Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/STBD31OgS4jmVb9wZjXxNZkk-ys.roa
File: STBD31OgS4jmVb9wZjXxNZkk-ys.roa (raw, json)
Hash identifier: KZY6C+IDNqy63Y8JsCGNQpdM5Gr8DsFv0ZlREAO6xlQ=
Subject key identifier: 49:30:43:DF:53:A0:4B:88:E6:55:BF:70:66:35:F1:35:99:24:FB:2B
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 018954E5C5F9F72235232CAE9768F470B9A3
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/STBD31OgS4jmVb9wZjXxNZkk-ys.roa
Signing time: Fri 14 Jul 2023 14:54:51 +0000
ROA not before: Fri 14 Jul 2023 14:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.248.130.0/24 maxlen: 24
87.248.133.0/24 maxlen: 24
87.248.151.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:e5:c5:f9:f7:22:35:23:2c:ae:97:68:f4:70:b9:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Jul 14 14:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=493043df53a04b88e655bf706635f1359924fb2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d4:7e:17:d2:10:3b:25:92:ac:68:5e:8d:f4:
11:ae:2b:b7:a7:b1:b9:e4:45:35:81:ea:9e:c7:5c:
85:56:cd:4d:bf:40:98:8c:4e:1b:99:09:6e:27:02:
a1:f1:60:1c:9e:ba:9f:52:fe:54:b3:c1:04:0d:72:
f3:b2:f6:81:22:83:49:fb:b5:98:61:0e:20:58:c7:
13:00:4d:ab:83:0d:a0:97:8e:d2:32:51:32:53:23:
26:d7:cb:2f:be:a8:3c:50:ed:96:48:7e:7e:77:fb:
a8:40:04:e6:10:e7:b7:2b:2a:28:00:f6:c3:b4:fa:
d3:60:66:28:17:c9:3f:2f:18:3f:11:2d:cc:47:4b:
13:ba:91:f5:14:ff:ff:5c:b5:49:7a:2f:6c:fd:b6:
9e:65:0b:79:95:89:3a:cf:ce:c9:7c:4b:5b:1c:d6:
94:93:e2:7b:7c:61:fa:da:7b:6c:06:fa:07:df:c6:
c7:ca:89:7c:66:9e:9b:7e:3f:c2:81:38:65:bc:07:
98:0c:3d:cb:8a:16:b0:fb:52:1c:40:71:46:21:38:
bc:87:7e:bf:3b:0f:44:41:da:a9:f0:1c:66:83:ec:
98:61:bc:dc:9c:93:7f:a8:8a:3e:b0:7f:a4:b8:09:
8b:de:4e:ff:02:35:66:61:ba:f0:5a:13:3e:4f:f6:
22:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:30:43:DF:53:A0:4B:88:E6:55:BF:70:66:35:F1:35:99:24:FB:2B
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/STBD31OgS4jmVb9wZjXxNZkk-ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.130.0/24
87.248.133.0/24
87.248.151.0/24
Signature Algorithm: sha256WithRSAEncryption
75:f9:7b:0d:0e:67:f3:18:e5:ba:36:bb:61:ba:b0:42:7b:06:
9e:f7:bd:66:94:fc:33:a7:64:d9:81:fc:0e:3a:71:87:2d:94:
2f:df:e5:4f:bc:03:9d:8b:cf:86:d9:ba:50:fa:ab:97:19:8d:
72:4c:32:3d:ee:5a:57:84:72:d0:05:47:3d:9e:5b:b0:c9:b2:
30:e7:dd:b5:46:f8:74:e1:f8:52:c9:d6:ce:13:1a:00:d7:4c:
7c:1e:ce:07:b6:f9:d4:b2:6b:a3:fd:38:af:3f:ba:f4:93:52:
70:25:b9:91:17:6e:b1:4f:98:fd:63:df:e3:c9:cd:78:d0:b4:
52:7b:b4:4e:b0:b3:06:68:f7:68:81:47:2c:d4:25:b9:ba:c1:
c3:b5:ec:c7:aa:4b:10:7b:0d:40:17:d3:5f:cb:14:e0:89:c2:
fe:76:55:f3:ea:12:95:93:e4:29:6f:3d:0b:87:28:93:de:64:
d7:b8:8e:27:fc:4c:83:4b:44:7a:d2:52:4c:f4:8c:c2:82:78:
4c:ff:47:b8:e2:d0:37:4b:27:bd:37:25:d2:ac:83:90:ee:85:
38:09:f2:40:e5:d7:e5:a1:ba:32:fa:75:9e:8d:a2:70:4f:74:
c8:c1:06:6e:d0:b5:a2:e0:6e:79:19:bd:a8:67:82:4a:b1:f5:
c0:71:08:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlU5cX59yI1Iyyul2j0cLmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjMwNzE0MTQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTMwNDNkZjUzYTA0Yjg4ZTY1NWJmNzA2NjM1ZjEzNTk5MjRmYjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtR+F9IQOyWSrGhejfQRriu3p7G5
5EU1geqex1yFVs1Nv0CYjE4bmQluJwKh8WAcnrqfUv5Us8EEDXLzsvaBIoNJ+7WY
YQ4gWMcTAE2rgw2gl47SMlEyUyMm18svvqg8UO2WSH5+d/uoQATmEOe3KyooAPbD
tPrTYGYoF8k/Lxg/ES3MR0sTupH1FP//XLVJei9s/baeZQt5lYk6z87JfEtbHNaU
k+J7fGH62ntsBvoH38bHyol8Zp6bfj/CgThlvAeYDD3Lihaw+1IcQHFGITi8h36/
Ow9EQdqp8Bxmg+yYYbzcnJN/qIo+sH+kuAmL3k7/AjVmYbrwWhM+T/YiUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEkwQ99ToEuI5lW/cGY18TWZJPsrMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvU1RCRDMxT2dTNGptVmI5d1pqWHhOWmtrLXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/iCAwQA
V/iFAwQAV/iXMA0GCSqGSIb3DQEBCwUAA4IBAQB1+XsNDmfzGOW6NrthurBCewae
971mlPwzp2TZgfwOOnGHLZQv3+VPvAOdi8+G2bpQ+quXGY1yTDI97lpXhHLQBUc9
nluwybIw5921Rvh04fhSydbOExoA10x8Hs4HtvnUsmuj/TivP7r0k1JwJbmRF26x
T5j9Y9/jyc140LRSe7ROsLMGaPdogUcs1CW5usHDtezHqksQew1AF9NfyxTgicL+
dlXz6hKVk+Qpbz0LhyiT3mTXuI4n/EyDS0R60lJM9IzCgnhM/0e44tA3Sye9NyXS
rIOQ7oU4CfJA5dfloboy+nWejaJwT3TIwQZu0LWi4G55Gb2oZ4JKsfXAcQgB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:09 2023 by rpki-client on console-ams.rpki-client.org