Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/QYfx7cx6V0OHCN8a2CbIwa0HOc4.roa
File: QYfx7cx6V0OHCN8a2CbIwa0HOc4.roa (raw, json)
Hash identifier: exSVT19csVwaB8dIGw4FFtggOoyHakQZ2UKqt/KyS2M=
Subject key identifier: 41:87:F1:ED:CC:7A:57:43:87:08:DF:1A:D8:26:C8:C1:AD:07:39:CE
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0188AB7E7769B74BC677A8107DFC6123D50D
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/QYfx7cx6V0OHCN8a2CbIwa0HOc4.roa
Signing time: Sun 11 Jun 2023 17:26:11 +0000
ROA not before: Sun 11 Jun 2023 17:26:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.10.0/24 maxlen: 24
87.254.8.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Jun 2023 08:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ab:7e:77:69:b7:4b:c6:77:a8:10:7d:fc:61:23:d5:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jun 11 17:26:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4187f1edcc7a57438708df1ad826c8c1ad0739ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d0:d9:e7:56:71:72:ad:8a:dd:1e:68:c3:d4:
17:b3:89:2e:fb:7f:da:04:14:db:f3:6b:6d:2d:da:
0f:fd:82:7f:bb:56:34:28:67:f5:98:36:5c:2f:cc:
90:44:fd:bc:66:e8:db:52:d9:13:89:e3:c0:8c:9e:
0f:ec:e1:74:a1:09:df:7f:ec:b0:68:8d:0b:81:5c:
df:20:a0:9b:ea:3d:d1:77:1f:c0:d3:be:ff:96:43:
7e:2d:d9:35:fb:76:42:26:94:4d:51:a6:d5:10:3d:
18:ac:d5:5b:07:db:36:9c:2e:9e:e5:75:ec:11:fa:
0c:3e:49:d6:4b:7e:d7:1b:11:57:8f:be:08:6e:ef:
65:3f:7c:d2:05:6d:96:52:6e:6a:ee:a3:e4:17:30:
e4:98:5c:17:6c:90:85:c3:18:89:8c:24:e4:ee:7a:
ca:f5:84:24:f8:0b:c6:d9:9b:f6:f3:48:31:59:37:
f3:68:04:57:1a:a5:3e:7e:af:98:b3:cf:36:00:02:
08:77:ea:59:f3:1d:0b:db:4a:1a:14:ee:99:92:82:
b4:8c:f1:42:b3:cf:e2:4b:60:e5:76:0f:cd:2b:d0:
8a:04:c1:4b:6c:cc:36:74:9e:64:57:e4:3c:27:6a:
9f:a6:e0:be:75:f7:03:d0:96:c2:6f:7e:b6:08:34:
35:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:87:F1:ED:CC:7A:57:43:87:08:DF:1A:D8:26:C8:C1:AD:07:39:CE
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/QYfx7cx6V0OHCN8a2CbIwa0HOc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.8.0/24
87.254.10.0/24
87.254.18.0/24
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
10:3a:7d:9e:33:2c:ba:40:ea:d0:57:4d:ed:74:74:b2:74:b5:
fa:97:bc:f3:e1:b0:d3:70:eb:09:4a:b9:3e:76:99:c4:ef:a4:
60:53:5a:73:63:f1:eb:15:b1:de:73:d8:19:4e:aa:47:c4:bb:
8f:71:03:d8:93:0c:ac:73:fa:62:98:19:6a:97:86:03:fd:74:
00:5c:58:b7:5d:9a:6a:f8:1d:86:7e:c5:d1:be:f4:ae:5c:b0:
94:e4:c9:a3:69:01:98:3e:cf:b2:fb:9d:dd:5b:e6:25:31:66:
fb:d9:d5:8b:d5:06:b2:20:d5:47:59:b1:f2:df:ec:ef:3f:bb:
af:d8:1f:13:34:e5:ed:b5:a4:89:df:9d:09:bf:32:b8:14:23:
91:3b:5a:d6:19:f6:af:f5:93:5e:8a:73:42:95:e4:8d:38:0b:
b7:eb:fe:38:1f:96:10:e0:66:e3:01:1f:45:30:2f:2f:cf:76:
e4:9c:f3:66:36:be:5f:52:b5:ea:4c:ed:8f:ff:0d:45:77:af:
09:e5:43:40:bc:f0:c7:5b:e1:be:c3:2d:05:7f:b5:54:f0:a5:
75:7e:ad:f0:77:01:ed:a6:f9:09:ff:4f:da:88:25:da:1d:aa:
d9:33:df:21:23:2b:cd:27:ed:aa:cc:e2:48:0d:10:4b:06:67:
fa:b1:0c:30
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYirfndpt0vGd6gQffxhI9UNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNjExMTcyNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTg3ZjFlZGNjN2E1NzQzODcwOGRmMWFkODI2YzhjMWFkMDczOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNDZ51Zxcq2K3R5ow9QXs4ku+3/a
BBTb82ttLdoP/YJ/u1Y0KGf1mDZcL8yQRP28ZujbUtkTiePAjJ4P7OF0oQnff+yw
aI0LgVzfIKCb6j3Rdx/A077/lkN+Ldk1+3ZCJpRNUabVED0YrNVbB9s2nC6e5XXs
EfoMPknWS37XGxFXj74Ibu9lP3zSBW2WUm5q7qPkFzDkmFwXbJCFwxiJjCTk7nrK
9YQk+AvG2Zv280gxWTfzaARXGqU+fq+Ys882AAIId+pZ8x0L20oaFO6ZkoK0jPFC
s8/iS2Dldg/NK9CKBMFLbMw2dJ5kV+Q8J2qfpuC+dfcD0JbCb362CDQ1swIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEGH8e3MeldDhwjfGtgmyMGtBznOMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvUVlmeDdjeDZWME9IQ044YTJDYkl3YTBIT2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/4IAwQA
V/4KAwQAV/4SAwQCudKoMA0GCSqGSIb3DQEBCwUAA4IBAQAQOn2eMyy6QOrQV03t
dHSydLX6l7zz4bDTcOsJSrk+dpnE76RgU1pzY/HrFbHec9gZTqpHxLuPcQPYkwys
c/pimBlql4YD/XQAXFi3XZpq+B2GfsXRvvSuXLCU5MmjaQGYPs+y+53dW+YlMWb7
2dWL1QayINVHWbHy3+zvP7uv2B8TNOXttaSJ350JvzK4FCORO1rWGfav9ZNeinNC
leSNOAu36/44H5YQ4GbjAR9FMC8vz3bknPNmNr5fUrXqTO2P/w1Fd68J5UNAvPDH
W+G+wy0Ff7VU8KV1fq3wdwHtpvkJ/0/aiCXaHarZM98hIyvNJ+2qzOJIDRBLBmf6
sQww
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:22 2024 by rpki-client on console-ams.rpki-client.org