Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/be9a00-e0b1-4541-9c0f-13858da85f53/1/eL1KnVL1ziXbJy5k8UG0zGtmPaw.roa
File: eL1KnVL1ziXbJy5k8UG0zGtmPaw.roa (raw, json)
Hash identifier: raTb0qslurmwLm7ZRcJXOM7nD+SzszhxXzGl29RfFng=
Subject key identifier: 78:BD:4A:9D:52:F5:CE:25:DB:27:2E:64:F1:41:B4:CC:6B:66:3D:AC
Certificate issuer: /CN=5a955ca458468c5776b8d9936dfe9b0b2668731c
Certificate serial: 018CC8DD8EAFE62E2A0235E39D3D09C3D61C
Authority key identifier: 5A:95:5C:A4:58:46:8C:57:76:B8:D9:93:6D:FE:9B:0B:26:68:73:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpVcpFhGjFd2uNmTbf6bCyZocxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/be9a00-e0b1-4541-9c0f-13858da85f53/1/eL1KnVL1ziXbJy5k8UG0zGtmPaw.roa
Signing time: Tue 02 Jan 2024 06:30:12 +0000
ROA not before: Tue 02 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 87.247.231.0/24 maxlen: 24
87.247.230.0/23 maxlen: 23
87.247.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 19:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:8e:af:e6:2e:2a:02:35:e3:9d:3d:09:c3:d6:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a955ca458468c5776b8d9936dfe9b0b2668731c
Validity
Not Before: Jan 2 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78bd4a9d52f5ce25db272e64f141b4cc6b663dac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:01:f0:5e:df:9e:0d:e9:21:04:67:2a:e6:7c:
3a:b1:1b:cd:7d:99:84:28:2f:91:47:a7:44:ac:28:
80:8e:2f:32:b2:48:97:6d:ee:69:e4:c4:62:d0:30:
86:38:a5:3e:ac:f1:10:d2:aa:9b:c5:76:e5:8d:6e:
72:bc:f3:41:5f:7a:f9:6b:37:9e:8b:c3:5f:1e:87:
69:14:39:ef:69:c6:8a:ae:3d:a4:a2:51:f4:47:be:
f5:9b:0b:03:b3:ce:97:e2:1a:56:7e:42:ba:24:1e:
2e:a7:1b:9f:3a:fe:06:f1:61:e6:7e:21:e0:44:ae:
b3:78:b0:27:bd:09:3a:8f:15:9e:5e:34:61:0d:87:
20:47:d7:e3:ed:7e:d7:cd:72:10:61:09:3a:c3:3a:
e9:25:23:a4:84:1c:2b:f6:5f:38:95:f2:fd:87:d6:
37:72:e0:c2:28:87:77:13:bf:24:26:de:73:30:93:
a2:f5:80:09:29:29:d6:a2:8c:08:4e:dc:49:66:d3:
7d:c9:6c:d7:e8:32:90:1f:87:de:d7:d2:26:6c:cd:
92:f1:2b:eb:9e:11:e5:a2:2f:35:86:de:8a:e8:d5:
a7:e0:c5:a2:89:11:ad:65:81:10:ee:14:5d:4a:d9:
73:88:74:ce:95:c0:76:10:11:d1:5f:4e:51:98:46:
b3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:BD:4A:9D:52:F5:CE:25:DB:27:2E:64:F1:41:B4:CC:6B:66:3D:AC
X509v3 Authority Key Identifier:
keyid:5A:95:5C:A4:58:46:8C:57:76:B8:D9:93:6D:FE:9B:0B:26:68:73:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpVcpFhGjFd2uNmTbf6bCyZocxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/be9a00-e0b1-4541-9c0f-13858da85f53/1/eL1KnVL1ziXbJy5k8UG0zGtmPaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/be9a00-e0b1-4541-9c0f-13858da85f53/1/WpVcpFhGjFd2uNmTbf6bCyZocxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.230.0/23
