Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/dIYbuXv_jDLIkQrMpj61b00ajrk.roa
File: dIYbuXv_jDLIkQrMpj61b00ajrk.roa (raw, json)
Hash identifier: UgxIBJBiXfhlzBRojcanOcvbQGxmRNicxD0Rn7T3GSo=
Subject key identifier: 74:86:1B:B9:7B:FF:8C:32:C8:91:0A:CC:A6:3E:B5:6F:4D:1A:8E:B9
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018A3139178A13E4F334F26BD01029DBD7F0
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/dIYbuXv_jDLIkQrMpj61b00ajrk.roa
Signing time: Sat 26 Aug 2023 09:42:19 +0000
ROA not before: Sat 26 Aug 2023 09:42:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208161
IP address blocks: 87.107.146.0/23 maxlen: 24
87.107.154.0/24 maxlen: 24
87.107.155.0/24 maxlen: 24
87.107.164.0/23 maxlen: 24
87.107.54.0/23 maxlen: 24
81.12.52.0/23 maxlen: 24
87.107.104.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:31:39:17:8a:13:e4:f3:34:f2:6b:d0:10:29:db:d7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Aug 26 09:42:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74861bb97bff8c32c8910acca63eb56f4d1a8eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c0:54:2d:81:bb:c5:3c:39:e8:2f:e5:99:48:
ea:ff:52:cd:32:a0:43:5f:44:aa:3c:3f:b6:ca:52:
48:32:53:79:91:62:b3:52:ec:44:3a:09:ac:52:68:
76:ea:49:43:5d:34:a3:ce:83:98:ec:ff:33:f2:6a:
02:f4:e8:d5:94:ae:89:15:64:77:75:be:ba:91:22:
bd:c3:88:ae:a3:93:54:71:ba:65:5f:a5:dc:02:2a:
fd:d2:62:1b:80:41:ef:f8:8a:5a:52:b6:0d:4c:4e:
0c:d2:56:79:36:09:62:23:bd:18:ba:1e:71:b8:44:
25:a5:76:85:d3:d7:e8:1f:59:05:79:a9:ff:e2:8a:
00:d4:29:90:06:9c:c6:57:bb:2c:54:5d:19:1a:26:
5a:93:8d:57:c8:9e:70:af:a2:e0:a5:2f:3d:e8:5d:
b3:c0:68:4f:a5:d6:f7:80:2d:18:b8:c7:68:dd:57:
e2:92:45:ca:d9:ec:e7:1f:ba:15:7b:80:19:f0:e4:
bd:52:4c:d5:2b:04:93:80:0f:1d:d5:45:6a:e7:58:
ac:91:6c:bf:c3:4d:1c:8e:bc:8f:1a:a1:26:ac:b4:
63:fe:00:2f:73:ec:4b:ee:ff:fe:f3:e8:7f:b2:40:
69:3a:8c:96:77:bd:99:57:a8:63:fb:df:ff:6a:ab:
07:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:86:1B:B9:7B:FF:8C:32:C8:91:0A:CC:A6:3E:B5:6F:4D:1A:8E:B9
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/dIYbuXv_jDLIkQrMpj61b00ajrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.52.0/23
87.107.54.0/23
87.107.104.0/23
87.107.146.0/23
87.107.154.0/23
87.107.164.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:e6:31:0e:69:77:f0:92:3e:40:31:f7:50:f3:13:e4:14:13:
22:e1:9c:66:83:6a:3b:9d:06:c6:5f:b1:bc:43:d1:9c:a9:6a:
71:56:14:ad:2d:fa:60:72:0d:52:e9:d8:43:a0:a9:c2:1e:2c:
e6:12:a9:19:39:51:ad:7e:5f:21:d1:dd:c2:98:21:ad:6c:6c:
7e:fd:ea:64:51:17:da:79:9a:33:51:1f:36:cc:e8:04:52:79:
31:0a:74:fc:b0:36:fa:6d:b0:eb:6e:95:88:71:64:02:0c:b6:
f4:35:00:d9:52:89:57:15:37:6a:f2:bc:2e:5e:5a:47:0b:b2:
eb:ad:72:36:c0:da:85:06:e3:49:32:71:0c:a9:5a:f2:1a:a7:
c7:8c:31:98:ed:b2:af:c5:73:6c:00:04:58:c0:6d:95:52:e1:
eb:e5:4b:6b:03:ad:0e:ca:72:19:bb:df:66:dd:b5:67:08:65:
12:a7:e8:e5:07:f6:a5:16:93:b9:b4:dc:22:a5:96:9f:3a:db:
b3:ee:29:bc:86:dd:99:46:09:29:c2:58:14:62:11:98:23:46:
8c:d8:b3:46:e7:91:a8:9d:17:6d:60:41:88:f2:e6:46:81:a8:
61:63:f0:b3:fc:2a:86:b3:df:c7:f4:09:6d:e3:06:b4:6d:c4:
82:50:14:d7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYoxOReKE+TzNPJr0BAp29fwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwODI2MDk0MjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDg2MWJiOTdiZmY4YzMyYzg5MTBhY2NhNjNlYjU2ZjRkMWE4ZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMBULYG7xTw56C/lmUjq/1LNMqBD
X0SqPD+2ylJIMlN5kWKzUuxEOgmsUmh26klDXTSjzoOY7P8z8moC9OjVlK6JFWR3
db66kSK9w4iuo5NUcbplX6XcAir90mIbgEHv+IpaUrYNTE4M0lZ5NgliI70Yuh5x
uEQlpXaF09foH1kFean/4ooA1CmQBpzGV7ssVF0ZGiZak41XyJ5wr6LgpS896F2z
wGhPpdb3gC0YuMdo3VfikkXK2eznH7oVe4AZ8OS9UkzVKwSTgA8d1UVq51iskWy/
w00cjryPGqEmrLRj/gAvc+xL7v/+8+h/skBpOoyWd72ZV6hj+9//aqsHCQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHSGG7l7/4wyyJEKzKY+tW9NGo65MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvZElZYnVYdl9qRExJa1FyTXBqNjFiMDBhanJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBUQw0AwQB
V2s2AwQBV2toAwQBV2uSAwQBV2uaAwQBV2ukMA0GCSqGSIb3DQEBCwUAA4IBAQCl
5jEOaXfwkj5AMfdQ8xPkFBMi4Zxmg2o7nQbGX7G8Q9GcqWpxVhStLfpgcg1S6dhD
oKnCHizmEqkZOVGtfl8h0d3CmCGtbGx+/epkURfaeZozUR82zOgEUnkxCnT8sDb6
bbDrbpWIcWQCDLb0NQDZUolXFTdq8rwuXlpHC7LrrXI2wNqFBuNJMnEMqVryGqfH
jDGY7bKvxXNsAARYwG2VUuHr5UtrA60OynIZu99m3bVnCGUSp+jlB/alFpO5tNwi
pZafOtuz7im8ht2ZRgkpwlgUYhGYI0aM2LNG55GonRdtYEGI8uZGgahhY/Cz/CqG
s9/H9Alt4wa0bcSCUBTX
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:35 2024 by rpki-client on console-fra.rpki-client.org