Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/nHB89J3oTXlQV4EIT2pf2mvR0Js.roa
File: nHB89J3oTXlQV4EIT2pf2mvR0Js.roa (raw, json)
Hash identifier: Qjh5In1b6xbr5RZS6euLC+AefIyq0CjXZPFG2MoyJ1M=
Subject key identifier: 9C:70:7C:F4:9D:E8:4D:79:50:57:81:08:4F:6A:5F:DA:6B:D1:D0:9B
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 0186931B9B04735062C267634CC21D34502F
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/nHB89J3oTXlQV4EIT2pf2mvR0Js.roa
Signing time: Mon 27 Feb 2023 13:41:45 +0000
ROA not before: Mon 27 Feb 2023 13:41:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 87.248.130.0/24 maxlen: 24
87.248.133.0/24 maxlen: 24
87.248.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:1b:9b:04:73:50:62:c2:67:63:4c:c2:1d:34:50:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Feb 27 13:41:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c707cf49de84d79505781084f6a5fda6bd1d09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f9:f9:2d:e4:8f:9a:6f:de:76:38:85:6b:c8:
4e:9b:04:27:ee:d4:94:d4:3c:e1:fc:a9:db:57:7d:
d8:01:25:8d:44:dd:10:bf:58:30:0e:08:92:2f:46:
11:4e:29:6b:9f:d2:d8:4f:6f:b9:58:f2:e9:b0:fd:
f0:19:79:27:6c:0b:13:b4:0f:eb:22:98:34:0d:d9:
b6:cf:c7:36:19:63:be:5d:5a:a3:d8:59:a0:a9:94:
31:df:60:31:1a:bf:16:06:da:75:c4:6d:4a:b9:b3:
a5:0d:b1:93:45:b7:c2:45:21:25:23:1a:39:60:29:
96:33:5d:0f:13:3d:d7:09:b8:61:c6:33:f4:3d:d6:
f0:15:b4:06:7b:c3:01:5f:bc:5c:c6:f3:47:3d:1e:
d9:8d:f1:95:5a:9c:00:5e:1b:88:f4:dd:fd:9f:05:
38:c7:1f:df:4d:bc:cd:e1:9f:ff:c4:3f:3f:d7:66:
c4:fc:25:5d:1a:6f:fa:3c:e7:3f:f9:c3:ed:fe:f9:
c6:86:30:e4:5c:c4:d4:7f:4b:25:fb:6b:88:fb:eb:
50:ac:99:2b:75:33:58:98:f3:f2:d3:d3:be:a7:ae:
11:e8:4f:35:07:95:c7:86:df:96:bd:9e:4d:98:8a:
f6:b2:40:ba:93:7d:e8:13:f1:7b:dd:e5:0a:a1:64:
cf:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:70:7C:F4:9D:E8:4D:79:50:57:81:08:4F:6A:5F:DA:6B:D1:D0:9B
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/nHB89J3oTXlQV4EIT2pf2mvR0Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.130.0/24
87.248.133.0/24
87.248.157.0/24
Signature Algorithm: sha256WithRSAEncryption
53:6d:2b:e7:df:a7:53:ef:bc:31:4a:e1:08:c8:62:c4:f1:dc:
24:0b:df:67:83:5e:3f:7f:e7:eb:2c:6e:88:dd:d9:e3:f2:51:
70:a9:8d:af:7c:c5:d8:bf:87:30:f6:74:69:52:f5:15:d4:38:
61:e5:38:74:c3:25:21:2d:93:21:d0:2f:d9:63:7b:01:e7:db:
1c:00:71:cf:62:e6:73:15:fc:73:e9:b2:54:9c:05:e7:72:a2:
6d:a6:49:84:37:8a:29:76:e9:00:84:62:08:da:a2:fb:d8:ff:
4a:01:61:85:e4:ee:17:80:e4:95:b3:55:ed:c8:82:70:29:46:
4c:b6:fe:89:5c:7e:0c:21:13:d1:6f:c8:93:8e:ff:66:82:a0:
1f:73:d7:f7:19:9a:fc:11:08:55:52:22:74:3d:03:86:66:f9:
8e:59:1e:63:07:82:27:cd:48:8c:fb:96:7f:c3:b2:4a:fb:d9:
f8:cf:ca:df:29:1f:96:06:d0:48:0b:ac:cb:cc:d6:fc:d1:52:
bd:59:0a:33:71:a6:39:f1:64:4a:47:70:12:e6:e1:38:10:4c:
e8:5a:5a:b5:ae:87:f2:3a:53:70:5d:4f:8b:13:8b:15:36:b2:
57:df:7a:fe:7a:29:1a:ac:14:d2:da:bf:8e:02:ca:ed:12:43:
1d:a1:b9:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYaTG5sEc1BiwmdjTMIdNFAvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjMwMjI3MTM0MTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzcwN2NmNDlkZTg0ZDc5NTA1NzgxMDg0ZjZhNWZkYTZiZDFkMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/n5LeSPmm/edjiFa8hOmwQn7tSU
1Dzh/KnbV33YASWNRN0Qv1gwDgiSL0YRTilrn9LYT2+5WPLpsP3wGXknbAsTtA/r
Ipg0Ddm2z8c2GWO+XVqj2FmgqZQx32AxGr8WBtp1xG1KubOlDbGTRbfCRSElIxo5
YCmWM10PEz3XCbhhxjP0PdbwFbQGe8MBX7xcxvNHPR7ZjfGVWpwAXhuI9N39nwU4
xx/fTbzN4Z//xD8/12bE/CVdGm/6POc/+cPt/vnGhjDkXMTUf0sl+2uI++tQrJkr
dTNYmPPy09O+p64R6E81B5XHht+WvZ5NmIr2skC6k33oE/F73eUKoWTPuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJxwfPSd6E15UFeBCE9qX9pr0dCbMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvbkhCODlKM29UWGxRVjRFSVQycGYybXZSMEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/iCAwQA
V/iFAwQAV/idMA0GCSqGSIb3DQEBCwUAA4IBAQBTbSvn36dT77wxSuEIyGLE8dwk
C99ng14/f+frLG6I3dnj8lFwqY2vfMXYv4cw9nRpUvUV1Dhh5Th0wyUhLZMh0C/Z
Y3sB59scAHHPYuZzFfxz6bJUnAXncqJtpkmEN4opdukAhGII2qL72P9KAWGF5O4X
gOSVs1XtyIJwKUZMtv6JXH4MIRPRb8iTjv9mgqAfc9f3GZr8EQhVUiJ0PQOGZvmO
WR5jB4InzUiM+5Z/w7JK+9n4z8rfKR+WBtBIC6zLzNb80VK9WQozcaY58WRKR3AS
5uE4EEzoWlq1rofyOlNwXU+LE4sVNrJX33r+eikarBTS2r+OAsrtEkMdobnW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:09 2023 by rpki-client on console-ams.rpki-client.org