Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/AVmp2TpevHWmKHa27wTQGeWDoJw.roa
File: AVmp2TpevHWmKHa27wTQGeWDoJw.roa (raw, json)
Hash identifier: OQg2mRHnkp5YqgliwdXzC+LRy3Y1vrmKSL5QWdWYEOs=
Subject key identifier: 01:59:A9:D9:3A:5E:BC:75:A6:28:76:B6:EF:04:D0:19:E5:83:A0:9C
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01894E5C3016DB6333CEE73321D80471E97A
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/AVmp2TpevHWmKHa27wTQGeWDoJw.roa
Signing time: Thu 13 Jul 2023 08:26:51 +0000
ROA not before: Thu 13 Jul 2023 08:26:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4e:5c:30:16:db:63:33:ce:e7:33:21:d8:04:71:e9:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jul 13 08:26:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0159a9d93a5ebc75a62876b6ef04d019e583a09c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ea:d0:01:d6:ce:4c:14:5f:0e:63:26:4a:39:
73:a9:39:b4:f7:90:d5:59:0a:f3:4c:52:95:ef:37:
78:4c:40:c4:0a:3e:f9:10:88:14:c4:72:b3:c4:48:
28:0f:6e:c6:e4:49:0a:fd:26:63:21:53:ac:af:ab:
28:a5:fb:a2:72:42:e4:86:7c:23:63:f7:c5:20:50:
95:85:23:0b:c3:99:33:a8:03:ce:c8:0b:bc:ca:80:
92:07:14:e1:43:e4:f6:ea:28:49:86:51:31:a8:be:
f0:74:fb:8b:48:17:6a:bd:48:f4:34:2d:5b:ce:0f:
8b:50:05:cf:d2:db:7b:e5:52:68:53:1e:60:31:62:
c6:35:17:41:87:53:5f:3a:1f:ce:98:2d:db:b9:5d:
df:4e:81:da:1d:fb:68:33:b7:f1:51:0c:0e:41:c8:
f0:9c:df:da:31:96:34:d8:fd:85:53:5f:ba:cf:d2:
37:e6:db:a9:b2:d0:50:6a:f9:76:eb:09:f1:27:a8:
41:a7:a6:a4:ef:46:fd:9a:d0:5b:58:f2:b8:99:bc:
d5:02:63:a3:22:d3:56:13:7e:3b:21:97:c2:eb:c4:
f6:52:46:02:8d:e3:bf:df:32:94:4c:f3:db:47:6c:
cd:a5:9d:72:ae:54:af:fa:12:13:30:63:5d:a6:d1:
da:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:59:A9:D9:3A:5E:BC:75:A6:28:76:B6:EF:04:D0:19:E5:83:A0:9C
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/AVmp2TpevHWmKHa27wTQGeWDoJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.10.0/24
87.254.17.0/24
87.254.19.0/24
87.254.22.0/24
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:db:4c:e2:89:cb:80:6e:49:86:61:1c:7f:11:f9:2c:0c:d2:
7b:7e:33:dc:66:1c:05:0f:2e:48:76:b1:c3:5d:dd:e9:a0:a0:
96:a6:c6:10:70:9c:95:87:07:bf:7e:dd:10:55:a1:85:81:d6:
c7:05:1e:a6:9c:44:84:f3:55:9e:12:d8:9a:d4:98:fc:f9:6a:
76:d5:15:ac:bf:3c:f3:21:9c:0a:0b:42:1e:18:df:f9:94:1a:
c2:4b:3e:aa:ef:ab:7d:25:2c:8b:b4:a7:32:3f:37:1e:07:b6:
dc:4c:2d:28:f3:62:c7:ce:19:22:01:51:dc:96:81:9d:12:9d:
f3:28:64:46:e1:1e:3d:3b:17:cd:0e:4d:9f:b6:ed:b9:60:0f:
79:d3:6f:81:7c:d0:f9:b4:1c:d8:95:5a:3d:f6:ca:72:38:fe:
ff:8e:c1:c8:7b:69:00:d1:f4:ba:99:24:10:48:68:9e:82:e6:
39:95:bf:7c:0e:f2:75:c7:ae:57:d0:c2:86:d2:ca:0a:25:09:
33:ac:c4:6f:c3:4f:4e:ea:1c:b8:77:c5:57:35:b7:c4:1f:84:
be:17:20:5b:38:54:4c:60:ba:79:2c:c9:12:27:ee:e9:5b:e1:
06:45:dc:c5:64:7a:00:02:13:67:6c:27:c5:9e:39:5f:96:14:
37:4b:93:6d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYlOXDAW22MzzuczIdgEcel6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNzEzMDgyNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTU5YTlkOTNhNWViYzc1YTYyODc2YjZlZjA0ZDAxOWU1ODNhMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOrQAdbOTBRfDmMmSjlzqTm095DV
WQrzTFKV7zd4TEDECj75EIgUxHKzxEgoD27G5EkK/SZjIVOsr6sopfuickLkhnwj
Y/fFIFCVhSMLw5kzqAPOyAu8yoCSBxThQ+T26ihJhlExqL7wdPuLSBdqvUj0NC1b
zg+LUAXP0tt75VJoUx5gMWLGNRdBh1NfOh/OmC3buV3fToHaHftoM7fxUQwOQcjw
nN/aMZY02P2FU1+6z9I35tupstBQavl26wnxJ6hBp6ak70b9mtBbWPK4mbzVAmOj
ItNWE347IZfC68T2UkYCjeO/3zKUTPPbR2zNpZ1yrlSv+hITMGNdptHaeQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAFZqdk6Xrx1pih2tu8E0Bnlg6CcMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvQVZtcDJUcGV2SFdtS0hhMjd3VFFHZVdEb0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAV/4KAwQA
V/4RAwQAV/4TAwQAV/4WAwQCudKoMA0GCSqGSIb3DQEBCwUAA4IBAQAO20ziicuA
bkmGYRx/EfksDNJ7fjPcZhwFDy5IdrHDXd3poKCWpsYQcJyVhwe/ft0QVaGFgdbH
BR6mnESE81WeEtia1Jj8+Wp21RWsvzzzIZwKC0IeGN/5lBrCSz6q76t9JSyLtKcy
PzceB7bcTC0o82LHzhkiAVHcloGdEp3zKGRG4R49OxfNDk2ftu25YA9502+BfND5
tBzYlVo99spyOP7/jsHIe2kA0fS6mSQQSGieguY5lb98DvJ1x65X0MKG0soKJQkz
rMRvw09O6hy4d8VXNbfEH4S+FyBbOFRMYLp5LMkSJ+7pW+EGRdzFZHoAAhNnbCfF
njlflhQ3S5Nt
-----END CERTIFICATE-----
Generated at Sat Jul 22 12:46:30 2023 by rpki-client on console-ams.rpki-client.org