Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/c2c03e-56e1-403a-93de-e23ad799b1d1/1/M87-rTfW7tUSQ8wxVhDBA2Q-jc8.roa
File: M87-rTfW7tUSQ8wxVhDBA2Q-jc8.roa (raw, json)
Hash identifier: IeK/0BB+e5eA2bNgFcBj+zPoVVbw+yUqg2wxXdnofts=
Subject key identifier: 33:CE:FE:AD:37:D6:EE:D5:12:43:CC:31:56:10:C1:03:64:3E:8D:CF
Certificate issuer: /CN=81c11512eee8fed91c422f33b658d68bc34eb780
Certificate serial: 01860BF86008289B659B23E1B03200A426B4
Authority key identifier: 81:C1:15:12:EE:E8:FE:D9:1C:42:2F:33:B6:58:D6:8B:C3:4E:B7:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcEVEu7o_tkcQi8ztljWi8NOt4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/c2c03e-56e1-403a-93de-e23ad799b1d1/1/M87-rTfW7tUSQ8wxVhDBA2Q-jc8.roa
Signing time: Wed 01 Feb 2023 07:54:32 +0000
ROA not before: Wed 01 Feb 2023 07:54:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50625
IP address blocks: 178.212.160.0/21 maxlen: 21
94.232.216.0/21 maxlen: 21
192.162.172.0/24 maxlen: 24
192.162.173.0/24 maxlen: 24
192.162.174.0/24 maxlen: 24
192.162.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0b:f8:60:08:28:9b:65:9b:23:e1:b0:32:00:a4:26:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c11512eee8fed91c422f33b658d68bc34eb780
Validity
Not Before: Feb 1 07:54:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33cefead37d6eed51243cc315610c103643e8dcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:41:4a:1d:b5:5f:a2:4f:a1:c4:d3:4d:8c:bf:
44:32:b9:e2:0c:3c:28:b2:fa:ad:4c:78:54:07:a2:
c3:50:e6:71:3f:ab:9a:14:49:62:f5:8b:a6:17:06:
02:bb:c3:7d:5a:31:c6:c3:15:48:fc:63:39:42:e7:
e4:18:3e:b3:08:dd:92:88:4c:53:b4:7e:41:73:f4:
b3:87:a1:24:b3:ea:bc:fe:7e:bb:07:00:e6:d1:80:
8c:6c:70:fd:3e:78:bc:e8:23:b6:4e:aa:79:e6:7d:
fa:ef:ae:9b:06:68:cb:fb:d3:ae:f1:7e:0c:c1:24:
eb:8f:24:b2:bf:a9:4c:9c:d9:5f:9f:cd:5f:4e:f7:
48:54:d3:31:a7:f2:a4:c0:6b:79:58:16:fd:e0:25:
de:2a:79:0a:9e:93:05:21:a7:53:d2:e1:43:80:6d:
9b:8c:f8:e5:f0:f8:4e:be:38:7c:a5:04:3f:aa:b7:
b1:19:f7:ed:85:b0:fe:eb:fc:15:e5:d9:41:a4:10:
5b:ed:94:44:74:cb:c6:73:62:d0:e5:58:26:26:3a:
d3:d0:a7:a6:e4:17:31:0a:4b:29:4a:96:b3:3c:9b:
4b:54:ee:a9:28:10:8b:e3:08:9d:ef:a0:f7:87:05:
65:85:fe:1f:f6:f7:c1:cc:ab:30:b2:8e:ee:6c:e3:
be:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:CE:FE:AD:37:D6:EE:D5:12:43:CC:31:56:10:C1:03:64:3E:8D:CF
X509v3 Authority Key Identifier:
keyid:81:C1:15:12:EE:E8:FE:D9:1C:42:2F:33:B6:58:D6:8B:C3:4E:B7:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcEVEu7o_tkcQi8ztljWi8NOt4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/c2c03e-56e1-403a-93de-e23ad799b1d1/1/M87-rTfW7tUSQ8wxVhDBA2Q-jc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/c2c03e-56e1-403a-93de-e23ad799b1d1/1/gcEVEu7o_tkcQi8ztljWi8NOt4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.216.0/21
