Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/K1ETZAwPT2Jm7xJ3g4j57o5TMZE.roa
File: K1ETZAwPT2Jm7xJ3g4j57o5TMZE.roa (raw, json)
Hash identifier: kpmA/0B062RoSercGX66JSzCz1Z/7qhrOn9NmRAGd2M=
Subject key identifier: 2B:51:13:64:0C:0F:4F:62:66:EF:12:77:83:88:F9:EE:8E:53:31:91
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018878237F9967EACB8B79D1240DC4F6EBCA
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/K1ETZAwPT2Jm7xJ3g4j57o5TMZE.roa
Signing time: Thu 01 Jun 2023 18:06:12 +0000
ROA not before: Thu 01 Jun 2023 18:06:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 87.254.11.0/24 maxlen: 24
217.25.1.0/24 maxlen: 24
87.254.16.0/24 maxlen: 24
87.254.17.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Jun 2023 12:41:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:78:23:7f:99:67:ea:cb:8b:79:d1:24:0d:c4:f6:eb:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jun 1 18:06:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b5113640c0f4f6266ef12778388f9ee8e533191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f5:f9:7c:b3:3a:da:f9:46:79:f0:eb:4f:c4:
15:d3:a4:85:a6:cb:16:78:ff:fc:c7:72:51:91:b6:
d4:6e:7a:be:dc:6a:e5:12:52:bf:57:73:c2:21:6d:
75:73:ed:0a:4f:d2:cd:ed:8c:df:a2:fd:e1:64:46:
f4:a9:fb:61:03:7e:31:1a:69:cf:e6:9e:45:5b:a0:
93:ec:85:04:93:4e:55:9c:9d:ab:c7:5b:b6:17:68:
36:fb:89:ee:cd:56:64:f8:5f:eb:b3:9b:f5:f3:d0:
74:0d:d6:3a:d7:57:3c:ec:88:cf:93:95:25:a2:c4:
2a:8f:63:c1:62:db:a8:32:96:79:3f:4b:7a:de:78:
95:c4:ea:3c:87:93:b6:24:12:a4:1f:5e:98:70:aa:
2d:18:bd:85:3b:b8:8e:53:8b:a8:f1:71:b7:d2:a9:
bb:45:b1:f5:09:f4:f3:07:6b:89:d4:2c:f0:c7:9d:
d3:2e:86:8b:97:ce:2b:53:39:35:ca:dd:87:54:e3:
66:07:62:dc:4a:ef:c0:e0:e1:ee:09:36:8d:f6:38:
0e:21:ba:e4:40:54:46:42:a9:0e:fe:a0:89:32:03:
e8:ea:60:4f:57:52:53:72:03:6d:d6:e1:88:5a:34:
00:a2:93:72:bd:0d:f5:cc:13:6a:03:5f:d2:1e:1c:
dd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:51:13:64:0C:0F:4F:62:66:EF:12:77:83:88:F9:EE:8E:53:31:91
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/K1ETZAwPT2Jm7xJ3g4j57o5TMZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.11.0/24
87.254.16.0/22
217.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
38:d1:3c:1b:12:4c:48:49:f2:72:d7:64:d2:19:bf:ed:61:81:
c7:18:f2:01:a0:51:68:9f:44:2b:68:1c:d9:5a:f0:22:92:45:
ac:70:55:93:6d:68:f4:c7:58:4e:a8:1d:a9:39:eb:c8:74:e1:
69:84:0d:fa:cd:16:50:06:1f:7f:10:5a:54:08:2a:77:5c:d4:
f0:04:62:43:32:33:66:e2:3a:1d:0a:e9:26:30:40:4d:43:59:
8f:ff:ea:fb:20:6b:af:57:7f:31:57:17:8b:5b:c0:de:8f:bd:
37:eb:78:e5:95:a2:9d:51:6c:62:5f:3f:86:8c:d2:3b:c6:32:
d2:e3:01:88:99:b8:a1:3e:85:21:74:8d:19:d9:b2:a1:e3:b5:
20:55:30:d9:bf:5e:a8:18:76:6d:b8:32:be:82:b8:6b:91:02:
ae:8b:cb:04:17:a8:6b:c8:46:e9:03:37:fa:ad:c7:80:9f:80:
c8:03:cd:7e:cc:fa:02:2e:65:46:07:a1:dc:29:7f:33:e5:cf:
25:03:b9:f7:f3:17:b7:11:39:d4:57:46:ec:63:7f:cb:3f:b8:
b6:e7:0e:7f:40:91:2f:12:47:0b:f7:77:c4:85:88:27:aa:2d:
87:33:9d:0b:9e:d5:62:b3:f7:ef:11:9f:0a:eb:b6:b7:a3:a9:
a9:fe:eb:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh4I3+ZZ+rLi3nRJA3E9uvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNjAxMTgwNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjUxMTM2NDBjMGY0ZjYyNjZlZjEyNzc4Mzg4ZjllZThlNTMzMTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/X5fLM62vlGefDrT8QV06SFpssW
eP/8x3JRkbbUbnq+3GrlElK/V3PCIW11c+0KT9LN7Yzfov3hZEb0qfthA34xGmnP
5p5FW6CT7IUEk05VnJ2rx1u2F2g2+4nuzVZk+F/rs5v189B0DdY611c87IjPk5Ul
osQqj2PBYtuoMpZ5P0t63niVxOo8h5O2JBKkH16YcKotGL2FO7iOU4uo8XG30qm7
RbH1CfTzB2uJ1Czwx53TLoaLl84rUzk1yt2HVONmB2LcSu/A4OHuCTaN9jgOIbrk
QFRGQqkO/qCJMgPo6mBPV1JTcgNt1uGIWjQAopNyvQ31zBNqA1/SHhzdlQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCtRE2QMD09iZu8Sd4OI+e6OUzGRMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvSzFFVFpBd1BUMkptN3hKM2c0ajU3bzVUTVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/4LAwQC
V/4QAwQA2RkBMA0GCSqGSIb3DQEBCwUAA4IBAQA40TwbEkxISfJy12TSGb/tYYHH
GPIBoFFon0QraBzZWvAikkWscFWTbWj0x1hOqB2pOevIdOFphA36zRZQBh9/EFpU
CCp3XNTwBGJDMjNm4jodCukmMEBNQ1mP/+r7IGuvV38xVxeLW8Dej70363jllaKd
UWxiXz+GjNI7xjLS4wGImbihPoUhdI0Z2bKh47UgVTDZv16oGHZtuDK+grhrkQKu
i8sEF6hryEbpAzf6rceAn4DIA81+zPoCLmVGB6HcKX8z5c8lA7n38xe3ETnUV0bs
Y3/LP7i25w5/QJEvEkcL93fEhYgnqi2HM50LntVis/fvEZ8K67a3o6mp/uuK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:21 2024 by rpki-client on console-ams.rpki-client.org