Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/Xo2A-5dfV7_wVwV8h2kLYyIf4T0.roa
File: Xo2A-5dfV7_wVwV8h2kLYyIf4T0.roa (raw, json)
Hash identifier: IHM4v6JtbEnid9ABGFmqJxrS6EqW6cLJ3khS9hG6wTU=
Subject key identifier: 5E:8D:80:FB:97:5F:57:BF:F0:57:05:7C:87:69:0B:63:22:1F:E1:3D
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 018CC2DB6640FE71084918E636A335028AAA
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/Xo2A-5dfV7_wVwV8h2kLYyIf4T0.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201703
IP address blocks: 87.248.130.0/24 maxlen: 24
87.248.133.0/24 maxlen: 24
87.248.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 19:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:66:40:fe:71:08:49:18:e6:36:a3:35:02:8a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e8d80fb975f57bff057057c87690b63221fe13d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3e:6c:eb:38:54:4f:58:cd:14:29:85:e6:76:
f0:b0:26:d7:a7:5d:69:5d:dd:33:8c:12:ee:ec:24:
e0:fb:10:df:34:4d:81:2c:9d:23:0e:49:b6:06:8a:
b9:68:bb:3f:86:3c:e1:44:5e:43:c1:e4:7c:6b:a1:
b1:cd:c7:a5:5d:d2:9e:67:f0:42:e5:96:08:f9:a6:
04:95:89:9a:5f:8b:07:c3:ae:9e:5c:6a:21:7b:5f:
e2:15:e5:a1:c8:00:f6:7c:08:e8:1f:0c:a0:4d:b9:
d6:31:1a:b9:30:50:04:ae:cf:f9:3a:5a:f4:b4:bb:
6a:a6:ee:09:3f:04:35:19:0b:95:73:f2:7f:36:72:
42:51:61:60:15:9d:7d:78:d4:93:a6:13:d2:70:b8:
4e:07:2d:1d:05:7c:06:4a:3e:f9:25:46:5a:d2:3c:
dd:af:71:8e:8a:01:72:85:18:61:a4:e2:46:67:04:
4c:e7:76:20:f1:6f:5c:ed:53:dd:f7:2d:02:27:25:
43:14:67:7e:3f:17:80:f0:7d:8f:bf:4b:e9:f7:49:
10:6e:64:75:a6:5c:20:da:b0:a3:e0:73:e3:81:91:
4c:1c:e1:97:fb:71:b9:66:5b:a4:dd:fd:c3:d2:ce:
12:1e:21:4e:8c:41:c0:79:c8:04:1a:bf:b7:18:0a:
df:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8D:80:FB:97:5F:57:BF:F0:57:05:7C:87:69:0B:63:22:1F:E1:3D
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/Xo2A-5dfV7_wVwV8h2kLYyIf4T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.130.0/24
87.248.133.0/24
87.248.151.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:6a:0b:80:49:3e:9c:18:16:94:01:e3:c3:09:8f:e5:4e:48:
f4:73:a9:b9:e2:cc:2f:ac:2c:7f:05:a5:47:a6:16:cf:90:8d:
6b:5c:05:f5:73:93:9d:f2:fa:37:fe:78:9f:6c:d7:14:ef:1f:
58:1d:a9:31:0b:d5:bc:47:4a:2e:12:1f:88:a8:48:30:cf:88:
24:1c:26:04:78:4f:30:18:88:45:b4:54:44:e9:b6:f8:6e:65:
dc:ea:ac:d3:de:8c:1e:42:a4:b2:51:a7:58:3f:6f:48:fa:4a:
e7:ff:73:f2:3c:ef:e9:da:da:da:89:69:82:0b:06:cf:9e:14:
23:d4:15:8a:e7:41:b4:31:77:86:8e:87:ef:67:2d:5e:e1:9d:
81:a5:a4:68:ca:63:fb:ee:de:11:2e:14:75:cc:ad:cf:d2:81:
e6:49:c9:64:51:b9:08:7c:3b:c0:d5:0a:97:b9:7b:6a:19:8e:
b6:a1:79:93:b9:ff:8b:7c:94:d8:43:2b:e7:15:77:c8:b8:e5:
b0:de:2f:e0:d9:69:f8:30:49:df:cd:b7:c2:68:b3:24:16:53:
5e:36:fd:7a:1c:0b:d2:1e:67:34:ab:76:b9:ff:ce:ba:d4:36:
d8:88:73:87:54:0e:aa:a1:3c:f4:07:95:92:10:38:93:d2:d6:
30:7f:ea:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC22ZA/nEISRjmNqM1AoqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZThkODBmYjk3NWY1N2JmZjA1NzA1N2M4NzY5MGI2MzIyMWZlMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT5s6zhUT1jNFCmF5nbwsCbXp11p
Xd0zjBLu7CTg+xDfNE2BLJ0jDkm2Boq5aLs/hjzhRF5DweR8a6GxzcelXdKeZ/BC
5ZYI+aYElYmaX4sHw66eXGohe1/iFeWhyAD2fAjoHwygTbnWMRq5MFAErs/5Olr0
tLtqpu4JPwQ1GQuVc/J/NnJCUWFgFZ19eNSTphPScLhOBy0dBXwGSj75JUZa0jzd
r3GOigFyhRhhpOJGZwRM53Yg8W9c7VPd9y0CJyVDFGd+PxeA8H2Pv0vp90kQbmR1
plwg2rCj4HPjgZFMHOGX+3G5Zluk3f3D0s4SHiFOjEHAecgEGr+3GArfqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF6NgPuXX1e/8FcFfIdpC2MiH+E9MB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvWG8yQS01ZGZWN193VndWOGgya0xZeUlmNFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/iCAwQA
V/iFAwQAV/iXMA0GCSqGSIb3DQEBCwUAA4IBAQCraguAST6cGBaUAePDCY/lTkj0
c6m54swvrCx/BaVHphbPkI1rXAX1c5Od8vo3/nifbNcU7x9YHakxC9W8R0ouEh+I
qEgwz4gkHCYEeE8wGIhFtFRE6bb4bmXc6qzT3oweQqSyUadYP29I+krn/3PyPO/p
2traiWmCCwbPnhQj1BWK50G0MXeGjofvZy1e4Z2BpaRoymP77t4RLhR1zK3P0oHm
SclkUbkIfDvA1QqXuXtqGY62oXmTuf+LfJTYQyvnFXfIuOWw3i/g2Wn4MEnfzbfC
aLMkFlNeNv16HAvSHmc0q3a5/8661DbYiHOHVA6qoTz0B5WSEDiT0tYwf+q9
-----END CERTIFICATE-----
Generated at Sat Jan 20 22:48:22 2024 by rpki-client on console-fra.rpki-client.org