Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/o20PxLR6E6mZgsfbMRpiCz-PHHk.roa
File: o20PxLR6E6mZgsfbMRpiCz-PHHk.roa (raw, json)
Hash identifier: GXNIqE96X7W5vs0mzoVWNrfkSwzVsTELb9lVc0NJkSQ=
Subject key identifier: A3:6D:0F:C4:B4:7A:13:A9:99:82:C7:DB:31:1A:62:0B:3F:8F:1C:79
Certificate issuer: /CN=68b7f817ab5141b5e138280cdf6190166bb9cb87
Certificate serial: 01856CC15F338E94180F11F619DD19B8CEF9
Authority key identifier: 68:B7:F8:17:AB:51:41:B5:E1:38:28:0C:DF:61:90:16:6B:B9:CB:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/o20PxLR6E6mZgsfbMRpiCz-PHHk.roa
Signing time: Sun 01 Jan 2023 09:54:50 +0000
ROA not before: Sun 01 Jan 2023 09:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8643
IP address blocks: 87.239.232.0/21 maxlen: 21
195.134.64.0/18 maxlen: 18
88.197.0.0/17 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:5f:33:8e:94:18:0f:11:f6:19:dd:19:b8:ce:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b7f817ab5141b5e138280cdf6190166bb9cb87
Validity
Not Before: Jan 1 09:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a36d0fc4b47a13a99982c7db311a620b3f8f1c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1c:49:7e:1e:0e:35:8f:0a:04:77:ea:7f:4a:
be:8a:45:e5:17:11:8b:99:69:31:90:7f:84:bd:34:
bd:7c:7b:e5:36:70:e0:6e:5b:6f:9b:6e:63:e3:88:
d3:d0:3f:df:71:3e:16:41:bb:e9:04:a2:b7:1b:bf:
e6:04:77:95:cf:0d:50:05:c1:68:89:97:42:57:a3:
26:d8:cb:e5:dd:8f:6a:62:90:0c:d7:49:8d:3d:1e:
8f:bd:3e:f9:58:b6:d6:06:26:2c:b4:b3:fc:1f:76:
11:9a:bb:39:bc:09:7d:5e:b2:eb:ae:df:ad:f8:42:
68:d1:30:65:89:14:9a:55:3d:0e:e5:b5:ce:35:3b:
85:3a:54:04:e3:0d:79:8a:93:98:de:9e:66:9f:ce:
62:3a:6f:86:a9:2b:ba:ff:ae:6a:b6:2f:cc:39:ba:
b5:f9:22:56:21:ab:a5:3c:dc:18:dc:e5:f7:30:36:
e8:ee:d9:88:35:fb:1a:01:af:36:66:39:60:db:a5:
00:3b:3d:81:a5:7e:33:3d:9f:c9:78:d8:5a:80:1a:
cf:93:79:0d:4d:54:ba:7a:5c:de:3e:da:26:c0:da:
a1:f6:b0:e8:91:ab:9c:e8:92:58:34:f1:51:ec:57:
3f:6b:eb:78:0e:47:5d:c1:9d:6f:4a:53:88:ee:f7:
2b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:6D:0F:C4:B4:7A:13:A9:99:82:C7:DB:31:1A:62:0B:3F:8F:1C:79
X509v3 Authority Key Identifier:
keyid:68:B7:F8:17:AB:51:41:B5:E1:38:28:0C:DF:61:90:16:6B:B9:CB:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/o20PxLR6E6mZgsfbMRpiCz-PHHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.232.0/21
88.197.0.0/17
195.134.64.0/18
Signature Algorithm: sha256WithRSAEncryption
20:64:29:ad:42:6a:d8:b3:3a:f4:d8:ab:b6:57:32:b2:ac:e6:
