Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/1cEuE709V2F5Ks0XORcbwpJdueQ.roa
File: 1cEuE709V2F5Ks0XORcbwpJdueQ.roa (raw, json)
Hash identifier: 0b37VK5QShuaBDPv5OjtolS245tt0oNzPLv+afQ+7SA=
Subject key identifier: D5:C1:2E:13:BD:3D:57:61:79:2A:CD:17:39:17:1B:C2:92:5D:B9:E4
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 018D28660775D96B83374953888C4E98E04B
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/1cEuE709V2F5Ks0XORcbwpJdueQ.roa
Signing time: Sat 20 Jan 2024 19:43:11 +0000
ROA not before: Sat 20 Jan 2024 19:43:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208161
IP address blocks: 87.248.130.0/24 maxlen: 24
87.248.131.0/24 maxlen: 24
87.248.137.0/24 maxlen: 24
87.248.138.0/24 maxlen: 24
87.248.139.0/24 maxlen: 24
87.248.150.0/24 maxlen: 24
87.248.151.0/24 maxlen: 24
87.248.152.0/23 maxlen: 24
87.248.155.0/24 maxlen: 24
87.248.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 11:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:28:66:07:75:d9:6b:83:37:49:53:88:8c:4e:98:e0:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Jan 20 19:43:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5c12e13bd3d5761792acd1739171bc2925db9e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4a:ab:10:c7:e2:33:4e:5d:86:bd:12:85:9d:
df:13:cb:54:c8:6a:aa:f3:2b:92:0a:73:ad:82:6b:
85:25:95:87:ad:38:1a:b2:a8:ff:80:0f:63:46:c7:
6d:db:02:c5:79:29:07:fb:2a:77:0e:c1:10:2d:a3:
ef:be:de:4d:de:26:ff:32:48:8d:ed:45:b3:21:97:
bc:f8:46:d6:31:5e:3f:5e:c2:b0:40:bb:3f:c7:7c:
f2:b7:1e:9e:79:9b:83:db:23:e9:0d:0d:5f:6a:c4:
fe:f4:3d:3c:94:f7:8a:d4:27:7a:01:de:e2:95:0a:
e4:1b:0a:38:57:56:d5:a4:3b:d6:44:b7:1a:ae:4f:
18:97:45:6e:00:2e:ac:89:bd:60:11:db:5a:45:80:
f6:4c:5d:ae:ea:95:d9:73:12:80:39:51:83:79:c2:
1d:e1:8a:bf:23:c5:01:7d:8f:c7:9a:47:3a:9e:3a:
7e:69:d9:58:02:1c:ad:f8:c1:8b:bd:d9:90:00:72:
14:8f:f5:ac:47:34:8a:fe:96:7b:60:d0:01:19:36:
42:4e:35:c4:12:ee:f8:d1:38:b4:52:1e:86:9a:b2:
ae:13:06:26:03:0f:62:c2:e4:57:54:81:fa:0b:61:
de:83:4a:0f:ae:70:06:73:25:75:0b:9d:9e:d4:7b:
31:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C1:2E:13:BD:3D:57:61:79:2A:CD:17:39:17:1B:C2:92:5D:B9:E4
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/1cEuE709V2F5Ks0XORcbwpJdueQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.130.0/23
87.248.137.0-87.248.139.255
87.248.150.0-87.248.153.255
87.248.155.0-87.248.156.255
Signature Algorithm: sha256WithRSAEncryption
68:47:70:49:ba:73:92:6f:14:79:c8:f5:c1:55:e0:3e:bc:a9:
bd:5d:0e:29:06:d8:27:2c:d7:3b:3f:9d:8e:7f:ba:4e:ab:ca:
5f:81:5e:f7:58:ce:d5:a8:86:b2:b4:ff:bb:99:3b:66:c4:71:
5c:2c:54:61:5c:cf:3b:d7:02:1e:55:7b:08:f1:77:4b:d0:7a:
51:9e:b4:92:35:12:f6:6e:52:c9:bb:29:2d:1b:80:dc:ad:34:
b8:aa:18:2b:6a:1e:93:d9:7d:08:b8:28:af:f5:27:d4:4b:ff:
87:88:1f:92:64:17:23:e3:50:48:56:3a:e1:08:d4:c7:97:a5:
ff:8b:e8:0f:de:20:4a:8a:6b:46:9b:1d:ec:b0:b3:c9:ce:7f:
a0:9a:e7:47:70:b9:e0:02:4a:70:14:f5:9c:53:2d:49:40:fb:
20:03:79:8d:12:34:63:83:7b:58:18:d5:f4:f1:2a:22:36:05:
ab:0e:b7:e3:46:2b:fa:83:5b:4e:85:cb:94:86:e1:08:04:44:
b5:ed:01:33:d8:8e:74:c9:d3:b8:6b:d1:0b:91:0d:dc:f2:19:
04:20:59:6d:da:b4:56:50:c7:9e:d1:08:6d:77:5b:bb:bb:f1:
f3:b5:8a:45:11:eb:37:f0:a2:36:bc:42:d0:83:02:4e:58:1d:
b9:f7:19:ca
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY0oZgd12WuDN0lTiIxOmOBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjQwMTIwMTk0MzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWMxMmUxM2JkM2Q1NzYxNzkyYWNkMTczOTE3MWJjMjkyNWRiOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EqrEMfiM05dhr0ShZ3fE8tUyGqq
8yuSCnOtgmuFJZWHrTgasqj/gA9jRsdt2wLFeSkH+yp3DsEQLaPvvt5N3ib/MkiN
7UWzIZe8+EbWMV4/XsKwQLs/x3zytx6eeZuD2yPpDQ1fasT+9D08lPeK1Cd6Ad7i
lQrkGwo4V1bVpDvWRLcark8Yl0VuAC6sib1gEdtaRYD2TF2u6pXZcxKAOVGDecId
4Yq/I8UBfY/Hmkc6njp+adlYAhyt+MGLvdmQAHIUj/WsRzSK/pZ7YNABGTZCTjXE
Eu740Ti0Uh6GmrKuEwYmAw9iwuRXVIH6C2Heg0oPrnAGcyV1C52e1HsxHwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNXBLhO9PVdheSrNFzkXG8KSXbnkMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvMWNFdUU3MDlWMkY1S3MwWE9SY2J3cEpkdWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBV/iCMAwD
BABX+IkDBAJX+IgwDAMEAVf4lgMEAVf4mDAMAwQAV/ibAwQAV/icMA0GCSqGSIb3
DQEBCwUAA4IBAQBoR3BJunOSbxR5yPXBVeA+vKm9XQ4pBtgnLNc7P52Of7pOq8pf
gV73WM7VqIaytP+7mTtmxHFcLFRhXM871wIeVXsI8XdL0HpRnrSSNRL2blLJuykt
G4DcrTS4qhgrah6T2X0IuCiv9SfUS/+HiB+SZBcj41BIVjrhCNTHl6X/i+gP3iBK
imtGmx3ssLPJzn+gmudHcLngAkpwFPWcUy1JQPsgA3mNEjRjg3tYGNX08SoiNgWr
DrfjRiv6g1tOhcuUhuEIBES17QEz2I50ydO4a9ELkQ3c8hkEIFlt2rRWUMee0Qht
d1u7u/HztYpFEes38KI2vELQgwJOWB259xnK
-----END CERTIFICATE-----
Generated at Sun Jan 21 14:34:36 2024 by rpki-client on console-ams.rpki-client.org