178.212.160.0/21
192.162.172.0/22
Signature Algorithm: sha256WithRSAEncryption
15:1d:c0:fe:dd:31:8c:8b:2d:b7:83:b1:db:ec:ae:49:b4:98:
33:3e:ab:75:e1:e5:69:32:f5:aa:48:90:97:8b:6b:20:02:42:
02:9a:88:4f:ce:44:86:8a:78:98:ed:b9:22:b2:9e:5f:5a:a8:
7a:c7:d3:3a:2b:70:8e:37:29:da:bc:41:32:09:6a:bc:ca:34:
cb:08:84:c2:24:84:8d:01:23:ae:5e:b3:bc:cb:ee:40:70:4e:
50:7e:37:11:99:9c:71:a3:71:66:71:08:33:f8:0e:b4:7a:0e:
a6:b8:47:a4:6e:b2:82:8f:80:a1:8f:0f:44:6b:db:ba:ba:c0:
38:16:9d:5b:11:4e:c1:d5:f9:15:d7:1d:a7:29:02:c1:a4:68:
6b:26:cf:12:5a:f5:9e:e2:70:86:15:82:7a:81:87:7d:26:db:
6c:d2:0a:e8:c0:08:c1:2b:36:5b:d8:46:18:21:c0:bf:3a:42:
f6:5a:81:ed:06:35:98:c4:b6:1c:92:f7:d2:0d:ba:9f:9f:0a:
3d:c0:7d:02:d5:bd:14:dc:1d:d5:37:85:a9:60:ee:97:19:a8:
99:7e:4e:15:08:1a:11:46:ed:23:67:47:67:65:de:60:d5:61:
59:bc:55:2b:c5:a3:b4:f9:d8:94:f5:d4:b7:18:cc:83:20:b2:
f6:33:0b:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYL+GAIKJtlmyPhsDIApCa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzExNTEyZWVlOGZlZDkxYzQyMmYzM2I2NThkNjhiYzM0
ZWI3ODAwHhcNMjMwMjAxMDc1NDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2NlZmVhZDM3ZDZlZWQ1MTI0M2NjMzE1NjEwYzEwMzY0M2U4ZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kFKHbVfok+hxNNNjL9EMrniDDwo
svqtTHhUB6LDUOZxP6uaFEli9YumFwYCu8N9WjHGwxVI/GM5QufkGD6zCN2SiExT
tH5Bc/Szh6Eks+q8/n67BwDm0YCMbHD9Pni86CO2Tqp55n36766bBmjL+9Ou8X4M
wSTrjySyv6lMnNlfn81fTvdIVNMxp/KkwGt5WBb94CXeKnkKnpMFIadT0uFDgG2b
jPjl8PhOvjh8pQQ/qrexGffthbD+6/wV5dlBpBBb7ZREdMvGc2LQ5VgmJjrT0Kem
5BcxCkspSpazPJtLVO6pKBCL4wid76D3hwVlhf4f9vfBzKswso7ubOO+6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDPO/q031u7VEkPMMVYQwQNkPo3PMB8GA1UdIwQY
MBaAFIHBFRLu6P7ZHEIvM7ZY1ovDTreAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NFVkV1N29fdGtjUWk4enRsaldpOE5PdDRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9jMmMwM2UtNTZlMS00MDNhLTkzZGUt
ZTIzYWQ3OTliMWQxLzEvTTg3LXJUZlc3dFVTUTh3eFZoREJBMlEtamM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9jMmMwM2UtNTZlMS00MDNhLTkzZGUtZTIzYWQ3OTliMWQx
LzEvZ2NFVkV1N29fdGtjUWk4enRsaldpOE5PdDRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXujYAwQD
stSgAwQCwKKsMA0GCSqGSIb3DQEBCwUAA4IBAQAVHcD+3TGMiy23g7Hb7K5JtJgz
Pqt14eVpMvWqSJCXi2sgAkICmohPzkSGiniY7bkisp5fWqh6x9M6K3CONynavEEy
CWq8yjTLCITCJISNASOuXrO8y+5AcE5QfjcRmZxxo3FmcQgz+A60eg6muEekbrKC
j4Chjw9Ea9u6usA4Fp1bEU7B1fkV1x2nKQLBpGhrJs8SWvWe4nCGFYJ6gYd9Jtts
0growAjBKzZb2EYYIcC/OkL2WoHtBjWYxLYckvfSDbqfnwo9wH0C1b0U3B3VN4Wp
YO6XGaiZfk4VCBoRRu0jZ0dnZd5g1WFZvFUrxaO0+diU9dS3GMyDILL2Mwti
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:13 2024 by rpki-client on console-ams.rpki-client.org