Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/v68R7ncqJHu0NP9TCEQnE1lnK_8.roa
File: v68R7ncqJHu0NP9TCEQnE1lnK_8.roa (raw, json)
Hash identifier: 3DYC9SgEyX1Kr/7wjAVQSciDDW/zp7XBrIt68WOjkQY=
Subject key identifier: BF:AF:11:EE:77:2A:24:7B:B4:34:FF:53:08:44:27:13:59:67:2B:FF
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 01856C8A5F6BADFFD627D7E156D04A297EF9
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/v68R7ncqJHu0NP9TCEQnE1lnK_8.roa
Signing time: Sun 01 Jan 2023 08:54:45 +0000
ROA not before: Sun 01 Jan 2023 08:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211415
IP address blocks: 87.248.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:5f:6b:ad:ff:d6:27:d7:e1:56:d0:4a:29:7e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Jan 1 08:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfaf11ee772a247bb434ff530844271359672bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:51:fc:fa:05:19:a7:b4:8e:f2:1f:5f:f4:8a:
c6:10:72:11:e7:f9:85:b3:33:b8:fd:90:5a:66:be:
22:de:10:90:72:5c:bd:9e:6c:a4:82:5c:26:2d:ba:
24:b5:af:82:0f:c2:c8:9a:bd:8f:4a:05:f8:6b:e9:
34:10:4f:78:68:99:d3:a9:e9:95:3d:44:83:64:5c:
83:6f:15:8c:0b:bf:b5:f5:59:ad:ec:cd:77:b5:24:
f3:53:cb:f3:fd:aa:59:6d:4c:84:bf:9c:8e:3d:24:
05:40:f5:e4:d0:76:ef:61:ad:24:e9:dc:57:df:a3:
5b:65:6b:19:bd:8e:a3:31:41:5f:82:86:a4:96:5d:
ad:25:00:25:e1:f6:a8:63:c9:f9:41:6f:07:e7:d3:
9f:c2:27:f8:b2:77:cd:2a:85:63:21:53:1f:0d:07:
2e:25:b9:be:f3:fd:4d:0c:0e:89:7c:4e:f5:33:10:
cb:0c:a6:6a:8e:5e:55:51:16:4a:cc:8c:98:43:f1:
e2:16:9a:32:0a:34:1c:74:1f:78:d2:9b:bf:99:56:
c4:9f:bd:82:22:87:e4:29:7f:03:0f:16:73:db:3c:
02:9f:05:c1:11:85:f0:ac:53:a4:99:70:6d:22:ee:
70:0c:d4:2d:25:95:fc:a2:34:05:b7:64:42:ee:a9:
ca:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:AF:11:EE:77:2A:24:7B:B4:34:FF:53:08:44:27:13:59:67:2B:FF
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/v68R7ncqJHu0NP9TCEQnE1lnK_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.138.0/24
Signature Algorithm: sha256WithRSAEncryption
94:6e:a5:e8:bd:af:b9:f8:a2:f5:3c:f7:24:45:be:44:f6:aa:
1a:4f:c6:f1:ff:0e:66:a9:d0:c0:b4:26:76:0e:53:bb:5e:7e:
db:04:13:c0:f6:48:e5:ce:6a:2c:f5:8a:ce:bc:79:2c:23:2f:
38:ac:7f:96:1e:19:8b:3c:27:f5:5c:36:24:be:9e:05:0f:51:
63:70:d2:c7:38:c4:cc:d9:5a:f0:e1:67:8e:88:7a:d7:ba:88:
03:ac:1b:c0:d7:27:e0:98:e4:c9:8d:d4:00:84:7b:fd:8c:03:
85:d0:54:4e:9c:89:14:30:53:41:c2:58:a1:e6:60:ca:e9:75:
e0:97:b6:f0:56:93:97:9b:57:fc:63:ad:8e:c9:fb:c2:3d:35:
fd:57:1a:2c:cd:43:96:c3:d4:af:cd:f1:f5:aa:3b:3a:99:f9:
8c:58:b8:c3:45:cc:d7:86:1f:ea:a1:40:9f:5e:71:0f:65:79:
76:11:e6:58:dd:35:f0:6a:53:a9:b6:64:57:bb:df:26:8a:95:
46:21:ef:4b:6e:a3:c7:1a:cc:4b:5e:d9:e6:bc:36:d4:5d:3e:
d9:06:21:31:46:14:dd:9a:c7:fe:e7:56:1f:25:b1:63:b2:19:
db:a3:02:37:be:74:c1:48:fc:55:1e:77:2a:4a:d7:93:63:42:
f8:98:59:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsil9rrf/WJ9fhVtBKKX75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjMwMTAxMDg1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmFmMTFlZTc3MmEyNDdiYjQzNGZmNTMwODQ0MjcxMzU5NjcyYmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlH8+gUZp7SO8h9f9IrGEHIR5/mF
szO4/ZBaZr4i3hCQcly9nmykglwmLbokta+CD8LImr2PSgX4a+k0EE94aJnTqemV
PUSDZFyDbxWMC7+19Vmt7M13tSTzU8vz/apZbUyEv5yOPSQFQPXk0HbvYa0k6dxX
36NbZWsZvY6jMUFfgoakll2tJQAl4faoY8n5QW8H59Ofwif4snfNKoVjIVMfDQcu
Jbm+8/1NDA6JfE71MxDLDKZqjl5VURZKzIyYQ/HiFpoyCjQcdB940pu/mVbEn72C
IofkKX8DDxZz2zwCnwXBEYXwrFOkmXBtIu5wDNQtJZX8ojQFt2RC7qnKIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL+vEe53KiR7tDT/UwhEJxNZZyv/MB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvdjY4UjduY3FKSHUwTlA5VENFUW5FMWxuS184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/iKMA0G
CSqGSIb3DQEBCwUAA4IBAQCUbqXova+5+KL1PPckRb5E9qoaT8bx/w5mqdDAtCZ2
DlO7Xn7bBBPA9kjlzmos9YrOvHksIy84rH+WHhmLPCf1XDYkvp4FD1FjcNLHOMTM
2Vrw4WeOiHrXuogDrBvA1yfgmOTJjdQAhHv9jAOF0FROnIkUMFNBwlih5mDK6XXg
l7bwVpOXm1f8Y62OyfvCPTX9VxoszUOWw9SvzfH1qjs6mfmMWLjDRczXhh/qoUCf
XnEPZXl2EeZY3TXwalOptmRXu98mipVGIe9LbqPHGsxLXtnmvDbUXT7ZBiExRhTd
msf+51YfJbFjshnbowI3vnTBSPxVHncqSteTY0L4mFnp
-----END CERTIFICATE-----
Generated at Mon Sep 11 12:39:37 2023 by rpki-client on console-ams.rpki-client.org