Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/oaqCkOPAdeKTHG237loYy3sa8jk.roa
File: oaqCkOPAdeKTHG237loYy3sa8jk.roa (raw, json)
Hash identifier: DNYxcvUD5JvdvSOo8uilmso9cyhvwstEn3RcH2Cx/WQ=
Subject key identifier: A1:AA:82:90:E3:C0:75:E2:93:1C:6D:B7:EE:5A:18:CB:7B:1A:F2:39
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 01856C8A5BA4F6775D678DF51BDBBB170A43
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/oaqCkOPAdeKTHG237loYy3sa8jk.roa
Signing time: Sun 01 Jan 2023 08:54:44 +0000
ROA not before: Sun 01 Jan 2023 08:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 87.248.131.0/24 maxlen: 24
87.248.158.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:5b:a4:f6:77:5d:67:8d:f5:1b:db:bb:17:0a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Jan 1 08:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1aa8290e3c075e2931c6db7ee5a18cb7b1af239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b4:22:1b:77:53:ed:a2:4a:21:4a:65:4a:4a:
4a:e1:fc:74:6d:8f:d5:55:9e:19:cc:35:77:78:41:
6a:b5:c9:7a:ee:06:74:9f:54:b6:5f:b5:36:50:6f:
cd:31:ea:0d:2f:c2:45:9e:a9:39:53:c9:74:52:15:
b2:af:67:0c:1d:9d:5f:96:f6:f0:4d:0d:4f:ca:5e:
ac:8e:a8:89:5b:65:94:14:28:c9:9b:25:2a:f9:16:
9a:54:6c:d0:c6:56:a9:db:c8:8f:74:56:83:d8:06:
e4:4e:e9:48:f6:bf:25:c1:f8:94:df:86:8d:65:72:
51:95:bf:17:2b:0e:55:70:69:48:38:dd:24:d7:e6:
e4:c5:c2:aa:84:31:be:1e:e8:79:1b:70:9a:2f:c3:
1f:15:fc:4e:26:75:e7:c7:02:b5:10:25:74:48:c9:
ac:bf:64:53:25:e7:a4:c5:1f:39:33:97:ae:6f:12:
3e:84:d2:2e:fe:c9:ca:d4:45:1d:e4:54:76:81:c5:
ed:4f:a5:b2:dc:39:ca:81:eb:a5:6f:8b:43:36:11:
98:77:f2:73:47:98:0f:8f:ac:db:38:d8:62:79:d5:
f9:1b:07:31:32:c8:cb:37:1f:91:22:09:2f:42:85:
81:30:03:1e:8b:2e:53:c0:62:73:99:62:1e:22:2e:
ea:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:AA:82:90:E3:C0:75:E2:93:1C:6D:B7:EE:5A:18:CB:7B:1A:F2:39
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/oaqCkOPAdeKTHG237loYy3sa8jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.131.0/24
87.248.158.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:95:81:8e:ea:51:88:d9:11:ad:14:aa:ba:67:29:fc:c3:56:
69:be:4a:39:86:e5:9e:6e:89:98:79:eb:ea:20:0a:44:24:8c:
38:15:b3:98:65:1a:35:a7:40:d1:16:5b:31:32:42:a9:87:14:
29:c0:a6:54:2a:54:92:24:1b:ab:82:00:05:fb:b5:60:fa:0c:
3c:82:8f:a0:d0:ca:b8:f6:56:47:0b:7c:40:f9:ab:7c:8f:e3:
31:3d:59:2a:ee:68:f9:93:4e:5e:7d:2d:9d:2f:82:2d:c1:43:
7e:0a:75:01:92:d5:4b:6e:5d:86:25:ad:03:b1:2d:5b:b9:5c:
ee:f6:14:9c:cf:62:c8:da:9f:45:0a:17:44:68:59:f3:81:57:
a7:43:34:5b:e4:fb:97:f1:5e:35:f9:5d:10:68:aa:69:cf:39:
ce:d9:7e:25:38:48:41:37:08:ef:e4:7d:bf:06:3e:74:62:4c:
fb:b7:c4:f4:85:31:20:bc:f5:46:f1:eb:ee:94:36:19:1d:0c:
73:c4:44:c8:c8:4d:d9:7b:80:8a:92:c8:b4:96:2a:bc:3a:19:
67:d4:9c:b6:a8:84:37:7b:25:84:2f:82:fd:05:c4:65:00:a5:
90:78:94:5d:49:84:bc:1e:1e:f7:11:a0:02:df:00:51:8b:88:
18:45:67:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsiluk9nddZ431G9u7FwpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjMwMTAxMDg1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWFhODI5MGUzYzA3NWUyOTMxYzZkYjdlZTVhMThjYjdiMWFmMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7QiG3dT7aJKIUplSkpK4fx0bY/V
VZ4ZzDV3eEFqtcl67gZ0n1S2X7U2UG/NMeoNL8JFnqk5U8l0UhWyr2cMHZ1flvbw
TQ1Pyl6sjqiJW2WUFCjJmyUq+RaaVGzQxlap28iPdFaD2AbkTulI9r8lwfiU34aN
ZXJRlb8XKw5VcGlION0k1+bkxcKqhDG+Huh5G3CaL8MfFfxOJnXnxwK1ECV0SMms
v2RTJeekxR85M5eubxI+hNIu/snK1EUd5FR2gcXtT6Wy3DnKgeulb4tDNhGYd/Jz
R5gPj6zbONhiedX5GwcxMsjLNx+RIgkvQoWBMAMeiy5TwGJzmWIeIi7qPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKGqgpDjwHXikxxtt+5aGMt7GvI5MB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvb2FxQ2tPUEFkZUtUSEcyMzdsb1l5M3NhOGprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/iDAwQA
V/ieMA0GCSqGSIb3DQEBCwUAA4IBAQC2lYGO6lGI2RGtFKq6Zyn8w1Zpvko5huWe
bomYeevqIApEJIw4FbOYZRo1p0DRFlsxMkKphxQpwKZUKlSSJBurggAF+7Vg+gw8
go+g0Mq49lZHC3xA+at8j+MxPVkq7mj5k05efS2dL4ItwUN+CnUBktVLbl2GJa0D
sS1buVzu9hScz2LI2p9FChdEaFnzgVenQzRb5PuX8V41+V0QaKppzznO2X4lOEhB
Nwjv5H2/Bj50Ykz7t8T0hTEgvPVG8evulDYZHQxzxETIyE3Ze4CKksi0liq8Ohln
1Jy2qIQ3eyWEL4L9BcRlAKWQeJRdSYS8Hh73EaAC3wBRi4gYRWdA
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:19 2024 by rpki-client on console-fra.rpki-client.org