Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/xIdM-11SggOSHMzvL0fUHOXPd5c.roa
File: xIdM-11SggOSHMzvL0fUHOXPd5c.roa (raw, json)
Hash identifier: 5QetW5/a0bJtrQ+bOkWO7UXHWjqFUKf9OugSps8hPsg=
Subject key identifier: C4:87:4C:FB:5D:52:82:03:92:1C:CC:EF:2F:47:D4:1C:E5:CF:77:97
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 018DF000004FBDD1488EB794CFE889FDD770
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/xIdM-11SggOSHMzvL0fUHOXPd5c.roa
Signing time: Wed 28 Feb 2024 13:55:48 +0000
ROA not before: Wed 28 Feb 2024 13:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216383
IP address blocks: 87.248.129.0/24 maxlen: 24
87.248.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 06:23:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:00:00:4f:bd:d1:48:8e:b7:94:cf:e8:89:fd:d7:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Feb 28 13:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4874cfb5d528203921cccef2f47d41ce5cf7797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:17:b6:e0:f6:56:01:f9:bc:5c:e2:34:79:e4:
61:8f:69:36:ab:c4:13:1b:f2:05:b3:54:05:60:15:
51:2e:d1:fd:77:e2:31:b4:5c:03:ba:17:64:96:7d:
f2:3d:f0:b7:2b:18:06:54:7d:c4:80:c3:d7:4b:87:
ff:3f:56:07:89:05:26:2b:de:b5:c3:a8:7b:d4:31:
a8:ed:59:e5:c2:4a:34:d4:64:ac:5a:67:f9:90:b3:
94:a1:96:b2:6b:06:2e:e7:f8:05:d8:df:37:3f:d5:
07:bd:f3:39:35:3e:47:98:a6:13:5b:dd:9e:fe:1d:
81:e8:a5:ec:f5:9a:43:36:ff:21:fe:48:5e:2b:d0:
cf:27:a2:d8:54:01:a5:f8:78:bb:42:93:26:47:a3:
64:b7:ff:57:bb:c7:9e:18:7e:52:d9:64:0e:b7:a1:
15:61:d9:f3:00:70:ee:e6:b8:8b:31:e9:0c:f8:ec:
6b:cb:7b:f1:b2:da:cc:20:d2:ba:e8:7b:d6:ed:f9:
5c:8f:23:fa:e3:a6:17:c8:89:7d:b1:74:27:8b:75:
f5:12:9f:60:be:5c:0b:59:1f:41:d6:cf:86:0c:e4:
a7:d2:83:e8:50:77:82:09:c1:d7:73:27:91:d4:59:
9d:26:60:62:a5:43:d6:71:3f:7d:17:ed:09:ef:d8:
df:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:87:4C:FB:5D:52:82:03:92:1C:CC:EF:2F:47:D4:1C:E5:CF:77:97
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/xIdM-11SggOSHMzvL0fUHOXPd5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.129.0/24
87.248.145.0/24
Signature Algorithm: sha256WithRSAEncryption
52:5d:7e:48:ce:ad:a2:9c:92:6e:12:b8:0e:48:aa:97:91:d8:
f0:60:31:66:58:bd:ee:8e:ba:12:f6:61:19:e0:9e:f8:aa:b7:
e4:1a:26:93:71:91:52:34:c9:63:5b:2b:bc:35:42:a2:5b:70:
53:09:1d:76:c8:37:10:99:d6:1a:3d:91:6c:b2:98:26:bf:9c:
e0:9e:59:a1:67:99:22:f4:eb:f3:a4:a5:c0:ae:5b:8e:82:46:
04:dc:b4:4a:09:ae:12:e3:8e:d0:3b:63:29:56:d8:f7:e5:71:
ff:2c:ec:eb:7c:fc:cd:e5:96:59:c2:21:da:e1:f3:8d:25:6a:
2a:66:e9:17:9b:9f:54:57:00:96:c9:24:eb:1b:ba:45:6d:3f:
af:d3:34:0b:9d:36:cd:e4:6d:9a:f0:87:b1:62:49:eb:69:9b:
dd:a0:1b:97:42:d4:42:8d:2f:f5:1d:30:f0:f6:44:89:31:26:
a8:44:5b:2a:9b:bc:c2:24:ee:b5:3d:e5:f5:ad:fd:3a:1c:66:
44:e0:b1:d5:7c:6a:53:f0:e9:54:ca:56:bf:f7:bd:64:ee:20:
b4:71:7e:9b:b9:87:44:a9:73:b1:04:20:00:7c:61:9a:95:c4:
36:99:43:d8:74:55:6e:eb:52:2d:5c:88:97:cb:ff:65:6c:09:
de:f7:10:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3wAABPvdFIjreUz+iJ/ddwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjQwMjI4MTM1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDg3NGNmYjVkNTI4MjAzOTIxY2NjZWYyZjQ3ZDQxY2U1Y2Y3Nzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxe24PZWAfm8XOI0eeRhj2k2q8QT
G/IFs1QFYBVRLtH9d+IxtFwDuhdkln3yPfC3KxgGVH3EgMPXS4f/P1YHiQUmK961
w6h71DGo7Vnlwko01GSsWmf5kLOUoZayawYu5/gF2N83P9UHvfM5NT5HmKYTW92e
/h2B6KXs9ZpDNv8h/kheK9DPJ6LYVAGl+Hi7QpMmR6Nkt/9Xu8eeGH5S2WQOt6EV
YdnzAHDu5riLMekM+Oxry3vxstrMINK66HvW7flcjyP646YXyIl9sXQni3X1Ep9g
vlwLWR9B1s+GDOSn0oPoUHeCCcHXcyeR1FmdJmBipUPWcT99F+0J79jfzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMSHTPtdUoIDkhzM7y9H1Bzlz3eXMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEveElkTS0xMVNnZ09TSE16dkwwZlVIT1hQZDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/iBAwQA
V/iRMA0GCSqGSIb3DQEBCwUAA4IBAQBSXX5Izq2inJJuErgOSKqXkdjwYDFmWL3u
jroS9mEZ4J74qrfkGiaTcZFSNMljWyu8NUKiW3BTCR12yDcQmdYaPZFsspgmv5zg
nlmhZ5ki9OvzpKXArluOgkYE3LRKCa4S447QO2MpVtj35XH/LOzrfPzN5ZZZwiHa
4fONJWoqZukXm59UVwCWySTrG7pFbT+v0zQLnTbN5G2a8IexYknraZvdoBuXQtRC
jS/1HTDw9kSJMSaoRFsqm7zCJO61PeX1rf06HGZE4LHVfGpT8OlUyla/971k7iC0
cX6buYdEqXOxBCAAfGGalcQ2mUPYdFVu61ItXIiXy/9lbAne9xCz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:27 2024 by rpki-client on console-ams.rpki-client.org