Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/87zcPoAJlESw41bmCUsrAlwjCRw.roa
File: 87zcPoAJlESw41bmCUsrAlwjCRw.roa (raw, json)
Hash identifier: 8NY+vYy5/kTusQdDOhRBJHmQYL/Hu811vShr6Thy3Mk=
Subject key identifier: F3:BC:DC:3E:80:09:94:44:B0:E3:56:E6:09:4B:2B:02:5C:23:09:1C
Certificate issuer: /CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Certificate serial: 018D9CA378E56F4500BFC7BA09448CB78A3B
Authority key identifier: 9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/87zcPoAJlESw41bmCUsrAlwjCRw.roa
Signing time: Mon 12 Feb 2024 09:26:15 +0000
ROA not before: Mon 12 Feb 2024 09:26:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44712
IP address blocks: 151.249.104.0/21 maxlen: 21
2a01:a8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Apr 2024 13:35:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9c:a3:78:e5:6f:45:00:bf:c7:ba:09:44:8c:b7:8a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Validity
Not Before: Feb 12 09:26:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3bcdc3e80099444b0e356e6094b2b025c23091c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a7:de:2f:9b:17:3d:ad:e7:46:c4:a7:be:ef:
b6:e9:77:76:a7:3d:42:96:7b:f0:54:d4:da:c8:b0:
a6:74:f2:b6:f5:47:d2:74:d5:97:50:5a:e2:25:3b:
6f:26:c9:b0:10:d4:11:39:2b:5a:2e:b6:61:68:cb:
b3:83:80:ad:6d:63:9f:03:c3:1f:d1:7a:77:46:36:
19:20:07:07:62:2f:b5:59:75:50:c1:cb:7b:0c:31:
bb:72:f2:69:33:80:82:56:31:11:47:de:40:2c:6b:
7f:83:7d:9b:ee:80:fa:7c:aa:5b:17:34:cc:0c:d2:
cc:cd:05:d8:a5:10:e7:17:60:25:75:fa:c5:7e:94:
33:17:80:f0:2d:7e:2d:50:88:64:70:ed:03:24:74:
ef:f9:5d:2d:90:5b:e3:b3:53:1e:23:c4:83:47:d4:
27:20:05:4f:e2:50:80:19:95:7f:c1:bd:97:93:aa:
82:84:06:a6:2b:fc:c5:23:28:2f:50:64:cc:0a:46:
51:3a:fc:a3:b0:b8:70:85:02:d0:18:a8:97:a2:e1:
69:44:a0:e0:a4:a8:9b:29:67:0f:77:4c:ed:c9:39:
ec:8f:b2:a0:4c:00:ea:5f:7b:75:7a:06:91:1f:95:
5a:4d:7d:8c:44:71:ae:86:b5:6e:d0:c3:f4:ec:8d:
36:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:BC:DC:3E:80:09:94:44:B0:E3:56:E6:09:4B:2B:02:5C:23:09:1C
X509v3 Authority Key Identifier:
keyid:9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/87zcPoAJlESw41bmCUsrAlwjCRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.249.104.0/21
IPv6:
2a01:a8c0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:88:15:dc:fe:ca:ce:fb:c7:52:e3:0d:6c:78:ae:a8:ea:0e:
bb:74:99:bb:d3:19:02:60:57:d4:52:c1:80:d7:f7:3f:35:c9:
72:78:4a:52:e1:92:5d:62:69:26:9e:8d:a6:77:2d:1c:6d:54:
22:30:5b:8b:fb:ce:a6:38:92:db:40:f6:43:a8:bf:db:8c:32:
3f:5b:84:b4:56:51:8f:6f:2a:37:5b:c4:f5:48:0f:af:c1:cc:
b7:b0:e9:73:72:65:17:f8:8c:2b:de:b9:7d:c4:68:01:2f:32:
9c:cc:e9:83:38:43:51:cf:ea:d8:14:9e:bf:22:2d:7d:20:f4:
a3:da:60:b0:09:72:70:ac:ac:7f:ea:3a:35:7d:ac:9c:0c:30:
3a:0e:e2:03:07:cc:a8:de:21:bb:8c:3f:0b:6b:01:25:0b:6d:
11:73:dd:31:00:f7:f7:2f:73:a0:52:4b:c8:64:0d:f4:5d:aa:
8e:3e:b3:65:a2:76:43:10:13:be:ce:d0:8d:a6:ff:7d:c4:49:
df:f1:1f:24:40:ee:f2:c2:71:5e:24:09:bf:6f:b2:11:65:f3:
23:bd:28:96:53:40:56:f3:7b:2a:83:29:ae:67:e9:be:f3:29:
e4:d8:d3:fb:8a:73:4b:26:c9:01:15:46:2e:e1:0f:c2:3f:7c:
7b:79:e9:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2co3jlb0UAv8e6CUSMt4o7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYWYwYmY5M2ZjNDM4MWZmZjdlN2FhODZiNDA3NmMwMzMy
NDJmZmEwHhcNMjQwMjEyMDkyNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2JjZGMzZTgwMDk5NDQ0YjBlMzU2ZTYwOTRiMmIwMjVjMjMwOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhafeL5sXPa3nRsSnvu+26Xd2pz1C
lnvwVNTayLCmdPK29UfSdNWXUFriJTtvJsmwENQROStaLrZhaMuzg4CtbWOfA8Mf
0Xp3RjYZIAcHYi+1WXVQwct7DDG7cvJpM4CCVjERR95ALGt/g32b7oD6fKpbFzTM
DNLMzQXYpRDnF2AldfrFfpQzF4DwLX4tUIhkcO0DJHTv+V0tkFvjs1MeI8SDR9Qn
IAVP4lCAGZV/wb2Xk6qChAamK/zFIygvUGTMCkZROvyjsLhwhQLQGKiXouFpRKDg
pKibKWcPd0ztyTnsj7KgTADqX3t1egaRH5VaTX2MRHGuhrVu0MP07I02JQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPO83D6ACZREsONW5glLKwJcIwkcMB8GA1UdIwQY
MBaAFJ+vC/k/xDgf/356qGtAdsAzJC/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgt
ZjUyMGE3ZDcxZWY1LzEvODd6Y1BvQUpsRVN3NDFibUNVc3JBbHdqQ1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgtZjUyMGE3ZDcxZWY1
LzEvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDl/loMA0E
AgACMAcDBQMqAajAMA0GCSqGSIb3DQEBCwUAA4IBAQCwiBXc/srO+8dS4w1seK6o
6g67dJm70xkCYFfUUsGA1/c/NclyeEpS4ZJdYmkmno2mdy0cbVQiMFuL+86mOJLb
QPZDqL/bjDI/W4S0VlGPbyo3W8T1SA+vwcy3sOlzcmUX+Iwr3rl9xGgBLzKczOmD
OENRz+rYFJ6/Ii19IPSj2mCwCXJwrKx/6jo1faycDDA6DuIDB8yo3iG7jD8LawEl
C20Rc90xAPf3L3OgUkvIZA30XaqOPrNlonZDEBO+ztCNpv99xEnf8R8kQO7ywnFe
JAm/b7IRZfMjvSiWU0BW83sqgymuZ+m+8ynk2NP7inNLJskBFUYu4Q/CP3x7eemn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:47 2024 by rpki-client on console-ams.rpki-client.org