Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/6NtKsuYLbth3Vj9YBKDC-kmjUlQ.roa
File: 6NtKsuYLbth3Vj9YBKDC-kmjUlQ.roa (raw, json)
Hash identifier: onioea+kwiwqno709k/EWClzdXksUSGURwbDbZpR7W8=
Subject key identifier: E8:DB:4A:B2:E6:0B:6E:D8:77:56:3F:58:04:A0:C2:FA:49:A3:52:54
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0187DD23CA7FF505E622332EC00FDD8E34DD
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/6NtKsuYLbth3Vj9YBKDC-kmjUlQ.roa
Signing time: Tue 02 May 2023 15:45:22 +0000
ROA not before: Tue 02 May 2023 15:45:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
87.254.8.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
217.25.1.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dd:23:ca:7f:f5:05:e6:22:33:2e:c0:0f:dd:8e:34:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: May 2 15:45:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8db4ab2e60b6ed877563f5804a0c2fa49a35254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:96:94:0d:d2:12:99:c3:2f:72:6e:ff:32:be:
d6:f8:2f:9c:52:21:02:f6:39:bb:b8:9f:d2:18:24:
b3:7d:da:99:96:90:8e:65:fa:5c:ee:71:5f:ff:c6:
e7:a9:26:45:74:a8:6e:53:85:f8:20:aa:de:7e:db:
bd:4f:6c:c4:ab:f6:3d:8c:17:6d:4b:31:6c:c4:45:
66:c5:91:45:58:de:c6:4a:9e:90:2c:6b:ea:76:f0:
ab:fc:b6:0a:ef:34:79:91:a2:4e:d4:da:99:a1:75:
60:a2:c6:a6:da:05:f2:a0:b9:4a:cb:c5:3f:59:e5:
0d:dd:f3:0b:23:40:27:ce:8c:a3:91:7c:57:49:6c:
21:31:0a:78:8b:a0:53:dd:eb:7e:67:2b:59:86:55:
ab:e1:fa:1c:07:cf:78:6a:a2:1d:ac:7f:50:26:ec:
59:b3:fe:14:aa:27:40:c4:e7:02:fb:b6:8d:71:8a:
0c:66:53:e6:f7:d6:b8:22:81:a8:25:15:a3:29:cc:
aa:68:a8:8b:ca:2a:be:a2:79:eb:7c:54:a5:d9:18:
ff:fd:ad:6c:ae:32:56:51:fe:06:45:30:a0:9f:03:
ee:a3:10:d2:03:3d:5a:24:fd:53:91:78:7c:8f:7e:
a0:b3:ce:75:d5:b8:6c:42:6f:71:da:58:25:9e:92:
9c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DB:4A:B2:E6:0B:6E:D8:77:56:3F:58:04:A0:C2:FA:49:A3:52:54
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/6NtKsuYLbth3Vj9YBKDC-kmjUlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.8.0/24
87.254.10.0/24
185.210.168.0/22
217.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:2a:18:83:fa:91:8a:33:0b:e8:25:29:0e:2b:92:fb:c7:07:
bc:eb:5e:8e:f7:11:ad:ad:c0:01:ca:91:ab:3c:8d:65:30:f6:
0d:21:53:11:85:da:76:92:82:63:97:a1:fe:00:02:a0:0a:a5:
95:35:17:d8:25:d4:eb:54:bb:bd:c8:3a:13:bf:1c:66:cb:5d:
ae:a0:5c:dc:ca:f1:2e:58:d3:c9:43:f9:02:b4:8b:02:df:7a:
1f:b5:61:fd:ff:de:3c:0f:a8:c1:3c:15:b7:b7:2a:a8:da:fb:
93:65:de:1d:77:9a:ba:1f:9d:01:56:80:19:89:1f:16:5e:27:
72:ac:11:de:f4:1f:06:f4:75:e4:43:e7:d7:c5:29:c8:4d:50:
3e:37:a5:99:a3:3c:96:69:0c:81:b9:01:2c:ab:21:e5:8f:47:
75:fd:e3:5d:ac:bc:0f:b5:3f:08:6f:13:b1:f5:10:ef:66:f5:
6b:c8:73:78:9c:00:78:47:60:93:e4:7c:69:19:70:85:61:51:
91:ed:4b:e1:70:61:7f:93:54:7e:cb:44:21:0f:ae:f6:37:fd:
20:29:93:e8:fd:05:56:a8:3e:36:91:55:8d:e4:a7:04:fc:16:
72:24:d3:13:17:93:0e:f7:4a:cf:91:28:41:b2:18:6f:de:43:
b3:a3:51:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYfdI8p/9QXmIjMuwA/djjTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNTAyMTU0NTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGRiNGFiMmU2MGI2ZWQ4Nzc1NjNmNTgwNGEwYzJmYTQ5YTM1MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpaUDdISmcMvcm7/Mr7W+C+cUiEC
9jm7uJ/SGCSzfdqZlpCOZfpc7nFf/8bnqSZFdKhuU4X4IKreftu9T2zEq/Y9jBdt
SzFsxEVmxZFFWN7GSp6QLGvqdvCr/LYK7zR5kaJO1NqZoXVgosam2gXyoLlKy8U/
WeUN3fMLI0AnzoyjkXxXSWwhMQp4i6BT3et+ZytZhlWr4focB894aqIdrH9QJuxZ
s/4UqidAxOcC+7aNcYoMZlPm99a4IoGoJRWjKcyqaKiLyiq+onnrfFSl2Rj//a1s
rjJWUf4GRTCgnwPuoxDSAz1aJP1TkXh8j36gs8511bhsQm9x2lglnpKcGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOjbSrLmC27Yd1Y/WASgwvpJo1JUMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvNk50S3N1WUxidGgzVmo5WUJLREMta21qVWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAV/4CAwQA
V/4IAwQAV/4KAwQCudKoAwQA2RkBMA0GCSqGSIb3DQEBCwUAA4IBAQA+KhiD+pGK
MwvoJSkOK5L7xwe8616O9xGtrcABypGrPI1lMPYNIVMRhdp2koJjl6H+AAKgCqWV
NRfYJdTrVLu9yDoTvxxmy12uoFzcyvEuWNPJQ/kCtIsC33oftWH9/948D6jBPBW3
tyqo2vuTZd4dd5q6H50BVoAZiR8WXidyrBHe9B8G9HXkQ+fXxSnITVA+N6WZozyW
aQyBuQEsqyHlj0d1/eNdrLwPtT8IbxOx9RDvZvVryHN4nAB4R2CT5HxpGXCFYVGR
7UvhcGF/k1R+y0QhD672N/0gKZPo/QVWqD42kVWN5KcE/BZyJNMTF5MO90rPkShB
shhv3kOzo1GZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org