Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/06b241-6de7-485c-98ae-f9bd64ca6e4c/1/_alr3Hs-ipiJC8X6oP-A8HzP84E.roa
File: _alr3Hs-ipiJC8X6oP-A8HzP84E.roa (raw, json)
Hash identifier: 6YOJ+Yb+Wpp6fiHaUCD1i37q/DpOfI4rn5w34CUZIPw=
Subject key identifier: FD:A9:6B:DC:7B:3E:8A:98:89:0B:C5:FA:A0:FF:80:F0:7C:CF:F3:81
Certificate issuer: /CN=aa4aac1948cee23ddf4d715f803522f93b0cddb4
Certificate serial: 018B90284170DF6B311F74BAB10AABA509B4
Authority key identifier: AA:4A:AC:19:48:CE:E2:3D:DF:4D:71:5F:80:35:22:F9:3B:0C:DD:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qkqsGUjO4j3fTXFfgDUi-TsM3bQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/06b241-6de7-485c-98ae-f9bd64ca6e4c/1/_alr3Hs-ipiJC8X6oP-A8HzP84E.roa
Signing time: Thu 02 Nov 2023 13:10:39 +0000
ROA not before: Thu 02 Nov 2023 13:10:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7979
IP address blocks: 87.76.25.0/24 maxlen: 24
87.76.26.0/24 maxlen: 24
165.84.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:28:41:70:df:6b:31:1f:74:ba:b1:0a:ab:a5:09:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa4aac1948cee23ddf4d715f803522f93b0cddb4
Validity
Not Before: Nov 2 13:10:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fda96bdc7b3e8a98890bc5faa0ff80f07ccff381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1f:53:5b:3b:b4:d4:1c:ea:96:3d:b5:10:71:
02:bd:13:3a:63:1e:eb:7e:3e:15:ed:aa:c7:4e:f6:
b4:0d:b3:98:0b:6f:9d:5a:0d:6a:34:b4:46:e9:68:
c6:a0:59:bc:b0:b4:3b:16:83:2f:2a:c9:a8:ec:26:
06:46:92:ca:32:b6:49:0c:60:ff:07:4d:29:47:ca:
67:aa:b0:70:53:78:a4:6a:1f:b9:e7:21:25:d7:dd:
fc:5c:33:ad:e7:77:6a:28:0c:42:13:b8:97:8c:9d:
a5:2b:5e:48:40:b7:27:26:6b:92:44:e3:f4:af:90:
f1:24:6a:74:7d:b7:62:37:ff:05:8f:19:f2:b7:3d:
d8:6b:6a:08:1f:ac:45:a0:1f:32:94:f3:c0:bf:91:
54:da:c1:87:65:a4:99:af:eb:6d:f0:d9:e9:4d:ef:
f2:19:d6:36:27:c7:05:23:c0:7b:82:3a:b4:d7:00:
be:be:a9:a5:98:f4:54:90:45:38:10:36:7d:56:e8:
24:65:d8:9a:07:85:20:ff:be:61:85:56:8f:7b:be:
cc:58:69:03:c8:14:33:9e:78:3e:2f:d8:f8:fc:d2:
e7:98:9a:c5:80:bc:fa:f7:66:a6:9e:10:e7:94:1a:
f6:7c:b1:57:7a:12:85:c0:12:c0:19:8e:6c:ce:ed:
ad:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A9:6B:DC:7B:3E:8A:98:89:0B:C5:FA:A0:FF:80:F0:7C:CF:F3:81
X509v3 Authority Key Identifier:
keyid:AA:4A:AC:19:48:CE:E2:3D:DF:4D:71:5F:80:35:22:F9:3B:0C:DD:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qkqsGUjO4j3fTXFfgDUi-TsM3bQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/06b241-6de7-485c-98ae-f9bd64ca6e4c/1/_alr3Hs-ipiJC8X6oP-A8HzP84E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/06b241-6de7-485c-98ae-f9bd64ca6e4c/1/qkqsGUjO4j3fTXFfgDUi-TsM3bQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.25.0-87.76.26.255
