Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/JRfZOpjI8rIqyBAxz1BG1BfsIYk.roa
File: JRfZOpjI8rIqyBAxz1BG1BfsIYk.roa (raw, json)
Hash identifier: I6yY3V0IGmpzsgUc6LF8BGYXo39DWPMJcTghxa87ZA0=
Subject key identifier: 25:17:D9:3A:98:C8:F2:B2:2A:C8:10:31:CF:50:46:D4:17:EC:21:89
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0187DBA7B3EA2BC7DFB2FAED9D26EB370344
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/JRfZOpjI8rIqyBAxz1BG1BfsIYk.roa
Signing time: Tue 02 May 2023 08:50:13 +0000
ROA not before: Tue 02 May 2023 08:50:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 87.254.11.0/24 maxlen: 24
185.210.168.0/22 maxlen: 24
87.254.16.0/24 maxlen: 24
87.254.17.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:a7:b3:ea:2b:c7:df:b2:fa:ed:9d:26:eb:37:03:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: May 2 08:50:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2517d93a98c8f2b22ac81031cf5046d417ec2189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:65:ba:1d:1d:cb:27:1d:79:0f:41:27:c6:28:
e1:29:e7:9c:c6:3a:85:b8:05:17:f0:14:10:97:fc:
d0:26:98:09:34:0d:bc:35:d7:0f:07:45:39:fa:05:
ec:f5:cb:2d:e2:ef:f5:f5:49:6a:f1:4d:87:f0:3d:
95:9a:a5:4d:8b:dd:84:af:11:83:2e:30:7f:de:8e:
54:7f:2f:18:90:f1:c6:62:5c:71:ca:57:f3:7c:81:
bd:10:41:9f:1b:aa:45:04:ab:4b:be:d2:dd:0f:a0:
4f:65:87:ad:bd:80:4f:f2:66:20:1f:77:7d:9c:e9:
66:21:81:a7:b3:04:0a:8a:5b:d9:d9:ca:1d:cf:5e:
7c:51:d3:69:89:1a:2c:37:40:1b:69:53:24:26:05:
a0:f5:83:73:36:e1:7f:26:70:da:3f:d7:fb:02:24:
ad:19:fa:66:1f:46:3f:62:16:f8:b2:ad:b4:c3:45:
1f:c7:0e:86:a1:3c:a7:42:f5:00:91:22:23:b7:8a:
0d:a1:39:11:8d:7e:36:92:e4:07:73:46:67:fe:c4:
f2:50:08:72:1a:db:38:d3:01:24:6b:60:ad:3d:9f:
0f:4f:86:58:4e:9c:66:a0:27:e3:29:0a:ff:8c:aa:
fc:16:6d:c7:ce:51:fd:59:fb:9e:fb:6e:4f:8d:19:
2c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:17:D9:3A:98:C8:F2:B2:2A:C8:10:31:CF:50:46:D4:17:EC:21:89
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/JRfZOpjI8rIqyBAxz1BG1BfsIYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.11.0/24
87.254.16.0-87.254.18.255
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
69:8b:4c:b2:13:eb:02:3f:cf:29:14:10:11:79:5e:d7:8d:02:
6f:c0:7c:c2:47:df:39:e9:6e:7c:61:2d:24:7a:5c:c2:be:07:
ad:71:fb:8d:d2:1a:d6:53:0f:d9:04:c5:10:f3:23:23:b9:73:
03:89:be:29:bb:c3:9e:85:4f:3d:73:4d:6e:e6:44:00:a2:bf:
62:20:6f:6f:2a:c2:6a:f3:f4:e2:14:57:fa:55:e4:43:e7:da:
5b:25:22:5e:e8:56:dd:28:ab:96:00:40:a2:34:47:23:1c:a8:
28:2b:44:91:a2:49:fa:4a:da:5a:ef:b0:30:0f:8b:22:e3:92:
d6:9b:7d:a9:95:53:4c:73:cf:dd:67:36:0c:50:3f:23:b7:18:
10:52:0f:a4:a0:35:55:84:7e:1b:60:e3:a4:c7:90:6b:53:ff:
1b:95:43:51:40:9d:b4:f7:7a:aa:08:bb:e3:fc:d6:7a:75:93:
1a:e9:f0:d6:f2:f9:d6:c1:11:4d:f7:42:6f:c0:4e:02:0b:65:
ac:32:8a:a1:91:99:0a:32:7b:85:ce:f3:78:f4:13:49:f9:81:
51:b7:35:75:c0:10:b2:29:e8:40:1b:3f:5f:56:62:39:33:ee:
aa:0e:3a:44:58:0d:bc:60:0d:6a:a1:b8:d6:a4:ba:2d:20:49:
05:97:3c:76
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYfbp7PqK8ffsvrtnSbrNwNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNTAyMDg1MDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTE3ZDkzYTk4YzhmMmIyMmFjODEwMzFjZjUwNDZkNDE3ZWMyMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWW6HR3LJx15D0EnxijhKeecxjqF
uAUX8BQQl/zQJpgJNA28NdcPB0U5+gXs9cst4u/19Ulq8U2H8D2VmqVNi92ErxGD
LjB/3o5Ufy8YkPHGYlxxylfzfIG9EEGfG6pFBKtLvtLdD6BPZYetvYBP8mYgH3d9
nOlmIYGnswQKilvZ2codz158UdNpiRosN0AbaVMkJgWg9YNzNuF/JnDaP9f7AiSt
GfpmH0Y/Yhb4sq20w0Ufxw6GoTynQvUAkSIjt4oNoTkRjX42kuQHc0Zn/sTyUAhy
Gts40wEka2CtPZ8PT4ZYTpxmoCfjKQr/jKr8Fm3HzlH9Wfue+25PjRksywIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCUX2TqYyPKyKsgQMc9QRtQX7CGJMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvSlJmWk9wakk4cklxeUJBeHoxQkcxQmZzSVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAV/4LMAwD
BARX/hADBABX/hIDBAK50qgwDQYJKoZIhvcNAQELBQADggEBAGmLTLIT6wI/zykU
EBF5XteNAm/AfMJH3znpbnxhLSR6XMK+B61x+43SGtZTD9kExRDzIyO5cwOJvim7
w56FTz1zTW7mRACiv2Igb28qwmrz9OIUV/pV5EPn2lslIl7oVt0oq5YAQKI0RyMc
qCgrRJGiSfpK2lrvsDAPiyLjktabfamVU0xzz91nNgxQPyO3GBBSD6SgNVWEfhtg
46THkGtT/xuVQ1FAnbT3eqoIu+P81np1kxrp8Nby+dbBEU33Qm/ATgILZawyiqGR
mQoye4XO83j0E0n5gVG3NXXAELIp6EAbP19WYjkz7qoOOkRYDbxgDWqhuNakui0g
SQWXPHY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org