Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/24csCVIIojGWVhbbdxafYnSIcwc.roa
File: 24csCVIIojGWVhbbdxafYnSIcwc.roa (raw, json)
Hash identifier: 0QXBsKg/M4B0H21tMUUBRfSWHPHj0n/eCeA56hbOK6w=
Subject key identifier: DB:87:2C:09:52:08:A2:31:96:56:16:DB:77:16:9F:62:74:88:73:07
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018AC83517A9FB4DAF5A177696A136668B2F
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/24csCVIIojGWVhbbdxafYnSIcwc.roa
Signing time: Sun 24 Sep 2023 17:20:37 +0000
ROA not before: Sun 24 Sep 2023 17:20:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.12.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
217.25.3.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c8:35:17:a9:fb:4d:af:5a:17:76:96:a1:36:66:8b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Sep 24 17:20:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db872c095208a231965616db77169f6274887307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:47:33:34:13:65:46:86:b1:11:2a:12:7d:fa:
d8:7c:00:bc:6b:32:0a:b1:cc:cf:5e:1d:0b:8e:50:
6f:1f:d8:b4:d2:11:0a:01:53:00:f2:ea:06:de:fa:
a8:7b:bf:6a:63:ba:1e:ef:68:25:67:71:f2:22:b4:
5a:72:1f:ae:8a:5b:39:ca:c5:2e:19:74:e2:a0:06:
1b:f5:19:66:25:6e:ec:45:87:a4:ed:58:15:63:15:
56:ed:09:ea:a7:39:db:91:a6:33:3c:b4:8b:9b:e2:
c5:e2:99:08:3d:e2:b9:e1:34:01:ca:84:71:81:2e:
c2:43:57:8b:f9:b3:98:31:8e:cb:c0:1e:ae:f7:ba:
88:2a:85:15:f7:3e:04:91:c1:7c:e1:db:c4:99:5a:
3d:c4:88:2b:99:9a:82:e7:7b:dc:f6:f3:ee:f1:f0:
ad:f6:49:17:cc:79:8b:ed:eb:6a:92:fc:0e:d2:dd:
b2:55:e5:37:8d:1b:e5:16:91:37:f0:0e:7c:4b:10:
2a:47:18:a1:92:28:32:7c:ee:ed:44:f9:45:9d:a7:
ea:41:af:da:8a:80:f8:b5:67:f5:3c:0b:f7:01:32:
89:3b:b2:29:9c:c7:e4:40:da:84:13:3b:0d:d3:a5:
d0:ac:3e:2d:57:8c:54:5a:c4:b3:5e:65:99:63:53:
ec:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:87:2C:09:52:08:A2:31:96:56:16:DB:77:16:9F:62:74:88:73:07
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/24csCVIIojGWVhbbdxafYnSIcwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
87.254.12.0/23
87.254.17.0-87.254.19.255
87.254.22.0/24
185.210.168.0/22
217.25.3.0/24
Signature Algorithm: sha256WithRSAEncryption
62:c0:0e:f1:4f:44:32:0f:82:5e:50:1f:b7:f0:2d:63:2b:a9:
17:23:d0:5b:43:aa:b1:19:6c:38:77:9c:47:16:d8:62:10:0a:
57:a7:03:95:c3:63:64:76:e6:c4:fc:d5:6d:95:f0:93:79:ac:
c5:34:df:b9:ed:5f:bc:09:0c:17:8b:fe:62:44:31:04:a5:c9:
d8:11:c8:bf:ed:d5:f6:12:ad:32:a4:ff:0c:3a:8c:c2:c1:e5:
2c:88:5d:a8:2b:26:58:25:15:44:ce:55:2f:39:d0:fa:bd:ec:
c4:4a:58:b7:ea:f5:85:ab:40:bf:37:c8:6d:07:71:bb:e1:fc:
5c:6f:b9:96:e3:59:95:17:ee:a5:6e:a7:52:b2:b0:ff:1f:3a:
15:5b:6e:87:f8:5e:f2:40:cb:43:60:6f:37:c8:87:26:65:a9:
69:d8:32:07:3f:57:e8:39:66:2b:da:12:97:34:14:5b:95:ad:
56:23:33:42:0d:02:b7:c0:af:b6:5a:69:d2:cb:e5:98:f0:64:
7f:88:b5:cb:a9:04:4e:56:9c:3a:d8:6c:c4:10:9f:2a:c5:7e:
a8:5c:ae:b2:d3:e0:97:85:db:91:e7:38:52:32:3e:6c:2c:77:
45:02:40:c8:05:c3:58:be:5d:b8:5f:d0:a2:90:2b:f2:bc:e6:
70:f9:c0:f2
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYrINRep+02vWhd2lqE2ZosvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwOTI0MTcyMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjg3MmMwOTUyMDhhMjMxOTY1NjE2ZGI3NzE2OWY2Mjc0ODg3MzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEczNBNlRoaxESoSffrYfAC8azIK
sczPXh0LjlBvH9i00hEKAVMA8uoG3vqoe79qY7oe72glZ3HyIrRach+uils5ysUu
GXTioAYb9RlmJW7sRYek7VgVYxVW7QnqpznbkaYzPLSLm+LF4pkIPeK54TQByoRx
gS7CQ1eL+bOYMY7LwB6u97qIKoUV9z4EkcF84dvEmVo9xIgrmZqC53vc9vPu8fCt
9kkXzHmL7etqkvwO0t2yVeU3jRvlFpE38A58SxAqRxihkigyfO7tRPlFnafqQa/a
ioD4tWf1PAv3ATKJO7IpnMfkQNqEEzsN06XQrD4tV4xUWsSzXmWZY1PsHwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNuHLAlSCKIxllYW23cWn2J0iHMHMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvMjRjc0NWSUlvakdXVmhiYmR4YWZZblNJY3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAV/4CAwQA
V/4KAwQBV/4MMAwDBABX/hEDBAJX/hADBABX/hYDBAK50qgDBADZGQMwDQYJKoZI
hvcNAQELBQADggEBAGLADvFPRDIPgl5QH7fwLWMrqRcj0FtDqrEZbDh3nEcW2GIQ
ClenA5XDY2R25sT81W2V8JN5rMU037ntX7wJDBeL/mJEMQSlydgRyL/t1fYSrTKk
/ww6jMLB5SyIXagrJlglFUTOVS850Pq97MRKWLfq9YWrQL83yG0Hcbvh/FxvuZbj
WZUX7qVup1KysP8fOhVbbof4XvJAy0NgbzfIhyZlqWnYMgc/V+g5ZivaEpc0FFuV
rVYjM0INArfAr7ZaadLL5ZjwZH+ItcupBE5WnDrYbMQQnyrFfqhcrrLT4JeF25Hn
OFIyPmwsd0UCQMgFw1i+Xbhf0KKQK/K85nD5wPI=
Generated at Tue Sep 26 16:07:45 2023 by rpki-client on console-fra.rpki-client.org