGQfhKAIbsZotVWxbgzEo
Ic9l+6+FiFPI2ia4e5KVbpOEt0QQaSowgu3YL7aEXd3JptEAdvGB5sSNp3M3AHrk
QKN+pV1n5YlXl/FTQs1IGWGJRzxfAJQ8VxTnLSUEeWmyjlZpIxHDYzZExfNFAThP
v/nw2UFf8CqwjQfeTWFtE9A3yTDWG2s7wsE+2W6JMYR/aT+Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:48 2024 by rpki-client on console-fra.rpki-client.org