Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/G_cWz2fwc-OZvjq465Co6wEINNg.roa
File: G_cWz2fwc-OZvjq465Co6wEINNg.roa (raw, json)
Hash identifier: ValtceAL1EyPlpQ9dGX7PTVlrbHsBpQRow/alqKNHyY=
Subject key identifier: 1B:F7:16:CF:67:F0:73:E3:99:BE:3A:B8:EB:90:A8:EB:01:08:34:D8
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018AD227EF6AE2A4D70708B1D0653F022A89
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/G_cWz2fwc-OZvjq465Co6wEINNg.roa
Signing time: Tue 26 Sep 2023 15:42:27 +0000
ROA not before: Tue 26 Sep 2023 15:42:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.12.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d2:27:ef:6a:e2:a4:d7:07:08:b1:d0:65:3f:02:2a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Sep 26 15:42:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bf716cf67f073e399be3ab8eb90a8eb010834d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:4e:27:6f:85:84:e5:2e:15:b2:1b:d8:3f:98:
74:ef:ed:ff:64:9b:30:8a:c0:2e:41:37:e0:54:88:
0e:62:b9:e4:b2:a7:6a:20:8d:bd:bc:90:78:be:8b:
f0:98:8a:fb:5b:8e:11:11:c5:35:1d:c5:28:d1:41:
e3:19:bf:e5:f0:e3:f2:89:f1:61:ec:82:b7:38:a3:
57:c7:88:eb:b5:92:18:7f:1e:10:ac:97:4e:aa:bb:
87:38:3d:7f:44:06:05:f2:a3:44:7c:8a:5e:01:3e:
a0:ad:9a:c1:45:b2:35:a2:21:26:d0:73:dc:97:70:
03:0e:e7:fe:0d:25:1e:ff:ff:fd:ef:0c:23:8c:3d:
cc:86:88:11:1d:53:ca:00:41:26:a1:b5:e4:92:a3:
31:6b:23:9c:5b:01:6f:7c:ac:d7:95:94:4b:ee:84:
ca:6b:ac:ae:14:3f:7f:f1:1c:7c:ea:21:29:2f:0a:
4e:c3:60:4c:0a:37:cd:61:7e:78:73:9a:07:3c:72:
98:4b:e5:bc:d3:5c:00:fa:19:8d:21:5c:2f:eb:22:
39:37:3d:9e:4d:0c:9f:59:c6:5c:e2:a6:3b:a6:e6:
25:30:da:14:89:71:08:c7:c9:a2:ee:e1:58:51:f6:
0d:f7:93:f3:77:c5:cc:fb:98:9e:5a:f5:ea:6b:0a:
fd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F7:16:CF:67:F0:73:E3:99:BE:3A:B8:EB:90:A8:EB:01:08:34:D8
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/G_cWz2fwc-OZvjq465Co6wEINNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
87.254.12.0/23
87.254.17.0-87.254.19.255
87.254.22.0/24
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
67:8f:92:30:20:07:a3:11:47:1e:e4:1a:cd:50:15:74:c8:92:
3b:13:f3:59:ec:0f:c6:4b:eb:8f:da:a4:94:f4:70:30:2d:28:
82:5a:ae:78:f4:39:04:66:81:54:bf:5d:c4:65:83:5e:0d:f0:
dd:91:37:8d:45:83:67:39:be:3a:05:ad:30:74:ae:7c:f3:5a:
c7:7d:17:95:65:5a:82:60:4d:5d:29:99:bf:32:1e:5c:c2:19:
09:c0:ab:d7:dd:4a:77:cc:03:d7:09:87:f4:1a:e9:93:ec:50:
d1:ba:7a:1d:fe:4c:94:c4:2f:98:0a:46:94:72:cb:0f:55:fa:
0c:1f:73:55:ee:52:1d:3f:7a:b6:d5:ea:42:6f:94:7c:0b:79:
a6:97:ba:94:a1:d6:12:63:6c:fa:91:ac:9b:49:d0:b3:d0:13:
1b:53:c4:6e:2f:8a:0c:d6:d9:3e:4c:08:20:0d:45:29:52:89:
43:eb:b8:86:df:6a:d9:f8:43:c2:9c:36:0f:4f:a2:29:1f:5a:
79:9c:83:93:05:ef:d0:84:f2:ee:d4:68:6c:45:e7:b4:c4:74:
70:d9:57:31:9d:a1:d5:cf:43:26:96:89:b6:e9:eb:fb:5f:ce:
72:ef:d8:e0:fe:13:45:e4:d3:fe:86:2d:b8:32:f7:43:29:29:
1b:d9:85:f9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYrSJ+9q4qTXBwix0GU/AiqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwOTI2MTU0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmY3MTZjZjY3ZjA3M2UzOTliZTNhYjhlYjkwYThlYjAxMDgzNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8k4nb4WE5S4VshvYP5h07+3/ZJsw
isAuQTfgVIgOYrnksqdqII29vJB4vovwmIr7W44REcU1HcUo0UHjGb/l8OPyifFh
7IK3OKNXx4jrtZIYfx4QrJdOqruHOD1/RAYF8qNEfIpeAT6grZrBRbI1oiEm0HPc
l3ADDuf+DSUe///97wwjjD3MhogRHVPKAEEmobXkkqMxayOcWwFvfKzXlZRL7oTK
a6yuFD9/8Rx86iEpLwpOw2BMCjfNYX54c5oHPHKYS+W801wA+hmNIVwv6yI5Nz2e
TQyfWcZc4qY7puYlMNoUiXEIx8mi7uFYUfYN95Pzd8XM+5ieWvXqawr9QwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBv3Fs9n8HPjmb46uOuQqOsBCDTYMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvR19jV3oyZndjLU9admpxNDY1Q282d0VJTk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAV/4CAwQA
V/4KAwQBV/4MMAwDBABX/hEDBAJX/hADBABX/hYDBAK50qgwDQYJKoZIhvcNAQEL
BQADggEBAGePkjAgB6MRRx7kGs1QFXTIkjsT81nsD8ZL64/apJT0cDAtKIJarnj0
OQRmgVS/XcRlg14N8N2RN41Fg2c5vjoFrTB0rnzzWsd9F5VlWoJgTV0pmb8yHlzC
GQnAq9fdSnfMA9cJh/Qa6ZPsUNG6eh3+TJTEL5gKRpRyyw9V+gwfc1XuUh0/erbV
6kJvlHwLeaaXupSh1hJjbPqRrJtJ0LPQExtTxG4vigzW2T5MCCANRSlSiUPruIbf
atn4Q8KcNg9PoikfWnmcg5MF79CE8u7UaGxF57TEdHDZVzGdodXPQyaWibbp6/tf
znLv2OD+E0Xk0/6GLbgy90MpKRvZhfk=
-----END CERTIFICATE-----
Generated at Tue Oct 3 19:01:36 2023 by rpki-client on console-ams.rpki-client.org