Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/352yGkplRHereStO0SrovzKR0vI.roa
File: 352yGkplRHereStO0SrovzKR0vI.roa (raw, json)
Hash identifier: n05m+wmO2SBCcJXt2uZTIGDZv5HiMoFojEIi1Z0DVp4=
Subject key identifier: DF:9D:B2:1A:4A:65:44:77:AB:79:2B:4E:D1:2A:E8:BF:32:91:D2:F2
Certificate issuer: /CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Certificate serial: 018CF84D8BB52E5DFAA08D9BACF0EF8D6A0D
Authority key identifier: 0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/352yGkplRHereStO0SrovzKR0vI.roa
Signing time: Thu 11 Jan 2024 11:34:40 +0000
ROA not before: Thu 11 Jan 2024 11:34:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22364
IP address blocks: 87.238.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 12:40:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:4d:8b:b5:2e:5d:fa:a0:8d:9b:ac:f0:ef:8d:6a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Validity
Not Before: Jan 11 11:34:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df9db21a4a654477ab792b4ed12ae8bf3291d2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e9:57:56:63:34:b1:f2:0a:a8:14:19:d9:d1:
82:0c:99:bc:04:e1:4d:d6:5d:2e:f7:3d:fe:8d:2f:
47:28:d8:4d:15:e9:e3:2e:69:91:d3:10:5a:88:4a:
e1:bb:97:18:67:51:f1:fd:81:38:f2:72:b8:20:86:
f4:ca:54:bc:85:a0:52:4d:dc:06:db:39:e6:0a:ad:
30:4d:c5:ba:2a:77:3f:e2:d7:3d:5b:4e:68:89:b7:
c8:2c:49:09:96:b7:54:8a:b5:04:9a:8e:46:43:3d:
3b:6f:0c:13:8e:6c:21:3a:d7:5b:2d:84:ad:d5:cd:
6d:d0:e7:b4:80:0e:83:49:bb:1d:d6:e5:db:1a:0f:
4b:de:33:8f:c4:50:0c:59:c1:9b:45:8e:fb:ad:0f:
f2:17:25:83:e9:bf:93:b8:6b:5c:ef:cd:4a:a6:2e:
66:9a:bd:e1:7c:71:49:23:69:28:21:a0:b0:42:a0:
22:f2:3c:ec:55:d2:a9:f3:1f:19:fb:a6:b9:b5:74:
c3:6d:12:e9:fc:e4:7c:fd:02:42:d0:26:fa:2c:42:
60:a1:0b:44:34:40:de:a2:c1:73:fc:ab:2d:b0:ac:
40:58:aa:a9:52:29:6d:de:9a:a3:d6:04:4c:b0:91:
66:90:43:c3:01:41:35:40:36:05:75:e2:a4:ef:fe:
e4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9D:B2:1A:4A:65:44:77:AB:79:2B:4E:D1:2A:E8:BF:32:91:D2:F2
X509v3 Authority Key Identifier:
keyid:0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/352yGkplRHereStO0SrovzKR0vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/C28enwlQ5POcnF_uP4aKJOs2HvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.243.0/24
Signature Algorithm: sha256WithRSAEncryption
be:f8:57:6e:54:7b:98:d2:3a:53:1f:56:66:e2:98:7b:90:42:
0f:1e:07:e9:02:17:62:1b:31:38:a5:62:0a:5b:fe:b2:40:52:
76:25:9f:d5:da:8f:ab:61:d7:b4:6b:6a:7e:1a:f9:fc:f0:8e:
3b:b0:6c:b4:1b:91:3b:15:21:a2:57:95:99:e9:cf:06:ba:1c:
5b:e9:24:1c:77:21:b1:48:fb:30:5b:49:f9:73:40:72:cc:e3:
24:db:ad:5e:84:6f:c4:0d:e9:33:9e:ec:c6:1d:77:27:34:6a:
7d:ab:16:65:85:28:a9:c0:db:bf:1a:b7:bf:c8:d2:43:b7:7d:
89:67:83:6f:98:df:5a:f9:67:77:48:65:16:d3:f3:70:70:dd:
e7:d6:01:2c:a2:5d:43:ab:e5:92:88:ec:24:d4:e8:a8:e2:3a:
83:36:28:2c:3d:03:6b:9b:dd:84:f4:8d:5d:ae:1f:93:c6:b0:
96:50:b6:f7:3f:47:6a:41:6c:9a:a2:58:85:3c:c9:70:98:b5:
20:39:0d:06:ae:ba:51:cb:80:cd:45:14:d9:9d:57:07:8b:75:
64:7f:be:71:26:c7:ee:ae:c4:e1:c2:9e:6b:fd:3a:71:8a:cc:
2c:cf:cb:7b:22:94:e4:74:59:70:92:d6:da:f7:20:3b:d5:b9:
78:f0:65:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz4TYu1Ll36oI2brPDvjWoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNmYxZTlmMDk1MGU0ZjM5YzljNWZlZTNmODY4YTI0ZWIz
NjFlZjEwHhcNMjQwMTExMTEzNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjlkYjIxYTRhNjU0NDc3YWI3OTJiNGVkMTJhZThiZjMyOTFkMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOlXVmM0sfIKqBQZ2dGCDJm8BOFN
1l0u9z3+jS9HKNhNFenjLmmR0xBaiErhu5cYZ1Hx/YE48nK4IIb0ylS8haBSTdwG
2znmCq0wTcW6Knc/4tc9W05oibfILEkJlrdUirUEmo5GQz07bwwTjmwhOtdbLYSt
1c1t0Oe0gA6DSbsd1uXbGg9L3jOPxFAMWcGbRY77rQ/yFyWD6b+TuGtc781Kpi5m
mr3hfHFJI2koIaCwQqAi8jzsVdKp8x8Z+6a5tXTDbRLp/OR8/QJC0Cb6LEJgoQtE
NEDeosFz/KstsKxAWKqpUilt3pqj1gRMsJFmkEPDAUE1QDYFdeKk7/7kBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+dshpKZUR3q3krTtEq6L8ykdLyMB8GA1UdIwQY
MBaAFAtvHp8JUOTznJxf7j+GiiTrNh7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAt
MDgxYmNiYWM0ZGFmLzEvMzUyeUdrcGxSSGVyZVN0TzBTcm92ektSMHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAtMDgxYmNiYWM0ZGFm
LzEvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+7zMA0G
CSqGSIb3DQEBCwUAA4IBAQC++FduVHuY0jpTH1Zm4ph7kEIPHgfpAhdiGzE4pWIK
W/6yQFJ2JZ/V2o+rYde0a2p+Gvn88I47sGy0G5E7FSGiV5WZ6c8Guhxb6SQcdyGx
SPswW0n5c0ByzOMk261ehG/EDekznuzGHXcnNGp9qxZlhSipwNu/Gre/yNJDt32J
Z4NvmN9a+Wd3SGUW0/NwcN3n1gEsol1Dq+WSiOwk1Oio4jqDNigsPQNrm92E9I1d
rh+TxrCWULb3P0dqQWyaoliFPMlwmLUgOQ0GrrpRy4DNRRTZnVcHi3Vkf75xJsfu
rsThwp5r/Tpxiswsz8t7IpTkdFlwktba9yA71bl48GU3
-----END CERTIFICATE-----
Generated at Thu Jan 11 18:10:22 2024 by rpki-client on console-fra.rpki-client.org