Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/z0LTesNpI_ClF3rwamGztxApzqI.roa
File: z0LTesNpI_ClF3rwamGztxApzqI.roa (raw, json)
Hash identifier: 2ZkwaF9/M/FUZxrXVUNAZQq4h4i/ee0i3hhUgMvQhMk=
Subject key identifier: CF:42:D3:7A:C3:69:23:F0:A5:17:7A:F0:6A:61:B3:B7:10:29:CE:A2
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 018AB8A68C688E3D4643B29C67DDADCC234C
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/z0LTesNpI_ClF3rwamGztxApzqI.roa
Signing time: Thu 21 Sep 2023 16:50:37 +0000
ROA not before: Thu 21 Sep 2023 16:50:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208161
IP address blocks: 87.248.138.0/24 maxlen: 24
87.248.139.0/24 maxlen: 24
87.248.152.0/23 maxlen: 24
87.248.150.0/24 maxlen: 24
87.248.155.0/24 maxlen: 24
87.248.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b8:a6:8c:68:8e:3d:46:43:b2:9c:67:dd:ad:cc:23:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Sep 21 16:50:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf42d37ac36923f0a5177af06a61b3b71029cea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5c:44:02:d1:76:b5:53:af:10:67:ab:c4:7e:
b5:39:43:6e:2f:b3:78:76:cd:0d:c5:6a:49:5f:35:
ed:c9:ea:87:47:1b:ec:6f:e5:1c:e5:7c:69:e4:0c:
c0:8a:6c:66:c8:0d:30:e1:d8:e1:4e:2b:0b:c0:73:
70:17:fe:73:71:06:ff:d7:4a:5e:45:61:79:21:cb:
de:b5:06:26:c9:0b:22:f1:c9:ec:53:06:e7:d4:3b:
18:ef:ad:8f:f7:06:55:d7:70:f8:cf:d5:ef:a3:39:
90:a8:4f:f1:a3:21:ba:5e:06:62:11:98:f2:f5:52:
5c:ce:4c:a5:31:cd:98:47:91:2e:dc:50:35:94:71:
49:7c:8c:8d:d9:57:8d:20:bf:1c:a8:27:b9:ef:cf:
5e:e3:c6:f7:cc:6f:f0:08:d2:db:8d:09:5f:c2:a4:
95:ba:c6:8c:45:c6:26:02:28:75:bb:e9:04:30:64:
59:66:4d:07:cf:be:b9:3a:ef:d2:ef:6b:a1:0a:30:
8e:39:fd:f1:89:85:8c:2a:09:8b:ae:5f:94:e8:62:
e1:40:d4:f2:40:13:39:49:58:fb:d5:71:0f:0e:65:
c1:c4:9f:78:b6:5f:a6:bb:9a:ed:9f:d6:cf:01:cf:
24:3f:b6:58:59:0b:61:24:e0:b7:06:20:2e:72:e8:
4e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:42:D3:7A:C3:69:23:F0:A5:17:7A:F0:6A:61:B3:B7:10:29:CE:A2
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/z0LTesNpI_ClF3rwamGztxApzqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.138.0/23
87.248.150.0/24
87.248.152.0/23
87.248.155.0-87.248.156.255
Signature Algorithm: sha256WithRSAEncryption
7d:93:11:7d:39:d9:3c:35:a3:01:3e:2a:ea:06:9c:cd:7b:e5:
a8:88:9f:ae:44:07:9e:7c:3a:1f:d8:2a:f7:3d:92:7d:dc:69:
c0:24:4d:7f:67:d7:d1:f0:50:ae:42:95:0f:63:d5:22:53:f7:
3b:b7:69:80:88:ee:bd:f7:f2:e4:86:56:f4:2e:23:f6:b6:36:
1b:31:d5:89:66:f3:77:b6:75:e9:b0:e1:62:f0:c8:b4:8f:f3:
19:ec:5c:a6:a6:91:52:d6:24:12:8b:80:8e:c4:da:09:0d:94:
0e:e6:4e:48:51:b4:43:96:53:06:51:ea:08:3a:b1:60:86:5c:
95:f9:a6:e8:48:f3:09:b0:85:59:51:b5:8f:60:46:80:f1:09:
36:32:10:96:e8:c7:ca:89:6e:99:ab:2d:da:14:bf:13:80:86:
86:b6:c6:52:9d:cf:29:13:84:2d:29:65:f7:74:d7:3a:09:12:
a5:16:9f:92:fe:c3:e6:f8:71:fb:ac:57:c1:30:d5:96:9f:3a:
be:0e:4f:38:d7:bc:c9:df:ed:a5:69:05:a2:50:61:43:1d:89:
ef:ad:34:9c:a1:ec:5e:3e:b9:4f:24:1b:2f:a5:f6:4f:40:3e:
28:4e:22:bf:ad:c3:a7:f0:59:d6:d6:6e:b1:80:e3:ab:cc:92:
77:a9:44:c6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYq4poxojj1GQ7KcZ92tzCNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjMwOTIxMTY1MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjQyZDM3YWMzNjkyM2YwYTUxNzdhZjA2YTYxYjNiNzEwMjljZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklxEAtF2tVOvEGerxH61OUNuL7N4
ds0NxWpJXzXtyeqHRxvsb+Uc5Xxp5AzAimxmyA0w4djhTisLwHNwF/5zcQb/10pe
RWF5IcvetQYmyQsi8cnsUwbn1DsY762P9wZV13D4z9XvozmQqE/xoyG6XgZiEZjy
9VJczkylMc2YR5Eu3FA1lHFJfIyN2VeNIL8cqCe5789e48b3zG/wCNLbjQlfwqSV
usaMRcYmAih1u+kEMGRZZk0Hz765Ou/S72uhCjCOOf3xiYWMKgmLrl+U6GLhQNTy
QBM5SVj71XEPDmXBxJ94tl+mu5rtn9bPAc8kP7ZYWQthJOC3BiAucuhOAwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFM9C03rDaSPwpRd68Gphs7cQKc6iMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvejBMVGVzTnBJX0NsRjNyd2FtR3p0eEFwenFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBV/iKAwQA
V/iWAwQBV/iYMAwDBABX+JsDBABX+JwwDQYJKoZIhvcNAQELBQADggEBAH2TEX05
2Tw1owE+KuoGnM175aiIn65EB558Oh/YKvc9kn3cacAkTX9n19HwUK5ClQ9j1SJT
9zu3aYCI7r338uSGVvQuI/a2Nhsx1Ylm83e2demw4WLwyLSP8xnsXKamkVLWJBKL
gI7E2gkNlA7mTkhRtEOWUwZR6gg6sWCGXJX5puhI8wmwhVlRtY9gRoDxCTYyEJbo
x8qJbpmrLdoUvxOAhoa2xlKdzykThC0pZfd01zoJEqUWn5L+w+b4cfusV8Ew1Zaf
Or4OTzjXvMnf7aVpBaJQYUMdie+tNJyh7F4+uU8kGy+l9k9APihOIr+tw6fwWdbW
brGA46vMknepRMY=
-----END CERTIFICATE-----
Generated at Fri Sep 22 13:07:47 2023 by rpki-client on console-ams.rpki-client.org