Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/OLFFGCWO5f_GgduXIz3qfDHK_2k.roa
File: OLFFGCWO5f_GgduXIz3qfDHK_2k.roa (raw, json)
Hash identifier: VCGdFXQOJwBwgUQx7Bl5V9TWCMuuleZVeXPVDihi9lM=
Subject key identifier: 38:B1:45:18:25:8E:E5:FF:C6:81:DB:97:23:3D:EA:7C:31:CA:FF:69
Certificate issuer: /CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Certificate serial: 018CC72614F0E513629E35FEBAEE4B44522F
Authority key identifier: 0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/OLFFGCWO5f_GgduXIz3qfDHK_2k.roa
Signing time: Mon 01 Jan 2024 22:30:10 +0000
ROA not before: Mon 01 Jan 2024 22:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 87.238.243.0/24 maxlen: 24
87.238.242.0/24 maxlen: 24
87.238.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 08:45:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:14:f0:e5:13:62:9e:35:fe:ba:ee:4b:44:52:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Validity
Not Before: Jan 1 22:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38b14518258ee5ffc681db97233dea7c31caff69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8d:48:99:5c:d6:88:c2:b5:5e:a2:84:07:44:
d6:61:66:e7:67:9c:33:80:e8:1d:4b:62:94:5a:da:
16:46:47:96:aa:99:c7:ca:50:e7:08:19:c8:0b:c0:
fd:b9:f8:31:58:40:7f:30:f9:68:b1:7d:ac:7a:bf:
43:18:2f:03:16:85:15:88:bf:3d:1f:c7:26:60:c9:
b4:12:3c:6f:7c:8b:a1:8d:e4:2c:4b:15:21:c1:03:
b7:f4:89:b7:bf:8e:89:1c:7b:26:01:06:42:8c:8b:
2b:b1:64:6c:ae:3e:76:73:9c:09:13:34:a9:9f:ec:
86:31:a6:23:58:e3:a6:0a:95:06:34:c4:7f:7c:ed:
ca:ac:37:69:ab:59:65:07:80:5a:3a:34:66:64:1c:
1c:ed:79:67:aa:32:98:2d:09:ea:92:62:ff:c3:95:
94:f5:78:e7:76:c4:a9:f2:cf:e0:bd:45:c6:50:17:
77:ef:00:89:ed:53:91:80:1c:67:e7:08:1d:fb:48:
74:aa:ad:ae:89:f7:95:f2:c6:88:8f:14:8c:63:c8:
a6:35:f2:a9:69:0d:53:7a:84:61:18:0e:ff:db:db:
9d:b1:81:83:84:b2:bf:8f:ae:9a:64:ae:18:36:1c:
cd:2d:04:e8:2f:43:b4:31:d8:b7:28:1b:6a:89:84:
9d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B1:45:18:25:8E:E5:FF:C6:81:DB:97:23:3D:EA:7C:31:CA:FF:69
X509v3 Authority Key Identifier:
keyid:0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/OLFFGCWO5f_GgduXIz3qfDHK_2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/C28enwlQ5POcnF_uP4aKJOs2HvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.241.0-87.238.243.255
Signature Algorithm: sha256WithRSAEncryption
00:a8:e2:13:71:a5:b4:45:5e:52:9d:7d:72:e3:66:00:d5:ca:
f6:57:18:4b:47:83:be:e8:17:db:70:52:86:93:3b:67:b7:a1:
2c:d5:f1:79:93:be:4c:3c:22:3c:fc:7c:9d:42:4f:1f:0e:fa:
a7:37:2e:b1:72:24:88:e5:70:18:7f:02:00:5e:41:dd:eb:6d:
b5:2e:90:0f:4a:13:fd:c2:62:5e:41:7d:a5:3b:e6:44:1a:60:
e3:50:ea:46:29:eb:a9:62:1d:49:17:86:17:bf:10:a1:3c:b5:
2e:f9:da:80:ab:7b:3c:c9:4e:9e:ff:8b:98:08:65:a5:35:45:
7f:d5:c0:e1:63:75:50:76:a7:cb:7f:ad:62:1d:de:6f:f0:da:
65:a5:17:a8:2f:51:08:a3:8a:3c:3b:cc:0c:8d:21:44:52:89:
f5:ae:6f:30:bd:fe:77:d4:e2:fc:fe:a0:82:bb:08:be:31:ff:
07:55:20:93:bf:a1:e5:e3:23:61:98:0b:35:d7:bf:34:ef:9d:
ee:af:ea:57:30:52:d9:94:39:9d:ee:1b:87:3d:90:37:c5:c7:
d7:4d:e1:3c:c3:f4:89:08:5e:84:00:37:4c:58:c2:2f:3f:fb:
62:a6:4b:12:91:a9:e3:23:7c:80:bc:e4:a1:c1:22:d5:5c:a2:
45:2b:e3:78
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHJhTw5RNinjX+uu5LRFIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNmYxZTlmMDk1MGU0ZjM5YzljNWZlZTNmODY4YTI0ZWIz
NjFlZjEwHhcNMjQwMTAxMjIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGIxNDUxODI1OGVlNWZmYzY4MWRiOTcyMzNkZWE3YzMxY2FmZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu41ImVzWiMK1XqKEB0TWYWbnZ5wz
gOgdS2KUWtoWRkeWqpnHylDnCBnIC8D9ufgxWEB/MPlosX2ser9DGC8DFoUViL89
H8cmYMm0EjxvfIuhjeQsSxUhwQO39Im3v46JHHsmAQZCjIsrsWRsrj52c5wJEzSp
n+yGMaYjWOOmCpUGNMR/fO3KrDdpq1llB4BaOjRmZBwc7XlnqjKYLQnqkmL/w5WU
9XjndsSp8s/gvUXGUBd37wCJ7VORgBxn5wgd+0h0qq2uifeV8saIjxSMY8imNfKp
aQ1TeoRhGA7/29udsYGDhLK/j66aZK4YNhzNLQToL0O0Mdi3KBtqiYSd9wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDixRRgljuX/xoHblyM96nwxyv9pMB8GA1UdIwQY
MBaAFAtvHp8JUOTznJxf7j+GiiTrNh7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAt
MDgxYmNiYWM0ZGFmLzEvT0xGRkdDV081Zl9HZ2R1WEl6M3FmREhLXzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAtMDgxYmNiYWM0ZGFm
LzEvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABX7vED
BAJX7vAwDQYJKoZIhvcNAQELBQADggEBAACo4hNxpbRFXlKdfXLjZgDVyvZXGEtH
g77oF9twUoaTO2e3oSzV8XmTvkw8Ijz8fJ1CTx8O+qc3LrFyJIjlcBh/AgBeQd3r
bbUukA9KE/3CYl5BfaU75kQaYONQ6kYp66liHUkXhhe/EKE8tS752oCrezzJTp7/
i5gIZaU1RX/VwOFjdVB2p8t/rWId3m/w2mWlF6gvUQijijw7zAyNIURSifWubzC9
/nfU4vz+oIK7CL4x/wdVIJO/oeXjI2GYCzXXvzTvne6v6lcwUtmUOZ3uG4c9kDfF
x9dN4TzD9IkIXoQAN0xYwi8/+2KmSxKRqeMjfIC85KHBItVcokUr43g=
-----END CERTIFICATE-----
Generated at Wed Jan 10 13:27:09 2024 by rpki-client on console-fra.rpki-client.org