Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/2QkMivG9b3Y2b8JQsOwqDi-Dnmw.roa
File: 2QkMivG9b3Y2b8JQsOwqDi-Dnmw.roa (raw, json)
Hash identifier: dzZQOiULnKZzweJb+rUM9YD2jXVJtfXu/MknqMJ0GTE=
Subject key identifier: D9:09:0C:8A:F1:BD:6F:76:36:6F:C2:50:B0:EC:2A:0E:2F:83:9E:6C
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018BAA7A36531D432EA1FBC162B15E00E395
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/2QkMivG9b3Y2b8JQsOwqDi-Dnmw.roa
Signing time: Tue 07 Nov 2023 15:50:17 +0000
ROA not before: Tue 07 Nov 2023 15:50:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 87.254.9.0/24 maxlen: 24
87.254.8.0/24 maxlen: 24
87.254.18.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:7a:36:53:1d:43:2e:a1:fb:c1:62:b1:5e:00:e3:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Nov 7 15:50:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9090c8af1bd6f76366fc250b0ec2a0e2f839e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:22:b4:7e:7b:c3:e3:b4:3b:fd:7e:eb:18:1e:
0c:8b:d9:fc:74:ce:5d:1c:19:ac:e1:05:90:2c:b0:
9f:38:aa:78:1f:5f:eb:97:6e:4f:76:da:7d:26:9f:
a8:c3:55:31:b2:84:46:90:d3:8e:83:b9:ca:8d:ac:
a3:7b:28:cb:07:d9:94:1c:76:e8:4d:4d:f5:60:8f:
10:7e:1a:8f:cb:8c:32:e3:6e:8c:c2:bf:99:4d:43:
45:b3:08:43:0d:9e:41:9d:6d:7a:53:7d:e2:b4:fd:
95:ca:d9:8e:a7:37:07:01:86:68:fc:5c:52:dc:bb:
73:e2:ca:f0:dc:4d:50:ec:1c:cf:fe:50:3f:f6:f5:
50:47:65:71:e0:c7:c2:81:0b:fa:68:e5:28:09:ef:
fe:00:15:16:03:ca:f8:2c:32:5d:28:60:da:cf:25:
d8:b9:b9:7a:b3:8c:6c:b6:13:16:55:0e:d7:98:76:
38:e1:8f:cd:93:ff:35:c9:f3:38:29:d2:b7:5b:d4:
52:ec:40:38:13:6a:0b:4c:17:94:26:b0:d5:b2:44:
e8:1c:35:8b:5a:0d:52:7a:7a:cd:dc:95:c6:70:1f:
f4:c6:b7:3d:62:75:45:88:f9:28:9a:35:9f:05:74:
36:af:e1:ae:47:97:0e:a0:2a:a3:1a:3b:a8:ad:0b:
4b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:09:0C:8A:F1:BD:6F:76:36:6F:C2:50:B0:EC:2A:0E:2F:83:9E:6C
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/2QkMivG9b3Y2b8JQsOwqDi-Dnmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.8.0/23
87.254.18.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:2b:e5:16:63:38:28:5e:a6:d3:7b:aa:f5:cb:ba:9c:7e:a7:
c3:28:8e:21:b4:4d:7b:52:89:94:94:8d:7c:72:3c:e8:94:ea:
38:cb:c6:04:a1:73:81:26:2a:5f:a3:43:6c:a8:80:9e:2d:10:
cb:2b:84:b8:4e:b4:0c:2e:37:a9:21:81:31:86:50:29:1e:1b:
38:b6:ee:5f:d6:d4:ce:19:dd:03:0c:fd:4a:b3:8b:62:c3:25:
d5:e8:b1:66:90:66:67:df:71:1b:a5:0a:a2:98:39:11:04:8b:
be:1b:f4:90:5c:7c:01:ce:ee:73:fb:15:ba:32:d3:39:82:de:
b6:2e:e8:de:c2:df:db:a3:fe:12:79:73:a3:d2:80:f6:7c:66:
2d:0c:c5:37:bc:e4:ac:e8:92:9c:b0:7e:64:6b:de:b7:60:cb:
10:6c:86:b6:d8:e5:98:b7:65:f1:fa:71:48:4d:30:58:05:40:
5d:6b:17:aa:6e:f3:9d:67:71:4e:e0:92:ab:0c:4c:9e:56:3c:
f0:89:07:31:68:cd:70:98:9b:01:6b:c3:1d:c3:40:ca:07:c1:
05:99:09:2e:ad:04:a8:6e:50:a2:4c:46:00:96:74:27:2a:49:
35:e2:d0:b8:2e:5f:f8:2d:58:65:d3:32:45:a2:35:bb:09:36:
51:aa:b4:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuqejZTHUMuofvBYrFeAOOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMxMTA3MTU1MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTA5MGM4YWYxYmQ2Zjc2MzY2ZmMyNTBiMGVjMmEwZTJmODM5ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCK0fnvD47Q7/X7rGB4Mi9n8dM5d
HBms4QWQLLCfOKp4H1/rl25Pdtp9Jp+ow1UxsoRGkNOOg7nKjayjeyjLB9mUHHbo
TU31YI8QfhqPy4wy426Mwr+ZTUNFswhDDZ5BnW16U33itP2VytmOpzcHAYZo/FxS
3Ltz4srw3E1Q7BzP/lA/9vVQR2Vx4MfCgQv6aOUoCe/+ABUWA8r4LDJdKGDazyXY
ubl6s4xsthMWVQ7XmHY44Y/Nk/81yfM4KdK3W9RS7EA4E2oLTBeUJrDVskToHDWL
Wg1SenrN3JXGcB/0xrc9YnVFiPkomjWfBXQ2r+GuR5cOoCqjGjuorQtLwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNkJDIrxvW92Nm/CULDsKg4vg55sMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvMlFrTWl2RzliM1kyYjhKUXNPd3FEaS1Ebm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV/4IAwQB
V/4SMA0GCSqGSIb3DQEBCwUAA4IBAQA6K+UWYzgoXqbTe6r1y7qcfqfDKI4htE17
UomUlI18cjzolOo4y8YEoXOBJipfo0NsqICeLRDLK4S4TrQMLjepIYExhlApHhs4
tu5f1tTOGd0DDP1Ks4tiwyXV6LFmkGZn33EbpQqimDkRBIu+G/SQXHwBzu5z+xW6
MtM5gt62Lujewt/bo/4SeXOj0oD2fGYtDMU3vOSs6JKcsH5ka963YMsQbIa22OWY
t2Xx+nFITTBYBUBdaxeqbvOdZ3FO4JKrDEyeVjzwiQcxaM1wmJsBa8Mdw0DKB8EF
mQkurQSoblCiTEYAlnQnKkk14tC4Ll/4LVhl0zJFojW7CTZRqrTK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:21 2024 by rpki-client on console-ams.rpki-client.org