Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/fShDjgVIb9B5H28_JJvbz7n1GKc.roa
File: fShDjgVIb9B5H28_JJvbz7n1GKc.roa (raw, json)
Hash identifier: 1De208q2cBVsEQC8jRPEaJbVV0oixOomohYyxE96DxY=
Subject key identifier: 7D:28:43:8E:05:48:6F:D0:79:1F:6F:3F:24:9B:DB:CF:B9:F5:18:A7
Certificate issuer: /CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Certificate serial: 018CF889F7EF5DC5E7BC1BEFF90D9A243404
Authority key identifier: 0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/fShDjgVIb9B5H28_JJvbz7n1GKc.roa
Signing time: Thu 11 Jan 2024 12:40:40 +0000
ROA not before: Thu 11 Jan 2024 12:40:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22364
IP address blocks: 87.238.243.0/24 maxlen: 24
87.238.244.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 16 Feb 2024 00:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:89:f7:ef:5d:c5:e7:bc:1b:ef:f9:0d:9a:24:34:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Validity
Not Before: Jan 11 12:40:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d28438e05486fd0791f6f3f249bdbcfb9f518a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:95:d8:2c:31:22:88:c7:70:5a:3c:e9:be:5e:
92:5e:31:3e:13:f8:f5:48:9b:8e:84:61:41:ad:13:
5d:07:41:4a:9a:30:aa:fe:77:bb:9c:ea:a1:fe:b7:
42:2a:d8:fe:cb:ba:ea:8b:c3:6d:2e:1b:30:cd:3f:
87:5a:ab:fe:9a:3c:4b:36:06:42:45:e9:fc:3d:cb:
e0:96:03:0c:ac:24:2e:c2:08:6a:68:35:23:fc:bd:
a7:ca:b0:49:4c:36:c0:43:8b:45:f2:de:87:5d:3b:
05:ee:cb:87:98:71:9d:5a:1a:b9:9f:b6:bc:14:b5:
7d:93:14:3f:f0:c9:36:b1:2b:05:66:35:b5:57:36:
38:1c:92:59:15:53:5f:09:4f:84:b4:33:01:7d:57:
8d:22:93:2a:1f:84:64:d0:b2:70:4d:07:2d:4d:69:
e4:e6:89:db:60:42:e7:99:96:e7:ba:dd:ee:92:53:
36:37:5c:fb:85:cb:a9:00:5c:8b:07:d1:d2:79:af:
c7:2f:e7:b2:a8:2c:db:56:f1:78:e7:0d:6a:ea:40:
e6:39:56:5f:32:4a:ad:b5:2d:00:6c:47:2e:66:18:
58:89:8c:4a:3a:4f:a9:98:eb:6a:78:74:18:23:98:
87:03:de:4b:66:5d:87:bb:de:ac:df:84:27:1a:ea:
dc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:28:43:8E:05:48:6F:D0:79:1F:6F:3F:24:9B:DB:CF:B9:F5:18:A7
X509v3 Authority Key Identifier:
keyid:0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/fShDjgVIb9B5H28_JJvbz7n1GKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/C28enwlQ5POcnF_uP4aKJOs2HvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.243.0-87.238.245.255
Signature Algorithm: sha256WithRSAEncryption
60:05:16:9f:63:19:be:78:a4:07:b6:50:4f:c7:ca:be:cb:a2:
fd:64:d9:7e:47:c2:70:95:4c:5d:e0:cc:57:88:55:64:c1:52:
95:c5:d3:b8:74:89:03:85:cf:9e:6b:d2:cf:29:e1:94:34:22:
a3:82:3e:4e:a7:2c:57:1c:a4:88:b6:cd:a8:ce:16:7b:01:f5:
a4:35:90:d0:34:d4:34:51:38:58:65:dc:a0:0f:a4:9a:f2:ab:
74:ed:68:67:dc:4f:ce:5d:48:67:a7:c2:3d:d8:ca:98:11:63:
07:f5:54:60:b0:52:e6:0c:e4:c9:e9:5d:d4:35:ba:cc:54:ff:
bc:67:3e:1d:9a:e3:b0:c7:08:b3:5b:b3:5f:1c:b3:e6:cf:8f:
af:d3:95:0e:e8:7f:d0:24:72:2b:62:37:92:ed:a7:44:c3:53:
2a:46:03:b3:f0:84:89:07:1e:ae:20:ae:84:96:21:47:51:82:
2b:c0:ce:a2:93:dc:86:d6:3f:66:63:a1:0a:4a:bd:43:35:86:
84:88:51:f0:3f:a8:22:6e:f6:bd:0f:0f:bd:63:73:d1:f0:e2:
0b:6a:72:8a:1c:50:49:5e:75:d6:90:38:0d:b5:f6:22:45:df:
e2:4a:7c:3b:2e:8f:ac:af:df:32:5f:f7:ca:a9:20:67:9f:e4:
46:85:1c:1b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYz4iffvXcXnvBvv+Q2aJDQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNmYxZTlmMDk1MGU0ZjM5YzljNWZlZTNmODY4YTI0ZWIz
NjFlZjEwHhcNMjQwMTExMTI0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDI4NDM4ZTA1NDg2ZmQwNzkxZjZmM2YyNDliZGJjZmI5ZjUxOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJXYLDEiiMdwWjzpvl6SXjE+E/j1
SJuOhGFBrRNdB0FKmjCq/ne7nOqh/rdCKtj+y7rqi8NtLhswzT+HWqv+mjxLNgZC
Ren8PcvglgMMrCQuwghqaDUj/L2nyrBJTDbAQ4tF8t6HXTsF7suHmHGdWhq5n7a8
FLV9kxQ/8Mk2sSsFZjW1VzY4HJJZFVNfCU+EtDMBfVeNIpMqH4Rk0LJwTQctTWnk
5onbYELnmZbnut3uklM2N1z7hcupAFyLB9HSea/HL+eyqCzbVvF45w1q6kDmOVZf
MkqttS0AbEcuZhhYiYxKOk+pmOtqeHQYI5iHA95LZl2Hu96s34QnGurcPQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFH0oQ44FSG/QeR9vPySb28+59RinMB8GA1UdIwQY
MBaAFAtvHp8JUOTznJxf7j+GiiTrNh7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAt
MDgxYmNiYWM0ZGFmLzEvZlNoRGpnVkliOUI1SDI4X0pKdmJ6N24xR0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAtMDgxYmNiYWM0ZGFm
LzEvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABX7vMD
BAFX7vQwDQYJKoZIhvcNAQELBQADggEBAGAFFp9jGb54pAe2UE/Hyr7Lov1k2X5H
wnCVTF3gzFeIVWTBUpXF07h0iQOFz55r0s8p4ZQ0IqOCPk6nLFccpIi2zajOFnsB
9aQ1kNA01DRROFhl3KAPpJryq3TtaGfcT85dSGenwj3YypgRYwf1VGCwUuYM5Mnp
XdQ1usxU/7xnPh2a47DHCLNbs18cs+bPj6/TlQ7of9AkcitiN5Ltp0TDUypGA7Pw
hIkHHq4groSWIUdRgivAzqKT3IbWP2ZjoQpKvUM1hoSIUfA/qCJu9r0PD71jc9Hw
4gtqcoocUEleddaQOA219iJF3+JKfDsuj6yv3zJf98qpIGef5EaFHBs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:37 2024 by rpki-client on console-fra.rpki-client.org