Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wEE4kN4jFJiK39FBq1z7k-zvrkM.roa
File: wEE4kN4jFJiK39FBq1z7k-zvrkM.roa (raw, json)
Hash identifier: /Um4HRJia0SPQrxoQ8ZgU2J+GZXIkt1U7cZbSarz1D4=
Subject key identifier: C0:41:38:90:DE:23:14:98:8A:DF:D1:41:AB:5C:FB:93:EC:EF:AE:43
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0187F0F1B5E6704EFB95E80507FDC03DCE30
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wEE4kN4jFJiK39FBq1z7k-zvrkM.roa
Signing time: Sat 06 May 2023 12:03:05 +0000
ROA not before: Sat 06 May 2023 12:03:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43395
IP address blocks: 87.107.85.0/24 maxlen: 24
81.12.64.0/23 maxlen: 23
81.12.66.0/24 maxlen: 24
81.12.90.0/23 maxlen: 23
87.107.31.0/24 maxlen: 24
87.107.142.0/23 maxlen: 23
87.107.32.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f0:f1:b5:e6:70:4e:fb:95:e8:05:07:fd:c0:3d:ce:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: May 6 12:03:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0413890de2314988adfd141ab5cfb93ecefae43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:39:45:06:16:49:76:8e:57:86:6c:8b:54:6d:
32:55:f7:bd:0c:3e:5b:b1:d7:c0:d2:8c:4e:fa:77:
9b:c9:58:89:50:a7:94:7a:4e:63:4a:60:e7:30:40:
94:c3:fa:da:d0:a4:f5:6a:af:f2:68:af:cf:62:f9:
9f:84:08:b7:f9:b3:19:9e:dd:4a:25:df:cc:3a:a7:
6a:92:bc:c1:03:e9:c4:52:f9:6d:fc:4b:b3:a3:b0:
9b:60:9a:b0:1c:38:37:66:5f:15:b2:6f:38:94:2c:
3c:0a:9b:68:91:39:e9:5c:7f:f6:c9:74:f6:e6:29:
be:f3:c2:ff:7e:48:8c:7b:23:b1:60:ca:ec:f3:42:
3e:f0:cf:6c:f5:ab:04:ed:e4:b3:d3:58:5c:54:fb:
4c:b4:7f:e7:16:0e:67:4e:9b:5b:0a:56:7f:bd:82:
38:87:20:0e:66:b8:50:de:44:cc:73:eb:b3:0a:48:
bf:6b:8c:3a:a2:9b:ec:5b:e2:a4:03:b4:2d:3c:7d:
fa:37:cc:8a:12:30:2d:8a:3a:34:53:eb:e0:ae:73:
e6:a3:72:d8:d9:b8:3d:72:17:ac:9a:2b:a3:f8:30:
f4:1c:d6:bb:f5:82:5c:e6:b0:5c:01:04:98:c0:2c:
66:18:7b:71:de:ce:4a:53:7e:ff:b5:2a:43:75:f3:
a2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:41:38:90:DE:23:14:98:8A:DF:D1:41:AB:5C:FB:93:EC:EF:AE:43
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wEE4kN4jFJiK39FBq1z7k-zvrkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.64.0-81.12.66.255
81.12.90.0/23
87.107.31.0-87.107.33.255
87.107.85.0/24
87.107.142.0/23
Signature Algorithm: sha256WithRSAEncryption
29:09:a2:22:ed:a2:61:8f:ad:b7:22:5f:de:8d:e5:1c:96:2f:
87:46:e8:02:4c:6e:1b:ba:93:f7:50:6d:6b:e7:a6:84:6f:fe:
75:aa:1a:63:be:20:6a:9e:bb:3d:75:8a:6f:7f:b3:51:e6:a5:
c2:47:6d:3e:05:fb:70:30:73:13:3e:eb:83:52:ff:8d:8d:02:
02:46:10:15:55:37:e2:68:da:f3:53:4c:30:2e:e0:b9:d5:2d:
04:d2:22:18:64:6e:24:fa:b6:b8:ca:e5:ef:13:ec:ff:a9:15:
18:b8:db:76:e9:88:f2:8b:b6:50:d7:7c:9a:16:b0:4d:33:29:
9f:ba:cd:d6:d4:5d:42:3d:12:47:2a:10:d7:f8:e4:38:ce:b8:
3e:83:38:11:1f:d4:5f:51:e5:14:2c:48:ba:86:76:af:bd:6d:
09:d7:05:25:a8:02:51:64:e5:9e:86:9c:48:bd:23:7b:61:b0:
56:0c:ea:a3:54:5c:6a:69:98:33:a4:a1:34:08:8e:1f:34:df:
39:4d:d8:69:f9:2a:b0:7a:ca:40:c5:6d:60:bf:b0:01:8f:2e:
b0:ec:ec:63:d9:ce:ba:bd:ad:bf:89:c2:e4:b3:f2:d1:d9:e3:
cd:3b:40:0a:b6:15:00:30:83:d8:bf:e7:22:46:f2:11:e2:55:
aa:15:eb:4a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYfw8bXmcE77legFB/3APc4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwNTA2MTIwMzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDQxMzg5MGRlMjMxNDk4OGFkZmQxNDFhYjVjZmI5M2VjZWZhZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTlFBhZJdo5XhmyLVG0yVfe9DD5b
sdfA0oxO+nebyViJUKeUek5jSmDnMECUw/ra0KT1aq/yaK/PYvmfhAi3+bMZnt1K
Jd/MOqdqkrzBA+nEUvlt/Euzo7CbYJqwHDg3Zl8Vsm84lCw8CptokTnpXH/2yXT2
5im+88L/fkiMeyOxYMrs80I+8M9s9asE7eSz01hcVPtMtH/nFg5nTptbClZ/vYI4
hyAOZrhQ3kTMc+uzCki/a4w6opvsW+KkA7QtPH36N8yKEjAtijo0U+vgrnPmo3LY
2bg9chesmiuj+DD0HNa79YJc5rBcAQSYwCxmGHtx3s5KU37/tSpDdfOikQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMBBOJDeIxSYit/RQatc+5Ps765DMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvd0VFNGtONGpGSmlLMzlGQnExejdrLXp2cmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAZRDEAD
BABRDEIDBAFRDFowDAMEAFdrHwMEAVdrIAMEAFdrVQMEAVdrjjANBgkqhkiG9w0B
AQsFAAOCAQEAKQmiIu2iYY+ttyJf3o3lHJYvh0boAkxuG7qT91Bta+emhG/+daoa
Y74gap67PXWKb3+zUealwkdtPgX7cDBzEz7rg1L/jY0CAkYQFVU34mja81NMMC7g
udUtBNIiGGRuJPq2uMrl7xPs/6kVGLjbdumI8ou2UNd8mhawTTMpn7rN1tRdQj0S
RyoQ1/jkOM64PoM4ER/UX1HlFCxIuoZ2r71tCdcFJagCUWTlnoacSL0je2GwVgzq
o1RcammYM6ShNAiOHzTfOU3YafkqsHrKQMVtYL+wAY8usOzsY9nOur2tv4nC5LPy
0dnjzTtACrYVADCD2L/nIkbyEeJVqhXrSg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:35 2024 by rpki-client on console-fra.rpki-client.org