Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/Ij3yJcUWB9ATuius0dExT1COEkw.roa
File: Ij3yJcUWB9ATuius0dExT1COEkw.roa (raw, json)
Hash identifier: 2VFU3vUR7X2zwAzGA5XANJsnC8PG2cFkcsQeQsn9/xs=
Subject key identifier: 22:3D:F2:25:C5:16:07:D0:13:BA:2B:AC:D1:D1:31:4F:50:8E:12:4C
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 0189B5D11C7B1A4709DEA78D7C1B306199AD
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/Ij3yJcUWB9ATuius0dExT1COEkw.roa
Signing time: Wed 02 Aug 2023 10:35:27 +0000
ROA not before: Wed 02 Aug 2023 10:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 87.251.3.0/24 maxlen: 24
87.251.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Oct 2023 10:46:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:d1:1c:7b:1a:47:09:de:a7:8d:7c:1b:30:61:99:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Aug 2 10:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=223df225c51607d013ba2bacd1d1314f508e124c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b8:8e:2f:01:3b:fb:ac:89:d1:b9:0a:21:59:
a4:3f:82:b8:df:f7:fd:13:ce:c0:b7:51:dc:70:49:
b6:e0:af:8b:04:d6:59:89:44:1a:55:0a:9b:b1:c4:
ad:1b:45:86:c3:5f:56:57:73:d3:d2:0a:13:0e:79:
d6:2a:c1:22:14:fb:a9:b5:48:5e:48:c5:41:cc:ba:
7a:a2:25:24:bd:14:90:e7:60:e6:2a:b7:11:76:2b:
e9:04:d9:90:df:8b:cc:2e:a8:fc:a7:4c:64:a5:1a:
cd:b9:87:d9:f1:d5:ab:ee:41:4e:16:ef:26:7e:ab:
1d:b6:34:f4:f1:e5:f4:26:70:16:74:d8:09:c9:d4:
2a:3b:9f:c6:6e:02:9a:35:c9:89:3d:9f:d3:d1:8b:
06:0f:b2:1a:7f:04:33:7c:59:cc:41:e6:52:98:cf:
59:20:ee:8a:5b:2f:a8:42:12:87:44:5e:59:0a:15:
b7:57:60:d9:bf:b2:55:79:0a:0f:29:9f:08:ac:81:
73:68:7f:d1:ab:19:ef:17:ce:96:a5:85:d0:54:38:
83:82:6b:ee:c7:90:63:d6:f0:46:a5:f1:fe:59:3b:
c7:f3:19:9d:b0:96:ff:cc:b6:cd:f5:91:d1:14:9c:
1b:e8:b2:5f:ea:e0:8b:df:5c:e8:86:9c:98:9d:b1:
83:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3D:F2:25:C5:16:07:D0:13:BA:2B:AC:D1:D1:31:4F:50:8E:12:4C
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/Ij3yJcUWB9ATuius0dExT1COEkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.3.0/24
87.251.6.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:7d:37:e5:8b:86:48:cc:0a:e8:7c:9f:d7:db:f5:84:81:24:
a7:96:55:77:fa:3c:5c:25:20:74:57:35:07:42:bd:62:f3:05:
65:c4:48:0d:89:9d:5a:a1:66:aa:90:aa:27:37:65:3b:4e:12:
0f:f5:29:77:17:21:14:0d:ac:f1:e2:6d:c8:96:fc:93:8a:20:
53:a4:f6:c5:4e:7e:e2:a1:df:71:88:c7:5b:6c:41:96:4e:f3:
9a:66:cf:dd:3c:10:31:5f:50:24:17:a4:dd:ff:d5:3f:e4:20:
5c:16:d7:8b:00:0c:28:73:de:9c:56:3b:5a:60:af:43:f3:3e:
9c:a7:5c:be:20:b2:de:c4:fa:1c:59:5a:c4:1b:c3:b7:e4:13:
26:32:d1:b5:44:97:6a:36:03:8a:92:35:63:da:68:21:e2:54:
3c:f4:11:0b:67:6d:c4:26:1e:ed:25:8d:16:ec:d5:85:3e:fa:
91:27:2e:ae:89:a6:2e:d9:8f:f0:a0:61:5d:f4:f1:02:e4:3d:
66:d1:6f:56:42:92:ad:68:1b:a7:7f:5b:a2:05:70:93:61:05:
59:23:8b:9d:bd:60:d6:04:77:06:70:91:8e:17:0f:d0:77:15:
66:53:49:bb:b0:5e:06:90:b7:0d:ab:6e:66:82:c1:aa:67:98:
71:3e:f0:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm10Rx7GkcJ3qeNfBswYZmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjMwODAyMTAzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjNkZjIyNWM1MTYwN2QwMTNiYTJiYWNkMWQxMzE0ZjUwOGUxMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLiOLwE7+6yJ0bkKIVmkP4K43/f9
E87At1HccEm24K+LBNZZiUQaVQqbscStG0WGw19WV3PT0goTDnnWKsEiFPuptUhe
SMVBzLp6oiUkvRSQ52DmKrcRdivpBNmQ34vMLqj8p0xkpRrNuYfZ8dWr7kFOFu8m
fqsdtjT08eX0JnAWdNgJydQqO5/GbgKaNcmJPZ/T0YsGD7IafwQzfFnMQeZSmM9Z
IO6KWy+oQhKHRF5ZChW3V2DZv7JVeQoPKZ8IrIFzaH/RqxnvF86WpYXQVDiDgmvu
x5Bj1vBGpfH+WTvH8xmdsJb/zLbN9ZHRFJwb6LJf6uCL31zohpyYnbGD6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCI98iXFFgfQE7orrNHRMU9QjhJMMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvSWozeUpjVVdCOUFUdWl1czBkRXhUMUNPRWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/sDAwQA
V/sGMA0GCSqGSIb3DQEBCwUAA4IBAQCLfTfli4ZIzArofJ/X2/WEgSSnllV3+jxc
JSB0VzUHQr1i8wVlxEgNiZ1aoWaqkKonN2U7ThIP9Sl3FyEUDazx4m3IlvyTiiBT
pPbFTn7iod9xiMdbbEGWTvOaZs/dPBAxX1AkF6Td/9U/5CBcFteLAAwoc96cVjta
YK9D8z6cp1y+ILLexPocWVrEG8O35BMmMtG1RJdqNgOKkjVj2mgh4lQ89BELZ23E
Jh7tJY0W7NWFPvqRJy6uiaYu2Y/woGFd9PEC5D1m0W9WQpKtaBunf1uiBXCTYQVZ
I4udvWDWBHcGcJGOFw/QdxVmU0m7sF4GkLcNq25mgsGqZ5hxPvCL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:31 2024 by rpki-client on console-fra.rpki-client.org