Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/afic8ueQrp59ouIddqaXNt8Snfs.roa
File: afic8ueQrp59ouIddqaXNt8Snfs.roa (raw, json)
Hash identifier: P5qjLahr09OAK3z+DUXImBlx2Gkgumd9WpWa3UNx1QI=
Subject key identifier: 69:F8:9C:F2:E7:90:AE:9E:7D:A2:E2:1D:76:A6:97:36:DF:12:9D:FB
Certificate issuer: /CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8
Certificate serial: 018A8EAB5ED6AEB69218D5363425E646CD09
Authority key identifier: FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/afic8ueQrp59ouIddqaXNt8Snfs.roa
Signing time: Wed 13 Sep 2023 13:11:50 +0000
ROA not before: Wed 13 Sep 2023 13:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207647
IP address blocks: 87.239.9.0/24 maxlen: 24
87.239.8.0/24 maxlen: 24
87.239.10.0/24 maxlen: 24
87.239.12.0/24 maxlen: 24
87.239.15.0/24 maxlen: 24
87.239.14.0/24 maxlen: 24
87.239.13.0/24 maxlen: 24
2001:678:6a0::/48 maxlen: 48
2a13:da40::/29 maxlen: 29
2001:678:be4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:ab:5e:d6:ae:b6:92:18:d5:36:34:25:e6:46:cd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8
Validity
Not Before: Sep 13 13:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69f89cf2e790ae9e7da2e21d76a69736df129dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:aa:f1:b2:60:20:9a:8d:12:de:18:79:a0:3b:
24:75:83:9d:53:8f:45:8a:07:52:58:01:e4:8f:5b:
95:6b:e7:be:2c:9f:ea:b6:95:0d:22:47:a9:32:d0:
92:87:99:7f:d2:02:12:b8:a3:3a:12:c2:7b:cc:9e:
f9:76:db:27:6d:06:90:9e:8a:5b:c1:f3:a8:89:35:
84:3a:10:de:bc:ee:60:92:cc:1d:c5:a4:84:de:a9:
17:07:ff:a3:ad:9d:6c:19:b0:64:2b:3f:64:07:e3:
25:71:4e:28:e3:af:53:d7:28:89:e8:8d:88:9b:b8:
bf:df:6e:91:28:4d:07:30:4e:13:de:cf:cb:37:07:
d2:8d:93:c8:48:c8:5d:93:1c:33:6e:bc:9a:e0:db:
b6:1b:58:d6:cb:52:63:9d:92:0a:b4:15:23:18:28:
40:66:49:2d:01:19:21:9b:50:13:ca:4b:26:39:64:
b6:42:a3:67:3a:e4:96:f7:6d:37:b4:fa:d3:c5:c4:
eb:09:31:34:2d:98:e8:6e:94:e5:7a:f5:51:00:ea:
fe:48:4f:dd:e1:db:53:a4:0d:02:89:ef:da:d8:bd:
44:24:cb:ea:42:b9:54:e2:b0:e8:ad:f3:24:e4:62:
e1:b2:29:0d:fc:ef:59:80:f1:55:bb:55:de:4b:66:
04:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F8:9C:F2:E7:90:AE:9E:7D:A2:E2:1D:76:A6:97:36:DF:12:9D:FB
X509v3 Authority Key Identifier:
keyid:FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/afic8ueQrp59ouIddqaXNt8Snfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-hskeN_g8zonixP0LdMZYB1jeKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.8.0-87.239.10.255
87.239.12.0/22
IPv6:
2001:678:6a0::/48
2001:678:be4::/48
2a13:da40::/29
Signature Algorithm: sha256WithRSAEncryption
