Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/hcEzjs53f3IFzdrWPdvVJz9wvqo.roa
File: hcEzjs53f3IFzdrWPdvVJz9wvqo.roa (raw, json)
Hash identifier: Fp09DAmFuDR0UrJ0Denc9uPni9GnmO/4IfIgwRxgH7I=
Subject key identifier: 85:C1:33:8E:CE:77:7F:72:05:CD:DA:D6:3D:DB:D5:27:3F:70:BE:AA
Certificate issuer: /CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8
Certificate serial: 018A8E85D52186DB1927B8711544F83281C9
Authority key identifier: FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/hcEzjs53f3IFzdrWPdvVJz9wvqo.roa
Signing time: Wed 13 Sep 2023 12:30:50 +0000
ROA not before: Wed 13 Sep 2023 12:30:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207647
IP address blocks: 87.239.9.0/24 maxlen: 24
87.239.8.0/24 maxlen: 24
87.239.10.0/24 maxlen: 24
87.239.12.0/24 maxlen: 24
87.239.15.0/24 maxlen: 24
87.239.14.0/24 maxlen: 24
87.239.13.0/24 maxlen: 24
2001:678:6a0::/48 maxlen: 48
2a13:da40::/29 maxlen: 29
2001:678:be4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Sep 2023 12:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:85:d5:21:86:db:19:27:b8:71:15:44:f8:32:81:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8
Validity
Not Before: Sep 13 12:30:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85c1338ece777f7205cddad63ddbd5273f70beaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ec:c0:b3:2b:6d:6e:68:34:b5:c9:76:3d:ff:
f7:7e:4b:bc:a6:a0:90:80:eb:40:71:6f:f1:6a:7e:
2c:4a:81:a8:e3:1e:14:3d:e5:59:a1:0d:ed:34:ef:
0d:9b:72:89:a0:84:4f:0f:ae:01:29:78:46:38:a8:
30:ab:6a:ec:ec:74:10:1c:b2:02:be:02:8c:7d:50:
49:a3:0f:a4:b1:89:29:2c:31:ec:71:c8:c3:e7:d2:
5d:4c:12:99:89:06:ef:2f:19:52:f5:11:ae:59:50:
32:82:42:97:10:b4:51:58:0e:da:04:e3:12:8e:2a:
27:1e:f6:76:c0:0b:4e:a7:aa:97:8b:ef:c4:da:8f:
e5:f0:0e:89:60:aa:5a:7c:58:70:13:35:71:f7:b7:
5f:f0:89:38:70:83:4a:dd:99:f4:95:8e:24:ea:44:
47:c1:18:58:4b:07:83:b0:8b:98:f5:67:cf:15:d7:
49:93:30:b1:25:2e:e1:c3:75:a7:34:f0:7d:62:14:
8d:bd:c5:a7:bd:b6:9e:3a:7c:64:eb:6b:62:12:6f:
61:db:3a:63:a9:71:59:3b:ee:d7:5c:40:1c:8f:62:
3a:6a:a3:c0:84:8d:49:a7:f6:94:67:f7:1a:73:1f:
01:e1:2d:be:92:d2:13:e7:d6:bf:7c:e1:ce:43:08:
79:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C1:33:8E:CE:77:7F:72:05:CD:DA:D6:3D:DB:D5:27:3F:70:BE:AA
X509v3 Authority Key Identifier:
keyid:FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/hcEzjs53f3IFzdrWPdvVJz9wvqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-hskeN_g8zonixP0LdMZYB1jeKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.8.0-87.239.10.255
87.239.12.0/22
IPv6:
2001:678:6a0::/48
2001:678:be4::/48
2a13:da40::/29
Signature Algorithm: sha256WithRSAEncryption
