Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/b07e58-f93a-4d5f-b92d-6016d5c05f30/1/aKjTKaUFOUOUuXDS-E9c_Bfd_FQ.roa
File: aKjTKaUFOUOUuXDS-E9c_Bfd_FQ.roa (raw, json)
Hash identifier: N86FKIQNEI8nOADoP9tRsjhW4n0wpKTNYFzHADafKlA=
Subject key identifier: 68:A8:D3:29:A5:05:39:43:94:B9:70:D2:F8:4F:5C:FC:17:DD:FC:54
Certificate issuer: /CN=6107e2e2e8171d319da1bc64b36c3c985e646c2a
Certificate serial: 019225927804F6459AB443E1D4FA30BF3E8B
Authority key identifier: 61:07:E2:E2:E8:17:1D:31:9D:A1:BC:64:B3:6C:3C:98:5E:64:6C:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YQfi4ugXHTGdobxks2w8mF5kbCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/b07e58-f93a-4d5f-b92d-6016d5c05f30/1/aKjTKaUFOUOUuXDS-E9c_Bfd_FQ.roa
Signing time: Tue 24 Sep 2024 19:46:48 +0000
ROA not before: Tue 24 Sep 2024 19:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215089
IP address blocks: 185.87.254.0/24 maxlen: 24
185.87.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 12:25:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:25:92:78:04:f6:45:9a:b4:43:e1:d4:fa:30:bf:3e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6107e2e2e8171d319da1bc64b36c3c985e646c2a
Validity
Not Before: Sep 24 19:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68a8d329a505394394b970d2f84f5cfc17ddfc54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:76:61:a9:a1:a0:c4:9c:6d:06:fd:ba:bc:61:
76:3c:92:98:b4:69:cb:7f:4e:08:ba:aa:67:1b:c8:
83:1d:2a:f2:07:fc:10:1c:cc:19:87:5b:eb:20:98:
35:cb:93:0e:a4:6a:bf:20:49:01:ca:2a:a2:1c:ee:
79:e4:52:93:c0:70:61:d0:67:28:fb:2a:15:ed:66:
78:89:fe:03:01:55:45:3b:cc:57:a6:36:18:ae:41:
8c:fa:57:ce:d7:c4:fa:a4:8f:92:67:26:b3:a7:65:
99:d2:0b:37:9d:fa:2c:f5:ee:58:76:d2:29:30:43:
0e:24:fb:3a:ad:85:c5:9e:a6:3e:35:c1:d9:5e:6b:
9d:71:28:94:64:9c:29:7e:a7:b1:b1:97:7c:de:37:
51:2d:8a:c3:19:a7:b6:e9:2f:b7:f2:26:9f:19:76:
e4:39:35:f3:be:f5:3a:48:a8:8a:8a:f7:aa:5e:13:
e3:76:ba:93:85:62:38:05:c6:2b:19:1e:df:39:c7:
b0:ee:bd:cf:72:a4:a5:cd:37:9d:f9:61:2c:69:4c:
a5:ea:20:c9:0b:10:8f:31:08:2d:28:88:6c:f9:76:
7c:af:00:6f:01:08:99:10:2c:e7:af:87:18:7c:ae:
2c:f7:44:ca:c8:c8:71:cd:d2:e1:29:7f:a9:b1:14:
b3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A8:D3:29:A5:05:39:43:94:B9:70:D2:F8:4F:5C:FC:17:DD:FC:54
X509v3 Authority Key Identifier:
keyid:61:07:E2:E2:E8:17:1D:31:9D:A1:BC:64:B3:6C:3C:98:5E:64:6C:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQfi4ugXHTGdobxks2w8mF5kbCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/b07e58-f93a-4d5f-b92d-6016d5c05f30/1/aKjTKaUFOUOUuXDS-E9c_Bfd_FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/b07e58-f93a-4d5f-b92d-6016d5c05f30/1/YQfi4ugXHTGdobxks2w8mF5kbCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.254.0/23
