Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/H3Qwa8cdM9MOvaKhg68EV_isstY.roa
File: H3Qwa8cdM9MOvaKhg68EV_isstY.roa (raw, json)
Hash identifier: MHfXJKUAR0D2tcWEnogqW0FBH0nwlj2JbXQ6XMN3Pco=
Subject key identifier: 1F:74:30:6B:C7:1D:33:D3:0E:BD:A2:A1:83:AF:04:57:F8:AC:B2:D6
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018C1FD1A3FC4D9836F7F621CA3BB59F25E1
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/H3Qwa8cdM9MOvaKhg68EV_isstY.roa
Signing time: Thu 30 Nov 2023 10:41:21 +0000
ROA not before: Thu 30 Nov 2023 10:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207883
IP address blocks: 87.251.70.0/23 maxlen: 24
87.251.88.0/23 maxlen: 24
87.251.86.0/23 maxlen: 24
80.66.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Dec 2023 11:52:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:d1:a3:fc:4d:98:36:f7:f6:21:ca:3b:b5:9f:25:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Nov 30 10:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f74306bc71d33d30ebda2a183af0457f8acb2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d8:86:a0:c5:32:22:d3:fd:34:47:6c:7e:2e:
14:b1:55:d5:67:54:19:2d:e9:c5:cd:ec:79:ea:4a:
4b:4f:3b:3e:70:04:6c:40:96:7c:55:c7:7a:96:e9:
1c:0c:0d:c6:65:73:f2:ef:33:a2:f3:55:51:84:34:
bf:c7:9b:e5:f5:08:b6:74:30:58:b6:bb:76:52:2e:
e6:f2:25:4a:85:cf:ba:ab:f4:c1:05:39:d6:89:83:
3a:ff:54:bd:31:7e:f4:90:9b:0d:89:e2:01:16:e6:
de:7f:55:e2:90:bc:eb:8e:ef:2e:19:17:1b:0e:b5:
31:cb:6b:d9:eb:c1:d1:13:5c:f9:49:ec:25:d3:3e:
16:af:f5:ac:35:5b:0c:89:87:c1:06:85:2b:a3:5c:
d1:a8:38:ff:a6:c9:7e:87:63:0f:ec:a0:1d:da:26:
60:05:b1:9b:c4:fe:07:52:02:6c:67:5f:ca:6d:7b:
1b:6f:09:7a:2e:52:42:5a:3c:33:5a:55:9b:b7:15:
38:c6:bf:68:1a:26:f0:64:b4:0f:20:34:df:b9:d9:
94:c8:8c:79:07:ea:86:1e:93:16:75:05:e4:ea:b0:
8c:91:c8:8b:ae:24:e4:4d:5d:fd:56:85:9c:ce:14:
26:bc:cf:48:85:a7:79:ee:c7:54:2e:e6:c0:1f:22:
77:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:74:30:6B:C7:1D:33:D3:0E:BD:A2:A1:83:AF:04:57:F8:AC:B2:D6
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/H3Qwa8cdM9MOvaKhg68EV_isstY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.68.0/24
87.251.70.0/23
87.251.86.0-87.251.89.255
Signature Algorithm: sha256WithRSAEncryption
6f:93:b1:c5:53:15:15:fb:d0:b9:f8:f6:57:be:e2:f0:6b:b0:
8c:ba:c0:f8:b4:4c:58:64:35:09:ef:93:fd:7c:e6:e9:22:40:
c2:4c:65:a4:39:cf:38:0e:c9:64:29:68:2a:33:6b:17:17:29:
1c:a8:1c:05:0c:2c:2e:b9:82:3b:ff:9f:8f:1f:d7:92:8c:17:
11:da:21:86:84:d5:07:57:2c:f8:d9:01:3e:04:a5:af:5a:ca:
ad:36:95:1a:72:b1:e3:6a:54:2e:69:46:96:23:ec:ed:91:bc:
97:7d:f0:55:cf:4c:cc:fc:a2:60:34:0a:b4:52:26:eb:66:89:
cc:8b:cc:23:30:a8:8e:c7:3b:6b:d8:3d:40:27:d2:b3:9c:e2:
5a:84:da:47:bd:6a:cb:d5:4d:58:43:7a:f7:ee:95:b3:4a:b9:
dc:6a:c1:d0:4d:a3:c0:57:f9:a3:ed:87:f2:28:7f:3a:05:74:
ce:70:9d:23:a9:bd:7e:4a:0d:2a:35:4b:9e:96:ac:cc:98:cd:
65:f4:8d:9a:d3:7c:ff:38:ec:05:60:42:9b:02:fe:dc:62:6a:
52:87:ad:c2:f9:62:47:8e:60:54:d8:e3:d7:b9:94:d2:cb:a1:
bd:8d:ec:83:ca:c9:87:f8:04:01:5d:94:f2:d1:e7:8e:47:a8:
72:24:ca:9c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYwf0aP8TZg29/Yhyju1nyXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMxMTMwMTA0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjc0MzA2YmM3MWQzM2QzMGViZGEyYTE4M2FmMDQ1N2Y4YWNiMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtiGoMUyItP9NEdsfi4UsVXVZ1QZ
LenFzex56kpLTzs+cARsQJZ8Vcd6lukcDA3GZXPy7zOi81VRhDS/x5vl9Qi2dDBY
trt2Ui7m8iVKhc+6q/TBBTnWiYM6/1S9MX70kJsNieIBFubef1XikLzrju8uGRcb
DrUxy2vZ68HRE1z5Sewl0z4Wr/WsNVsMiYfBBoUro1zRqDj/psl+h2MP7KAd2iZg
BbGbxP4HUgJsZ1/KbXsbbwl6LlJCWjwzWlWbtxU4xr9oGibwZLQPIDTfudmUyIx5
B+qGHpMWdQXk6rCMkciLriTkTV39VoWczhQmvM9Ihad57sdULubAHyJ3PwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB90MGvHHTPTDr2ioYOvBFf4rLLWMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvSDNRd2E4Y2RNOU1PdmFLaGc2OEVWX2lzc3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUEJEAwQB
V/tGMAwDBAFX+1YDBAFX+1gwDQYJKoZIhvcNAQELBQADggEBAG+TscVTFRX70Ln4
9le+4vBrsIy6wPi0TFhkNQnvk/185ukiQMJMZaQ5zzgOyWQpaCozaxcXKRyoHAUM
LC65gjv/n48f15KMFxHaIYaE1QdXLPjZAT4Epa9ayq02lRpyseNqVC5pRpYj7O2R
vJd98FXPTMz8omA0CrRSJutmicyLzCMwqI7HO2vYPUAn0rOc4lqE2ke9asvVTVhD
evfulbNKudxqwdBNo8BX+aPth/IofzoFdM5wnSOpvX5KDSo1S56WrMyYzWX0jZrT
fP847AVgQpsC/txialKHrcL5YkeOYFTY49e5lNLLob2N7IPKyYf4BAFdlPLR545H
qHIkypw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:50 2024 by rpki-client on console-ams.rpki-client.org