0c:63:d5:8f:e3:27:93:bc:f9:35:0a:89:d4:cc:89:43:cb:78:
b6:df:c7:eb:6f:17:d4:76:23:36:93:ef:e5:10:26:0d:11:74:
a2:33:8b:5a:93:79:9c:9b:a2:cf:5b:96:c7:4a:a2:26:4e:81:
b2:00:bf:08:00:6c:84:03:24:5a:52:7b:8c:8b:47:9d:db:05:
04:d6:33:72:0d:ea:f1:92:85:10:a9:03:cb:17:0c:db:c7:4f:
89:e2:5d:89:3f:0c:42:f3:18:64:90:e0:93:f5:18:d0:2c:77:
18:f9:a1:ec:da:00:fa:7f:a4:0d:18:70:8a:7e:ce:5e:4b:66:
e5:bf:3b:24:68:d2:cc:e1:54:19:df:56:ac:dd:8f:a6:44:35:
1d:84:df:22:d3:a2:d4:3a:09:e9:8a:8a:b2:fe:eb:ee:a6:88:
57:b1:78:47:be:85:ea:38:78:f5:b2:14:06:c4:f3:7b:c7:6f:
8b:43:b2:f0:86:60:1c:bc:e1:7a:af:e0:98:33:17:67:c2:e9:
ab:c6:c4:8e:24:e9:7e:51:82:4d:e3:3d:69:12:8b:33:92:f7:
5f:d6:b1:48:18:3b:b5:e9:66:95:d0:b1:0b:11:b6:be:ad:b1:
fe:df:48:d5:0e:6a:b3:87:4f:f1:97:b0:af:39:90:59:60:97:
ab:85:f3:fd
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYqOq17WrraSGNU2NCXmRs0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMWIyNDc4ZGZlMGYzM2EyNzhiMTNmNDJkZDMxOTYwMWQ2
Mzc4YTgwHhcNMjMwOTEzMTMxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWY4OWNmMmU3OTBhZTllN2RhMmUyMWQ3NmE2OTczNmRmMTI5ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKrxsmAgmo0S3hh5oDskdYOdU49F
igdSWAHkj1uVa+e+LJ/qtpUNIkepMtCSh5l/0gISuKM6EsJ7zJ75dtsnbQaQnopb
wfOoiTWEOhDevO5gkswdxaSE3qkXB/+jrZ1sGbBkKz9kB+MlcU4o469T1yiJ6I2I
m7i/326RKE0HME4T3s/LNwfSjZPISMhdkxwzbrya4Nu2G1jWy1JjnZIKtBUjGChA
ZkktARkhm1ATyksmOWS2QqNnOuSW9203tPrTxcTrCTE0LZjobpTlevVRAOr+SE/d
4dtTpA0Cie/a2L1EJMvqQrlU4rDorfMk5GLhsikN/O9ZgPFVu1XeS2YE6QIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFGn4nPLnkK6efaLiHXamlzbfEp37MB8GA1UdIwQY
MBaAFPobJHjf4PM6J4sT9C3TGWAdY3ioMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oc2tlTl9nOHpvbml4UDBMZE1aWUIxamVLZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgy
LTJhMWNjZTdkMmM2NS8xL2FmaWM4dWVRcnA1OW91SWRkcWFYTnQ4U25mcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgyLTJhMWNjZTdkMmM2
NS8xLzEtaHNrZU5fZzh6b25peFAwTGRNWllCMWplS2cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MBoEAgABMBQwDAMEA1fv
CAMEAFfvCgMEAlfvDDAfBAIAAjAZAwcAIAEGeAagAwcAIAEGeAvkAwUDKhPaQDAN
BgkqhkiG9w0BAQsFAAOCAQEADGPVj+Mnk7z5NQqJ1MyJQ8t4tt/H628X1HYjNpPv
5RAmDRF0ojOLWpN5nJuiz1uWx0qiJk6BsgC/CABshAMkWlJ7jItHndsFBNYzcg3q
8ZKFEKkDyxcM28dPieJdiT8MQvMYZJDgk/UY0Cx3GPmh7NoA+n+kDRhwin7OXktm
5b87JGjSzOFUGd9WrN2PpkQ1HYTfItOi1DoJ6YqKsv7r7qaIV7F4R76F6jh49bIU
BsTze8dvi0Oy8IZgHLzheq/gmDMXZ8Lpq8bEjiTpflGCTeM9aRKLM5L3X9axSBg7
telmldCxCxG2vq2x/t9I1Q5qs4dP8ZewrzmQWWCXq4Xz/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:26 2024 by rpki-client on console-ams.rpki-client.org