Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/X2hy-Lx19xoAl1nykvH3XvA7Ajk.roa
File: X2hy-Lx19xoAl1nykvH3XvA7Ajk.roa (raw, json)
Hash identifier: jguKzhRFPX97FLmdjuRojzcbbsv+7QvOOqAp4cj5JFU=
Subject key identifier: 5F:68:72:F8:BC:75:F7:1A:00:97:59:F2:92:F1:F7:5E:F0:3B:02:39
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018F026C62E880E799A504D6F864BBB1EBF0
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/X2hy-Lx19xoAl1nykvH3XvA7Ajk.roa
Signing time: Sun 21 Apr 2024 20:50:08 +0000
ROA not before: Sun 21 Apr 2024 20:50:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.254.23.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
217.25.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 13:41:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:02:6c:62:e8:80:e7:99:a5:04:d6:f8:64:bb:b1:eb:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Apr 21 20:50:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f6872f8bc75f71a009759f292f1f75ef03b0239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ba:9e:a4:be:1a:8d:0e:42:22:b9:3a:78:76:
58:2d:3f:10:eb:c6:c6:83:c8:4d:85:50:69:6a:49:
0d:b2:e4:24:4a:f1:bd:19:64:30:1b:2d:4a:6e:85:
16:2f:24:d4:5c:93:ab:76:00:4b:b1:3a:b9:bb:92:
32:1b:22:13:87:e8:22:59:13:46:45:ca:b3:bb:be:
ce:a3:5a:9c:fa:5a:45:32:75:78:fc:32:14:23:6d:
86:b2:cc:54:0e:9e:19:b2:60:84:f5:c4:b7:14:81:
31:ec:de:51:fc:44:5d:91:ef:e9:08:48:61:6c:94:
e0:6a:00:85:7f:e9:ff:ca:25:00:35:c2:0d:3e:4d:
ff:73:0a:03:34:e8:c4:b4:78:d3:5a:b7:b3:d2:d4:
c4:8e:df:a3:f1:61:32:70:d5:9c:e7:ff:6d:11:2d:
19:78:cc:7c:18:6c:e4:05:7b:4a:a1:e2:21:40:da:
97:93:91:72:66:11:02:65:0c:37:c0:4e:87:c1:0a:
a2:a6:81:c5:7c:47:51:de:10:24:28:67:0d:4c:37:
be:9d:17:a5:9f:a6:23:98:37:34:72:43:ff:6c:b9:
16:8d:1f:b5:80:f6:a1:4b:2d:83:28:53:06:e2:f9:
17:7b:65:e9:78:04:b5:49:e8:19:3f:a9:8a:0d:d4:
e3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:68:72:F8:BC:75:F7:1A:00:97:59:F2:92:F1:F7:5E:F0:3B:02:39
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/X2hy-Lx19xoAl1nykvH3XvA7Ajk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.23.0/24
185.210.168.0/23
217.25.4.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:d9:f1:81:09:9e:33:5d:ce:ee:9a:dc:15:13:29:c5:83:6a:
94:4a:96:83:aa:39:7a:70:1f:f9:11:02:1d:08:25:92:b9:9d:
eb:d3:7f:4b:1a:04:c9:18:7a:58:eb:70:4f:8f:82:45:33:f3:
52:be:ad:77:5f:76:7c:9c:c4:c7:b8:b2:0e:48:a0:ce:f3:76:
96:5f:eb:53:7d:ce:be:5b:ad:63:31:b4:45:81:a2:16:de:fb:
8e:99:4e:b1:7a:e6:0b:c5:43:8b:80:7c:ab:86:40:b1:74:dc:
25:82:0a:1a:a9:b1:21:a4:90:35:58:51:c1:76:00:a3:73:93:
c1:57:48:83:b0:dd:0b:fd:cc:b5:bf:1f:6c:fd:c1:d9:c7:90:
d9:3d:a9:f9:ef:84:b4:a8:f3:50:e9:49:4a:3b:9c:b7:69:e0:
d9:62:4e:76:bd:49:c3:d3:55:00:bc:89:20:c3:ac:9e:ea:60:
36:c8:c4:6d:8a:04:09:aa:b7:ba:21:f9:e5:39:2a:50:89:4d:
bc:42:eb:b8:83:9f:b0:9a:ec:73:59:a7:ef:c3:e1:b3:10:e4:
02:c4:da:64:07:c8:02:af:a0:95:13:5e:ea:fa:82:60:54:42:
2a:9c:99:22:9e:e2:d7:75:19:0a:b0:43:69:8c:a0:4c:40:3d:
8d:4a:0a:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8CbGLogOeZpQTW+GS7sevwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjQwNDIxMjA1MDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjY4NzJmOGJjNzVmNzFhMDA5NzU5ZjI5MmYxZjc1ZWYwM2IwMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLqepL4ajQ5CIrk6eHZYLT8Q68bG
g8hNhVBpakkNsuQkSvG9GWQwGy1KboUWLyTUXJOrdgBLsTq5u5IyGyITh+giWRNG
Rcqzu77Oo1qc+lpFMnV4/DIUI22GssxUDp4ZsmCE9cS3FIEx7N5R/ERdke/pCEhh
bJTgagCFf+n/yiUANcINPk3/cwoDNOjEtHjTWrez0tTEjt+j8WEycNWc5/9tES0Z
eMx8GGzkBXtKoeIhQNqXk5FyZhECZQw3wE6HwQqipoHFfEdR3hAkKGcNTDe+nRel
n6YjmDc0ckP/bLkWjR+1gPahSy2DKFMG4vkXe2XpeAS1SegZP6mKDdTjiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF9ocvi8dfcaAJdZ8pLx917wOwI5MB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvWDJoeS1MeDE5eG9BbDFueWt2SDNYdkE3QWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/4XAwQB
udKoAwQA2RkEMA0GCSqGSIb3DQEBCwUAA4IBAQAL2fGBCZ4zXc7umtwVEynFg2qU
SpaDqjl6cB/5EQIdCCWSuZ3r039LGgTJGHpY63BPj4JFM/NSvq13X3Z8nMTHuLIO
SKDO83aWX+tTfc6+W61jMbRFgaIW3vuOmU6xeuYLxUOLgHyrhkCxdNwlggoaqbEh
pJA1WFHBdgCjc5PBV0iDsN0L/cy1vx9s/cHZx5DZPan574S0qPNQ6UlKO5y3aeDZ
Yk52vUnD01UAvIkgw6ye6mA2yMRtigQJqre6IfnlOSpQiU28Quu4g5+wmuxzWafv
w+GzEOQCxNpkB8gCr6CVE17q+oJgVEIqnJkinuLXdRkKsENpjKBMQD2NSgp2
-----END CERTIFICATE-----
Generated at Mon Jun 24 17:46:41 2024 by rpki-client on console-fra.rpki-client.org