61:ed:33:1c:5f:89:3d:55:c7:75:08:53:9e:91:c1:2a:4f:a9:
4e:09:f4:80:33:0e:f4:9a:89:c7:73:8a:e5:ca:93:36:e2:4d:
20:c6:76:56:6d:e4:3c:7d:a0:27:86:36:e0:6c:63:85:8b:3a:
ee:27:06:a3:99:5e:e4:97:70:b5:88:8f:45:e6:b4:5f:63:64:
30:7e:d7:a4:2c:2e:27:8e:a2:c7:47:95:7a:36:23:45:29:9e:
07:38:36:8b:a5:f0:78:e2:5c:c4:6e:a3:72:c8:bc:3c:96:ca:
e9:76:8e:3c:be:4e:aa:f2:dd:c3:4c:b8:61:b8:9c:bd:82:be:
04:01:98:c4:ed:a7:b0:05:ad:a2:9c:5c:c8:a6:60:f2:94:fc:
f0:cf:1a:6c:93:f9:5c:75:eb:c2:3e:45:89:00:91:43:75:da:
f4:1c:d1:18:91:06:2f:2b:c8:d6:39:8e:aa:b0:7a:60:38:61:
d1:4c:ca:4a:65:56:f0:70:9c:48:ab:5c:46:9c:8c:4e:6c:4e:
d9:7e:9b:f7:6d:ad:6c:0d:63:2f:dd:eb:f9:3a:4c:e4:3c:b4:
e7:08:92:31:95:4e:53:90:d8:2a:85:ca:8b:ee:76:b1:33:69:
dc:14:bc:b7:eb:eb:12:a7:5f:64:0e:9b:67:30:25:61:4e:e5:
07:61:b8:88
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYqOhdUhhtsZJ7hxFUT4MoHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMWIyNDc4ZGZlMGYzM2EyNzhiMTNmNDJkZDMxOTYwMWQ2
Mzc4YTgwHhcNMjMwOTEzMTIzMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWMxMzM4ZWNlNzc3ZjcyMDVjZGRhZDYzZGRiZDUyNzNmNzBiZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArezAsyttbmg0tcl2Pf/3fku8pqCQ
gOtAcW/xan4sSoGo4x4UPeVZoQ3tNO8Nm3KJoIRPD64BKXhGOKgwq2rs7HQQHLIC
vgKMfVBJow+ksYkpLDHsccjD59JdTBKZiQbvLxlS9RGuWVAygkKXELRRWA7aBOMS
jionHvZ2wAtOp6qXi+/E2o/l8A6JYKpafFhwEzVx97df8Ik4cINK3Zn0lY4k6kRH
wRhYSweDsIuY9WfPFddJkzCxJS7hw3WnNPB9YhSNvcWnvbaeOnxk62tiEm9h2zpj
qXFZO+7XXEAcj2I6aqPAhI1Jp/aUZ/cacx8B4S2+ktIT59a/fOHOQwh5VQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFIXBM47Od39yBc3a1j3b1Sc/cL6qMB8GA1UdIwQY
MBaAFPobJHjf4PM6J4sT9C3TGWAdY3ioMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oc2tlTl9nOHpvbml4UDBMZE1aWUIxamVLZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgy
LTJhMWNjZTdkMmM2NS8xL2hjRXpqczUzZjNJRnpkcldQZHZWSno5d3Zxby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgyLTJhMWNjZTdkMmM2
NS8xLzEtaHNrZU5fZzh6b25peFAwTGRNWllCMWplS2cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MBoEAgABMBQwDAMEA1fv
CAMEAFfvCgMEAlfvDDAfBAIAAjAZAwcAIAEGeAagAwcAIAEGeAvkAwUDKhPaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAYe0zHF+JPVXHdQhTnpHBKk+pTgn0gDMO9JqJx3OK
5cqTNuJNIMZ2Vm3kPH2gJ4Y24GxjhYs67icGo5le5JdwtYiPRea0X2NkMH7XpCwu
J46ix0eVejYjRSmeBzg2i6XweOJcxG6jcsi8PJbK6XaOPL5OqvLdw0y4YbicvYK+
BAGYxO2nsAWtopxcyKZg8pT88M8abJP5XHXrwj5FiQCRQ3Xa9BzRGJEGLyvI1jmO
qrB6YDhh0UzKSmVW8HCcSKtcRpyMTmxO2X6b922tbA1jL93r+TpM5Dy05wiSMZVO
U5DYKoXKi+52sTNp3BS8t+vrEqdfZA6bZzAlYU7lB2G4iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:27 2024 by rpki-client on console-ams.rpki-client.org