Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/87Z4tAk-iANR-Iyg9393LMPYCos.roa
File: 87Z4tAk-iANR-Iyg9393LMPYCos.roa (raw, json)
Hash identifier: 2XTzwpd76QhPRDsQ2Me23dR/iVlHussrdzh4R50XN7Q=
Subject key identifier: F3:B6:78:B4:09:3E:88:03:51:F8:8C:A0:F7:7F:77:2C:C3:D8:0A:8B
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 01856D5D1DA171F3A796C8BAB244647DD288
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/87Z4tAk-iANR-Iyg9393LMPYCos.roa
Signing time: Sun 01 Jan 2023 12:44:57 +0000
ROA not before: Sun 01 Jan 2023 12:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50810
IP address blocks: 194.26.2.0/23 maxlen: 24
128.65.164.0/22 maxlen: 22
128.65.172.0/22 maxlen: 22
128.65.168.0/22 maxlen: 22
194.26.20.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Oct 2023 18:07:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:1d:a1:71:f3:a7:96:c8:ba:b2:44:64:7d:d2:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Jan 1 12:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3b678b4093e880351f88ca0f77f772cc3d80a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:77:5b:ae:45:5f:19:f7:20:e1:c9:f3:30:b3:
9e:61:8c:e9:ff:2c:e6:33:88:d6:ca:6e:4b:58:ef:
b6:c2:5d:4a:44:cd:e5:41:af:a6:67:6a:9c:cd:48:
c0:13:d4:22:38:34:c7:cd:5e:3d:ac:7a:07:c8:68:
38:bb:df:05:ec:43:cf:2c:10:d9:14:f8:af:2b:4d:
23:07:54:6d:8e:71:ed:b2:3f:0f:0f:19:84:c9:87:
bf:9e:37:b1:75:c1:c8:e3:ce:ca:67:55:47:df:39:
3f:c1:f5:5d:4b:6c:5c:40:38:a0:b0:5f:39:f2:05:
c1:fe:7d:78:00:45:ab:61:7e:2f:c9:fd:0f:54:d6:
a0:e3:b4:ed:57:8d:65:e6:35:64:30:dd:02:16:3a:
18:7f:a6:20:02:fd:18:9d:1d:d2:e0:69:1b:ea:9a:
db:0b:e7:c7:d1:66:1e:d1:b6:bb:ff:ca:e2:87:a9:
fa:5e:c9:83:e6:05:cd:2b:70:25:b3:f5:4a:41:bd:
12:1d:d2:0d:9d:e3:3c:03:27:da:00:f4:6e:93:96:
77:aa:b2:c9:c1:d8:d6:83:55:cb:31:13:83:e9:4e:
db:2d:be:d3:75:76:c3:27:5b:9c:42:7d:58:bb:2a:
02:14:70:10:81:df:ba:93:8d:1a:18:b4:15:f2:fc:
55:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B6:78:B4:09:3E:88:03:51:F8:8C:A0:F7:7F:77:2C:C3:D8:0A:8B
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/87Z4tAk-iANR-Iyg9393LMPYCos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.164.0-128.65.175.255
194.26.2.0/23
194.26.20.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:64:70:73:a5:cf:48:1c:ae:40:96:c5:6d:18:d6:86:13:fd:
3d:dc:61:89:47:da:38:aa:c5:40:75:d1:8c:62:9d:0a:89:2b:
c8:d3:18:b8:27:12:42:be:9a:3e:de:66:6f:ab:60:f1:92:2f:
70:ff:37:33:c4:86:de:ba:ab:88:f7:eb:e1:f3:dc:57:27:bf:
c0:be:7d:ff:d2:2f:bf:f1:c8:09:c6:15:c3:48:82:03:07:aa:
50:76:70:a1:0b:4a:20:81:d5:aa:4d:dd:75:dd:2e:3b:79:fc:
80:31:29:57:0a:f8:d5:01:cd:98:56:c1:af:f4:d9:0a:35:e3:
ad:0f:2a:4e:7a:17:76:58:92:18:59:be:90:d4:2c:22:33:33:
96:96:65:31:38:65:b5:c0:5c:eb:e3:4e:d1:91:9b:ef:b8:4c:
6d:3d:fc:4f:4a:23:e3:5a:d4:48:a5:9f:9a:c1:e8:ff:d1:95:
a0:36:d6:f0:b4:1c:ab:34:8b:6c:a3:d5:44:86:9d:0a:2e:a0:
c4:c8:20:87:52:fd:09:aa:f9:c6:8b:f2:0f:7b:60:78:8d:db:
3d:98:81:d2:f4:e1:e7:ce:6b:20:e7:ec:c9:ca:50:14:70:7a:
76:76:2b:b6:db:49:bc:d4:ff:86:2d:5d:26:7c:da:9f:e6:7b:
7b:0e:fb:a5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVtXR2hcfOnlsi6skRkfdKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMwMTAxMTI0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2I2NzhiNDA5M2U4ODAzNTFmODhjYTBmNzdmNzcyY2MzZDgwYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ndbrkVfGfcg4cnzMLOeYYzp/yzm
M4jWym5LWO+2wl1KRM3lQa+mZ2qczUjAE9QiODTHzV49rHoHyGg4u98F7EPPLBDZ
FPivK00jB1RtjnHtsj8PDxmEyYe/njexdcHI487KZ1VH3zk/wfVdS2xcQDigsF85
8gXB/n14AEWrYX4vyf0PVNag47TtV41l5jVkMN0CFjoYf6YgAv0YnR3S4Gkb6prb
C+fH0WYe0ba7/8rih6n6XsmD5gXNK3Als/VKQb0SHdINneM8AyfaAPRuk5Z3qrLJ
wdjWg1XLMROD6U7bLb7TdXbDJ1ucQn1YuyoCFHAQgd+6k40aGLQV8vxVkwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPO2eLQJPogDUfiMoPd/dyzD2AqLMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvODdaNHRBay1pQU5SLUl5ZzkzOTNMTVBZQ29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKAQaQD
BASAQaADBAHCGgIDBAHCGhQwDQYJKoZIhvcNAQELBQADggEBAE1kcHOlz0gcrkCW
xW0Y1oYT/T3cYYlH2jiqxUB10YxinQqJK8jTGLgnEkK+mj7eZm+rYPGSL3D/NzPE
ht66q4j36+Hz3Fcnv8C+ff/SL7/xyAnGFcNIggMHqlB2cKELSiCB1apN3XXdLjt5
/IAxKVcK+NUBzZhWwa/02Qo1460PKk56F3ZYkhhZvpDULCIzM5aWZTE4ZbXAXOvj
TtGRm++4TG09/E9KI+Na1Eiln5rB6P/RlaA21vC0HKs0i2yj1USGnQouoMTIIIdS
/Qmq+caL8g97YHiN2z2YgdL04efOayDn7MnKUBRwenZ2K7bbSbzU/4YtXSZ82p/m
e3sO+6U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org