Signature Algorithm: sha256WithRSAEncryption
22:9c:c5:bc:45:22:66:9f:8e:32:38:3a:44:81:c4:87:0a:2b:
7f:f3:be:14:11:0e:26:88:11:15:4c:6c:3c:b5:51:16:80:7a:
a2:6c:f3:e2:38:71:cd:59:18:eb:22:97:36:b2:2c:c5:9a:88:
87:83:3e:b1:d5:48:a0:a3:ca:4d:27:b1:97:f9:ee:16:37:31:
5f:59:1c:38:71:0c:0b:5e:ce:b0:fe:12:48:16:2c:0a:45:49:
71:14:65:29:f7:c1:85:6b:cf:29:1f:c1:44:70:db:3a:5d:c4:
37:d6:80:ee:4a:34:07:44:3f:57:52:c9:37:41:c4:45:61:9f:
ba:75:6d:e0:0c:fb:5f:8f:9f:93:0c:3c:3a:c1:ad:23:b6:6b:
5b:49:2b:86:f8:27:bc:0a:36:4b:68:15:94:cc:01:92:0b:00:
85:ba:b0:47:c3:a8:6e:ee:ff:fb:6f:e6:a8:ec:fb:12:97:2a:
52:7a:58:83:0d:a2:d1:49:69:4d:f3:53:13:78:38:98:83:ac:
fb:42:34:fb:ec:d4:8d:9b:2e:7d:9f:5a:57:09:f1:18:7b:aa:
8e:09:5c:b5:71:b5:7a:70:f8:c5:6d:2c:e9:ec:c5:82:61:04:
bc:40:d2:56:e5:a9:90:f9:11:91:31:7f:c8:72:20:6f:bf:2d:
f5:63:59:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIlkngE9kWatEPh1Powvz6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMDdlMmUyZTgxNzFkMzE5ZGExYmM2NGIzNmMzYzk4NWU2
NDZjMmEwHhcNMjQwOTI0MTk0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGE4ZDMyOWE1MDUzOTQzOTRiOTcwZDJmODRmNWNmYzE3ZGRmYzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXZhqaGgxJxtBv26vGF2PJKYtGnL
f04IuqpnG8iDHSryB/wQHMwZh1vrIJg1y5MOpGq/IEkByiqiHO555FKTwHBh0Gco
+yoV7WZ4if4DAVVFO8xXpjYYrkGM+lfO18T6pI+SZyazp2WZ0gs3nfos9e5YdtIp
MEMOJPs6rYXFnqY+NcHZXmudcSiUZJwpfqexsZd83jdRLYrDGae26S+38iafGXbk
OTXzvvU6SKiKiveqXhPjdrqThWI4BcYrGR7fOcew7r3PcqSlzTed+WEsaUyl6iDJ
CxCPMQgtKIhs+XZ8rwBvAQiZECznr4cYfK4s90TKyMhxzdLhKX+psRSzEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGio0ymlBTlDlLlw0vhPXPwX3fxUMB8GA1UdIwQY
MBaAFGEH4uLoFx0xnaG8ZLNsPJheZGwqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVFmaTR1Z1hIVEdkb2J4a3MydzhtRjVrYkNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iMDdlNTgtZjkzYS00ZDVmLWI5MmQt
NjAxNmQ1YzA1ZjMwLzEvYUtqVEthVUZPVU9VdVhEUy1FOWNfQmZkX0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iMDdlNTgtZjkzYS00ZDVmLWI5MmQtNjAxNmQ1YzA1ZjMw
LzEvWVFmaTR1Z1hIVEdkb2J4a3MydzhtRjVrYkNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVf+MA0G
CSqGSIb3DQEBCwUAA4IBAQAinMW8RSJmn44yODpEgcSHCit/874UEQ4miBEVTGw8
tVEWgHqibPPiOHHNWRjrIpc2sizFmoiHgz6x1Uigo8pNJ7GX+e4WNzFfWRw4cQwL
Xs6w/hJIFiwKRUlxFGUp98GFa88pH8FEcNs6XcQ31oDuSjQHRD9XUsk3QcRFYZ+6
dW3gDPtfj5+TDDw6wa0jtmtbSSuG+Ce8CjZLaBWUzAGSCwCFurBHw6hu7v/7b+ao
7PsSlypSeliDDaLRSWlN81MTeDiYg6z7QjT77NSNmy59n1pXCfEYe6qOCVy1cbV6
cPjFbSzp7MWCYQS8QNJW5amQ+RGRMX/IciBvvy31Y1ka
-----END CERTIFICATE-----
Generated at Thu Nov 14 14:16:24 2024 by rpki-client on console-fra.rpki-client.org