Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/RNH6n_1T0gT8pH61vwazse2wYJE.roa
File: RNH6n_1T0gT8pH61vwazse2wYJE.roa (raw, json)
Hash identifier: iLCvLMGGmtVSIm7A887dC6DIm37pwoEio1zlQCAKqiM=
Subject key identifier: 44:D1:FA:9F:FD:53:D2:04:FC:A4:7E:B5:BF:06:B3:B1:ED:B0:60:91
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 018A661504111F74B225FF682A6D1064CC09
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/RNH6n_1T0gT8pH61vwazse2wYJE.roa
Signing time: Tue 05 Sep 2023 16:02:47 +0000
ROA not before: Tue 05 Sep 2023 16:02:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.236.148.0/24 maxlen: 24
185.184.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:15:04:11:1f:74:b2:25:ff:68:2a:6d:10:64:cc:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Sep 5 16:02:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44d1fa9ffd53d204fca47eb5bf06b3b1edb06091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c5:c4:a2:dd:bc:fc:56:66:d1:45:c2:eb:4e:
67:c0:23:85:21:d4:48:22:bd:88:4e:2c:2a:d9:f1:
ce:8e:8f:27:0d:c8:3f:bd:c4:68:5a:a8:0b:c9:07:
ed:58:22:e6:09:db:8c:af:87:c7:c9:65:6d:77:ae:
1c:e7:6d:85:c1:a4:8e:1e:57:25:9e:ea:40:dc:a4:
04:dd:70:85:5f:89:65:f1:08:05:97:84:d5:20:39:
59:9b:07:2b:72:35:70:46:94:3a:1c:fd:cc:9d:79:
14:3e:62:66:4e:e4:10:6d:9f:01:c6:ac:06:2c:53:
52:af:83:f1:ec:1b:e6:e0:76:3e:1c:9a:ee:a1:b2:
92:66:4b:70:68:1d:82:c1:b1:1e:51:11:93:be:ae:
1a:5d:36:9d:30:52:28:33:96:ac:af:27:09:e4:3b:
22:68:dc:41:62:82:94:46:37:a0:82:69:6d:1d:33:
d2:42:9c:c4:28:7d:b7:e1:3f:66:53:93:42:29:4f:
e5:ac:23:0c:01:ce:a1:f6:40:4b:b1:d6:be:ed:0a:
8b:ee:58:ed:a6:15:18:ad:3c:83:ae:83:cd:5b:06:
7d:dd:ab:29:96:49:fe:f3:40:46:48:b7:8e:0d:a1:
c6:c3:1b:bd:e4:41:4d:7f:11:b4:dc:b5:6f:e9:17:
f6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D1:FA:9F:FD:53:D2:04:FC:A4:7E:B5:BF:06:B3:B1:ED:B0:60:91
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/RNH6n_1T0gT8pH61vwazse2wYJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.148.0/24
185.184.219.0/24
Signature Algorithm: sha256WithRSAEncryption
77:b2:37:28:b3:65:dd:b7:f8:62:4b:64:8e:9e:30:5b:9a:e6:
90:22:82:bb:0d:60:b5:ca:12:3c:55:f5:43:e0:84:53:06:49:
ea:f8:cf:bc:3d:b5:e7:8a:8f:8d:86:4c:e2:a5:d4:84:ba:11:
e7:88:7a:62:b8:22:6b:da:df:27:24:68:79:fe:7d:eb:69:0d:
de:2a:69:d0:15:fd:d1:64:c0:b2:e6:92:9b:2a:c0:61:95:e0:
86:b4:98:81:45:b7:e9:64:8c:6f:1d:c9:0a:1c:4d:27:61:1e:
c5:c8:7f:a4:ec:c6:1d:e8:df:b5:ee:75:6e:90:55:e7:c4:91:
72:1d:6a:0b:df:ce:21:56:34:3d:ab:45:33:76:14:e6:91:4e:
7a:7a:e2:d3:58:ad:2b:9f:4d:69:d3:3f:5e:e8:9a:13:fa:9f:
b1:22:1e:11:68:be:d7:33:49:7a:7a:bc:00:34:f4:60:1b:99:
ff:e5:dc:c3:29:3c:90:5c:4d:81:21:72:5c:7b:89:96:c2:e9:
4f:67:cd:db:fe:f8:b1:e6:d1:47:56:13:e2:f0:5e:8a:47:ca:
48:3b:28:93:64:15:3f:f9:a0:7c:1b:f0:7e:93:1c:28:c1:61:
11:9f:db:87:8f:cd:af:58:cd:f3:14:6d:c2:7e:47:82:fa:ec:
3c:b8:fe:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpmFQQRH3SyJf9oKm0QZMwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjMwOTA1MTYwMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQxZmE5ZmZkNTNkMjA0ZmNhNDdlYjViZjA2YjNiMWVkYjA2MDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMXEot28/FZm0UXC605nwCOFIdRI
Ir2ITiwq2fHOjo8nDcg/vcRoWqgLyQftWCLmCduMr4fHyWVtd64c522FwaSOHlcl
nupA3KQE3XCFX4ll8QgFl4TVIDlZmwcrcjVwRpQ6HP3MnXkUPmJmTuQQbZ8BxqwG
LFNSr4Px7Bvm4HY+HJruobKSZktwaB2CwbEeURGTvq4aXTadMFIoM5asrycJ5Dsi
aNxBYoKURjeggmltHTPSQpzEKH234T9mU5NCKU/lrCMMAc6h9kBLsda+7QqL7ljt
phUYrTyDroPNWwZ93asplkn+80BGSLeODaHGwxu95EFNfxG03LVv6Rf2VQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFETR+p/9U9IE/KR+tb8Gs7HtsGCRMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvUk5INm5fMVQwZ1Q4cEg2MXZ3YXpzZTJ3WUpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV+yUAwQA
ubjbMA0GCSqGSIb3DQEBCwUAA4IBAQB3sjcos2Xdt/hiS2SOnjBbmuaQIoK7DWC1
yhI8VfVD4IRTBknq+M+8PbXnio+NhkzipdSEuhHniHpiuCJr2t8nJGh5/n3raQ3e
KmnQFf3RZMCy5pKbKsBhleCGtJiBRbfpZIxvHckKHE0nYR7FyH+k7MYd6N+17nVu
kFXnxJFyHWoL384hVjQ9q0UzdhTmkU56euLTWK0rn01p0z9e6JoT+p+xIh4RaL7X
M0l6erwANPRgG5n/5dzDKTyQXE2BIXJce4mWwulPZ83b/vix5tFHVhPi8F6KR8pI
OyiTZBU/+aB8G/B+kxwowWERn9uHj82vWM3zFG3CfkeC+uw8uP4R
-----END CERTIFICATE-----
Generated at Wed Oct 11 10:52:59 2023 by rpki-client on console-ams.rpki-client.org