Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/qQ7ldJx25G0Qr7JMMUUwYmSBzls.roa
File: qQ7ldJx25G0Qr7JMMUUwYmSBzls.roa (raw, json)
Hash identifier: HBvZ9vzL0L9LK/Bi791oaRh2zephnbFkSwfsSMwwWiE=
Subject key identifier: A9:0E:E5:74:9C:76:E4:6D:10:AF:B2:4C:31:45:30:62:64:81:CE:5B
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018B2D64652A84BE2324EFDF63433A3E843A
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/qQ7ldJx25G0Qr7JMMUUwYmSBzls.roa
Signing time: Sat 14 Oct 2023 08:53:55 +0000
ROA not before: Sat 14 Oct 2023 08:53:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51431
IP address blocks: 87.107.172.0/24 maxlen: 24
87.107.188.0/23 maxlen: 24
87.107.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2d:64:65:2a:84:be:23:24:ef:df:63:43:3a:3e:84:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Oct 14 08:53:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a90ee5749c76e46d10afb24c314530626481ce5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c9:54:4f:af:ab:3c:79:c0:bf:94:b9:fd:68:
62:8e:82:80:d7:92:74:47:95:cf:d0:fc:4f:b2:90:
06:0e:12:db:70:4e:02:bf:70:72:6e:9c:67:17:88:
b1:e9:94:e1:51:2f:9c:ef:cd:3d:0b:ad:d2:54:ef:
33:81:9b:7d:9e:fe:58:ed:28:ac:15:03:8e:83:65:
43:db:b1:e1:eb:7b:13:1b:f8:dc:2f:05:6f:a8:45:
37:d0:e6:c0:6c:e5:99:d5:42:66:85:02:dc:ef:0f:
8f:28:dc:46:ff:d2:e8:42:c4:84:93:c4:90:58:ae:
e4:fd:85:bb:eb:5b:94:30:6e:ed:04:c3:93:7b:dc:
a4:75:31:f3:74:89:9f:94:bc:1c:db:13:df:c4:ef:
f1:c1:e9:01:db:8a:56:80:7a:e1:98:60:64:1d:f7:
70:0f:6e:4c:16:ad:35:cd:f8:32:9c:73:4e:5b:a3:
0c:e4:fe:3f:28:db:3c:1d:c0:b2:c1:da:02:67:7a:
20:37:d5:9f:2e:94:97:8e:0b:5f:27:bb:b8:6a:88:
cc:5c:cf:1a:5c:ca:39:f6:8b:37:9e:d3:81:f5:f2:
3a:ed:35:f6:24:09:c4:03:f7:75:10:39:ff:02:bb:
fc:9f:cf:52:46:f6:55:12:66:b2:a3:7b:b2:ec:e4:
31:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0E:E5:74:9C:76:E4:6D:10:AF:B2:4C:31:45:30:62:64:81:CE:5B
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/qQ7ldJx25G0Qr7JMMUUwYmSBzls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.102.0/24
87.107.172.0/24
87.107.188.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:56:7f:9c:ef:41:c0:ce:d0:90:d7:5b:96:c9:48:f0:08:1b:
64:6b:b6:bb:8d:7c:bc:b1:3c:ba:56:e5:6a:fd:01:64:5f:29:
e0:18:9d:1a:b6:d9:b5:b1:d2:11:7d:40:bb:14:fe:bb:6c:78:
01:9b:07:c7:a9:29:81:6c:76:08:71:9b:af:7a:6c:78:ff:d0:
bb:14:10:cd:9b:09:49:56:93:35:0c:d5:77:36:5b:8b:fc:11:
2e:17:a9:85:ea:37:c4:8e:d2:1b:49:5d:ab:6f:da:cb:5d:80:
a5:1d:db:a8:3a:46:15:2d:06:25:2d:18:1b:2c:99:c5:41:d5:
45:93:40:bc:7b:87:77:3b:a3:fb:63:27:d6:73:41:f6:8c:1f:
04:da:17:98:16:31:14:4c:c4:5e:8e:6f:05:1a:03:11:55:e8:
5b:73:74:ec:50:7c:22:a3:02:62:a2:3c:73:cd:c4:16:b8:cc:
b2:b5:a4:86:ff:f4:29:de:e9:f4:0e:7d:5f:6d:8a:e6:4a:a5:
01:46:17:1e:ed:bf:d1:ce:eb:57:79:60:86:31:3a:2d:ea:1a:
8d:4f:c1:3e:9d:02:34:75:c9:41:27:81:59:e3:08:e6:19:e7:
29:9e:f6:44:4a:70:19:8c:30:3f:71:09:36:c7:73:57:6d:1b:
7c:4f:66:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYstZGUqhL4jJO/fY0M6PoQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMxMDE0MDg1MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTBlZTU3NDljNzZlNDZkMTBhZmIyNGMzMTQ1MzA2MjY0ODFjZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMlUT6+rPHnAv5S5/WhijoKA15J0
R5XP0PxPspAGDhLbcE4Cv3BybpxnF4ix6ZThUS+c7809C63SVO8zgZt9nv5Y7Sis
FQOOg2VD27Hh63sTG/jcLwVvqEU30ObAbOWZ1UJmhQLc7w+PKNxG/9LoQsSEk8SQ
WK7k/YW761uUMG7tBMOTe9ykdTHzdImflLwc2xPfxO/xwekB24pWgHrhmGBkHfdw
D25MFq01zfgynHNOW6MM5P4/KNs8HcCywdoCZ3ogN9WfLpSXjgtfJ7u4aojMXM8a
XMo59os3ntOB9fI67TX2JAnEA/d1EDn/Arv8n89SRvZVEmayo3uy7OQxfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKkO5XScduRtEK+yTDFFMGJkgc5bMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvcVE3bGRKeDI1RzBRcjdKTU1VVXdZbVNCemxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV2tmAwQA
V2usAwQBV2u8MA0GCSqGSIb3DQEBCwUAA4IBAQBtVn+c70HAztCQ11uWyUjwCBtk
a7a7jXy8sTy6VuVq/QFkXyngGJ0attm1sdIRfUC7FP67bHgBmwfHqSmBbHYIcZuv
emx4/9C7FBDNmwlJVpM1DNV3NluL/BEuF6mF6jfEjtIbSV2rb9rLXYClHduoOkYV
LQYlLRgbLJnFQdVFk0C8e4d3O6P7YyfWc0H2jB8E2heYFjEUTMRejm8FGgMRVehb
c3TsUHwiowJiojxzzcQWuMyytaSG//Qp3un0Dn1fbYrmSqUBRhce7b/RzutXeWCG
MTot6hqNT8E+nQI0dclBJ4FZ4wjmGecpnvZESnAZjDA/cQk2x3NXbRt8T2ac
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org