Signature Algorithm: sha256WithRSAEncryption
20:c7:ff:93:e5:8f:06:3c:56:28:27:71:6d:e5:03:9e:ea:ef:
a0:df:65:8f:da:23:a2:0c:2b:e5:9d:2e:f3:81:ac:53:5c:26:
ef:92:47:e0:99:d6:9b:99:55:a3:00:75:4f:e3:db:f6:36:30:
32:58:91:25:a9:b3:98:fd:e3:59:4a:15:b1:7f:01:b4:20:8e:
c7:37:f5:23:55:19:80:f4:0f:81:a4:80:b8:2d:bf:3c:a4:09:
bf:0e:fb:f5:74:ae:98:dc:72:03:ef:92:9a:37:fb:8d:34:7f:
93:96:04:8e:d5:91:cc:60:63:39:fa:b3:15:91:db:6a:ef:ee:
55:a0:84:07:4d:dd:0f:b6:83:6c:fa:2b:3a:8e:b1:5e:56:63:
c4:8b:2f:5d:8d:67:7b:48:70:a4:bf:5a:f7:3d:99:7a:10:09:
de:c8:78:d1:a9:f3:72:14:7f:5a:a8:e0:53:f0:d5:85:6b:0f:
19:60:7f:b4:de:45:02:30:2f:e3:73:c3:50:4e:57:79:e1:6a:
bd:c8:d0:26:6d:97:7f:d1:94:5c:3b:22:38:2b:99:16:4a:b2:
ce:1d:8a:10:d7:b5:22:17:64:f0:0f:ad:82:bd:d2:6b:6b:91:
36:61:3b:b6:95:d4:24:36:0b:b8:df:82:cf:6f:3e:e0:ed:44:
07:e1:54:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3Y6v5i4qAjXjnT0Jw9YcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTU1Y2E0NTg0NjhjNTc3NmI4ZDk5MzZkZmU5YjBiMjY2
ODczMWMwHhcNMjQwMTAyMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGJkNGE5ZDUyZjVjZTI1ZGIyNzJlNjRmMTQxYjRjYzZiNjYzZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQHwXt+eDekhBGcq5nw6sRvNfZmE
KC+RR6dErCiAji8yskiXbe5p5MRi0DCGOKU+rPEQ0qqbxXbljW5yvPNBX3r5azee
i8NfHodpFDnvacaKrj2kolH0R771mwsDs86X4hpWfkK6JB4upxufOv4G8WHmfiHg
RK6zeLAnvQk6jxWeXjRhDYcgR9fj7X7XzXIQYQk6wzrpJSOkhBwr9l84lfL9h9Y3
cuDCKId3E78kJt5zMJOi9YAJKSnWoowITtxJZtN9yWzX6DKQH4fe19ImbM2S8Svr
nhHloi81ht6K6NWn4MWiiRGtZYEQ7hRdStlziHTOlcB2EBHRX05RmEaz7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHi9Sp1S9c4l2ycuZPFBtMxrZj2sMB8GA1UdIwQY
MBaAFFqVXKRYRoxXdrjZk23+mwsmaHMcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BWY3BGaEdqRmQydU5tVGJmNmJDeVpvY3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9iZTlhMDAtZTBiMS00NTQxLTljMGYt
MTM4NThkYTg1ZjUzLzEvZUwxS25WTDF6aVhiSnk1azhVRzB6R3RtUGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9iZTlhMDAtZTBiMS00NTQxLTljMGYtMTM4NThkYTg1ZjUz
LzEvV3BWY3BGaEdqRmQydU5tVGJmNmJDeVpvY3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBV/fmMA0G
CSqGSIb3DQEBCwUAA4IBAQAgx/+T5Y8GPFYoJ3Ft5QOe6u+g32WP2iOiDCvlnS7z
gaxTXCbvkkfgmdabmVWjAHVP49v2NjAyWJElqbOY/eNZShWxfwG0II7HN/UjVRmA
9A+BpIC4Lb88pAm/Dvv1dK6Y3HID75KaN/uNNH+TlgSO1ZHMYGM5+rMVkdtq7+5V
oIQHTd0PtoNs+is6jrFeVmPEiy9djWd7SHCkv1r3PZl6EAneyHjRqfNyFH9aqOBT
8NWFaw8ZYH+03kUCMC/jc8NQTld54Wq9yNAmbZd/0ZRcOyI4K5kWSrLOHYoQ17Ui
F2TwD62CvdJra5E2YTu2ldQkNgu434LPbz7g7UQH4VRX
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:59:57 2025 by rpki-client