a5:90:61:55:3b:26:a8:69:3a:0c:79:b3:b0:c9:df:1d:47:03:
bc:05:86:de:3b:2b:1c:08:48:4b:4e:eb:07:67:d4:e6:38:01:
31:e0:54:ab:af:37:f7:d8:3f:bb:5b:cb:3e:2e:ae:ed:f6:55:
74:0c:a4:15:6c:f4:a5:32:f3:c7:a1:50:82:ba:a9:1a:e6:a2:
4b:c6:92:05:d4:9f:b5:b0:5a:81:4c:79:69:b0:db:31:a7:20:
8a:d8:bf:9c:b9:53:43:ad:5d:2c:cf:c3:51:ce:8d:b9:71:06:
5d:9e:87:29:b5:d8:dc:43:25:3b:17:26:d9:7a:0a:5a:d9:c2:
bd:2d:a7:94:03:d4:b9:69:c0:35:a4:54:53:a6:ef:30:6d:56:
5b:ea:5c:a6:4b:d5:d7:3b:ca:c6:a6:27:9a:61:9c:79:3f:14:
12:16:b9:32:33:e7:41:31:00:52:b4:38:c6:15:3f:5a:6a:b6:
f5:6b:96:d0:ff:3f:f0:db:65:ea:f9:78:7a:3c:32:7f:a5:b8:
0e:5e:60:10:09:01:b1:25:4f:59:a5:7b:ca:7a:bc:cf:f1:3e:
7b:4c:44:ee:36:3a:98:66:43:fb:ef:b9:37:6d:73:59:f2:0a:
e3:77:f6:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVswV8zjpQYDxH2Gd0ZuM75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YjdmODE3YWI1MTQxYjVlMTM4MjgwY2RmNjE5MDE2NmJi
OWNiODcwHhcNMjMwMTAxMDk1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzZkMGZjNGI0N2ExM2E5OTk4MmM3ZGIzMTFhNjIwYjNmOGYxYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRxJfh4ONY8KBHfqf0q+ikXlFxGL
mWkxkH+EvTS9fHvlNnDgbltvm25j44jT0D/fcT4WQbvpBKK3G7/mBHeVzw1QBcFo
iZdCV6Mm2Mvl3Y9qYpAM10mNPR6PvT75WLbWBiYstLP8H3YRmrs5vAl9XrLrrt+t
+EJo0TBliRSaVT0O5bXONTuFOlQE4w15ipOY3p5mn85iOm+GqSu6/65qti/MObq1
+SJWIaulPNwY3OX3MDbo7tmINfsaAa82Zjlg26UAOz2BpX4zPZ/JeNhagBrPk3kN
TVS6elzePtomwNqh9rDokauc6JJYNPFR7Fc/a+t4DkddwZ1vSlOI7vcrlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKNtD8S0ehOpmYLH2zEaYgs/jxx5MB8GA1UdIwQY
MBaAFGi3+BerUUG14TgoDN9hkBZrucuHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUxmNEY2dFJRYlhoT0NnTTMyR1FGbXU1eTRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83NDJjMTQtN2I0ZC00Mjc5LWI4MjMt
MTY1MTcxMjZjMTMyLzEvbzIwUHhMUjZFNm1aZ3NmYk1ScGlDei1QSEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83NDJjMTQtN2I0ZC00Mjc5LWI4MjMtMTY1MTcxMjZjMTMy
LzEvYUxmNEY2dFJRYlhoT0NnTTMyR1FGbXU1eTRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDV+/oAwQH
WMUAAwQGw4ZAMA0GCSqGSIb3DQEBCwUAA4IBAQAgZCmtQmrYszr02Ku2VzKyrOal
kGFVOyaoaToMebOwyd8dRwO8BYbeOyscCEhLTusHZ9TmOAEx4FSrrzf32D+7W8s+
Lq7t9lV0DKQVbPSlMvPHoVCCuqka5qJLxpIF1J+1sFqBTHlpsNsxpyCK2L+cuVND
rV0sz8NRzo25cQZdnocptdjcQyU7FybZegpa2cK9LaeUA9S5acA1pFRTpu8wbVZb
6lymS9XXO8rGpieaYZx5PxQSFrkyM+dBMQBStDjGFT9aarb1a5bQ/z/w22Xq+Xh6
PDJ/pbgOXmAQCQGxJU9ZpXvKerzP8T57TETuNjqYZkP777k3bXNZ8grjd/ZL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:12 2024 by rpki-client on console-fra.rpki-client.org