165.84.212.0/22
Signature Algorithm: sha256WithRSAEncryption
51:b4:b0:9d:35:b1:93:1d:c0:d3:9a:4c:36:0d:aa:50:86:9e:
74:a4:7a:d5:bd:15:20:fe:65:f7:10:b6:e0:a8:68:f2:39:98:
6e:26:1c:6a:c5:07:cc:29:dc:5a:9e:2c:7b:5a:64:2d:97:76:
21:ce:81:6b:04:65:8d:23:89:6d:1b:91:dd:06:28:76:6b:c4:
8a:ac:71:fd:c3:c4:42:10:a2:f1:7c:da:11:16:3b:59:4e:68:
4a:ef:c2:4d:fe:b8:68:b4:26:f5:35:b9:93:87:36:e8:43:76:
c2:ec:d5:4b:34:98:f6:04:b3:87:6f:ba:e2:c6:f9:df:03:38:
62:04:7d:fe:16:fc:3f:12:a4:ba:4c:85:c0:13:00:b1:fd:c0:
2c:35:fa:1f:27:ac:04:c7:d0:e4:c9:59:d1:fa:d5:fa:2d:d3:
2c:bc:f0:1b:5d:6f:8f:7e:c4:89:59:91:66:40:f1:84:59:91:
4f:bb:de:ce:5c:65:f4:e7:16:a8:31:79:2b:d2:b5:0a:fc:3c:
41:64:39:44:94:d1:e7:b4:91:3a:b1:22:7e:cb:8d:7a:38:f6:
9f:8b:a9:0e:8a:21:01:e6:23:94:e3:6b:97:5b:f3:34:c3:61:
58:c8:4c:61:d3:52:dc:ac:e2:d8:0f:79:89:45:f1:7a:96:3c:
46:84:ef:aa
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYuQKEFw32sxH3S6sQqrpQm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNGFhYzE5NDhjZWUyM2RkZjRkNzE1ZjgwMzUyMmY5M2Iw
Y2RkYjQwHhcNMjMxMTAyMTMxMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGE5NmJkYzdiM2U4YTk4ODkwYmM1ZmFhMGZmODBmMDdjY2ZmMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB9TWzu01Bzqlj21EHECvRM6Yx7r
fj4V7arHTva0DbOYC2+dWg1qNLRG6WjGoFm8sLQ7FoMvKsmo7CYGRpLKMrZJDGD/
B00pR8pnqrBwU3ikah+55yEl1938XDOt53dqKAxCE7iXjJ2lK15IQLcnJmuSROP0
r5DxJGp0fbdiN/8Fjxnytz3Ya2oIH6xFoB8ylPPAv5FU2sGHZaSZr+tt8NnpTe/y
GdY2J8cFI8B7gjq01wC+vqmlmPRUkEU4EDZ9VugkZdiaB4Ug/75hhVaPe77MWGkD
yBQznng+L9j4/NLnmJrFgLz692amnhDnlBr2fLFXehKFwBLAGY5szu2tkwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFP2pa9x7PoqYiQvF+qD/gPB8z/OBMB8GA1UdIwQY
MBaAFKpKrBlIzuI9301xX4A1Ivk7DN20MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWtxc0dVak80ajNmVFhGZmdEVWktVHNNM2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNmIyNDEtNmRlNy00ODVjLTk4YWUt
ZjliZDY0Y2E2ZTRjLzEvX2FscjNIcy1pcGlKQzhYNm9QLUE4SHpQODRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNmIyNDEtNmRlNy00ODVjLTk4YWUtZjliZDY0Y2E2ZTRj
LzEvcWtxc0dVak80ajNmVFhGZmdEVWktVHNNM2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABXTBkD
BABXTBoDBAKlVNQwDQYJKoZIhvcNAQELBQADggEBAFG0sJ01sZMdwNOaTDYNqlCG
nnSketW9FSD+ZfcQtuCoaPI5mG4mHGrFB8wp3FqeLHtaZC2XdiHOgWsEZY0jiW0b
kd0GKHZrxIqscf3DxEIQovF82hEWO1lOaErvwk3+uGi0JvU1uZOHNuhDdsLs1Us0
mPYEs4dvuuLG+d8DOGIEff4W/D8SpLpMhcATALH9wCw1+h8nrATH0OTJWdH61fot
0yy88Btdb49+xIlZkWZA8YRZkU+73s5cZfTnFqgxeSvStQr8PEFkOUSU0ee0kTqx
In7LjXo49p+LqQ6KIQHmI5Tja5db8zTDYVjITGHTUtys4tgPeYlF8XqWPEaE76o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:00 2024 by rpki-client on console-fra.rpki-client.org