Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/H_PHHz_6vOl25b8S2GWTvkrHjTM.roa
File: H_PHHz_6vOl25b8S2GWTvkrHjTM.roa (raw, json)
Hash identifier: uCzK+lirIbhwupnL7bnvZE8qdED1LGe/SLpT/HFGRMc=
Subject key identifier: 1F:F3:C7:1F:3F:FA:BC:E9:76:E5:BF:12:D8:65:93:BE:4A:C7:8D:33
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018AF6BCCFD7167A359D7174F3CF57A3F69B
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/H_PHHz_6vOl25b8S2GWTvkrHjTM.roa
Signing time: Tue 03 Oct 2023 18:11:23 +0000
ROA not before: Tue 03 Oct 2023 18:11:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.12.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.23.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Oct 2023 09:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f6:bc:cf:d7:16:7a:35:9d:71:74:f3:cf:57:a3:f6:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Oct 3 18:11:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ff3c71f3ffabce976e5bf12d86593be4ac78d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:53:b5:e8:d5:a8:8f:db:66:14:82:fc:3f:a3:
94:07:99:dc:c1:2f:10:15:36:0e:e4:33:4b:de:b3:
46:92:fb:3d:d3:bf:fa:4d:a4:83:f0:70:cb:cf:67:
ba:f2:6c:04:d9:2a:39:23:28:82:fc:e4:e5:11:d0:
e4:5f:0e:e2:ad:48:d4:b3:ba:48:35:3e:57:61:bf:
3d:94:e7:23:13:40:dd:4e:3d:9e:59:94:7c:48:e6:
03:19:35:c2:6e:00:82:5d:46:07:b4:e9:1c:a7:f3:
67:a1:ad:43:dc:f6:0c:8f:d9:7d:a2:70:ce:13:e2:
a8:2b:87:c9:68:5c:d8:04:bd:c2:d0:98:73:77:e0:
b8:bd:84:8c:4f:8e:58:28:47:4f:81:da:a3:bc:8d:
7e:63:21:19:cf:5f:09:5f:47:3b:63:01:fe:e3:15:
3d:08:00:1e:60:07:d3:82:8c:8d:75:ee:e9:2a:cc:
60:0a:ef:d4:f0:dd:be:79:79:90:78:96:33:03:81:
7a:75:23:23:0a:88:4d:f0:c3:a8:65:87:0c:a4:ff:
68:89:1e:3d:bb:67:14:22:7d:a2:a5:09:c4:6a:19:
79:02:b9:0a:d2:0f:b2:c6:55:eb:dc:87:a2:c1:e1:
91:f5:bf:37:48:88:78:4a:cb:e4:42:4b:ab:7a:fa:
0e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F3:C7:1F:3F:FA:BC:E9:76:E5:BF:12:D8:65:93:BE:4A:C7:8D:33
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/H_PHHz_6vOl25b8S2GWTvkrHjTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
87.254.12.0/23
87.254.17.0-87.254.19.255
87.254.22.0/23
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
10:08:e4:9b:f2:68:67:40:e4:d2:f7:1f:f8:7c:d8:a8:f9:71:
8f:63:d8:8d:48:54:d9:c0:11:0f:23:bc:cd:03:a7:48:85:f2:
44:11:a5:02:d6:11:b0:92:de:0b:15:7d:89:cf:b3:04:7c:d7:
bf:52:9b:aa:bd:76:00:8d:c8:60:06:30:85:06:86:b9:83:a6:
59:ac:ac:fe:9f:22:6c:f9:04:4a:9d:90:26:b7:37:f0:c0:0a:
f1:7a:81:db:dd:6c:a9:43:c7:f4:10:09:0f:57:5e:39:4b:a8:
ef:d5:92:31:e6:1a:a7:83:28:50:05:c4:d4:ec:db:8c:12:fd:
94:19:a2:87:bd:ae:75:d3:0d:b4:6b:d7:d1:e9:9f:5d:97:0d:
f5:00:f5:17:c2:c3:75:73:d0:e4:f0:8a:3e:ef:1a:84:2c:f5:
17:66:1a:7b:73:eb:6f:18:7b:00:dd:2c:22:4d:d6:91:76:9d:
8d:da:6d:93:27:c6:84:2e:4e:f4:27:1f:7a:26:89:8a:bf:26:
df:9d:6d:36:7d:e8:7b:7b:11:ff:19:0b:f4:b0:36:17:56:27:
82:8e:fc:e0:c6:e9:0e:6d:9a:83:7d:73:87:b4:14:e7:28:1f:
41:68:ac:12:95:42:64:cf:68:de:d5:f5:de:72:2c:78:d7:96:
58:63:b4:08
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYr2vM/XFno1nXF0889Xo/abMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMxMDAzMTgxMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmYzYzcxZjNmZmFiY2U5NzZlNWJmMTJkODY1OTNiZTRhYzc4ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVO16NWoj9tmFIL8P6OUB5ncwS8Q
FTYO5DNL3rNGkvs907/6TaSD8HDLz2e68mwE2So5IyiC/OTlEdDkXw7irUjUs7pI
NT5XYb89lOcjE0DdTj2eWZR8SOYDGTXCbgCCXUYHtOkcp/Nnoa1D3PYMj9l9onDO
E+KoK4fJaFzYBL3C0Jhzd+C4vYSMT45YKEdPgdqjvI1+YyEZz18JX0c7YwH+4xU9
CAAeYAfTgoyNde7pKsxgCu/U8N2+eXmQeJYzA4F6dSMjCohN8MOoZYcMpP9oiR49
u2cUIn2ipQnEahl5ArkK0g+yxlXr3IeiweGR9b83SIh4SsvkQkurevoOwwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFB/zxx8/+rzpduW/Ethlk75Kx40zMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvSF9QSEh6XzZ2T2wyNWI4UzJHV1R2a3JIalRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAV/4CAwQA
V/4KAwQBV/4MMAwDBABX/hEDBAJX/hADBAFX/hYDBAK50qgwDQYJKoZIhvcNAQEL
BQADggEBABAI5JvyaGdA5NL3H/h82Kj5cY9j2I1IVNnAEQ8jvM0Dp0iF8kQRpQLW
EbCS3gsVfYnPswR8179Sm6q9dgCNyGAGMIUGhrmDplmsrP6fImz5BEqdkCa3N/DA
CvF6gdvdbKlDx/QQCQ9XXjlLqO/VkjHmGqeDKFAFxNTs24wS/ZQZooe9rnXTDbRr
19Hpn12XDfUA9RfCw3Vz0OTwij7vGoQs9RdmGntz628YewDdLCJN1pF2nY3abZMn
xoQuTvQnH3omiYq/Jt+dbTZ96Ht7Ef8ZC/SwNhdWJ4KO/ODG6Q5tmoN9c4e0FOco
H0ForBKVQmTPaN7V9d5yLHjXllhjtAg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:04 2024 by rpki-client on console-fra.rpki-client.org