Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/XCTv49wRHl29oBSWmV96uIzfSMw.roa
File: XCTv49wRHl29oBSWmV96uIzfSMw.roa (raw, json)
Hash identifier: 1rdBZzXVyb+RJTBZ8EbiIug2MqhsDfHZXtCKWWukyok=
Subject key identifier: 5C:24:EF:E3:DC:11:1E:5D:BD:A0:14:96:99:5F:7A:B8:8C:DF:48:CC
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01880A074B49D2935F7CA139EBD664ED4F08
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/XCTv49wRHl29oBSWmV96uIzfSMw.roa
Signing time: Thu 11 May 2023 08:57:10 +0000
ROA not before: Thu 11 May 2023 08:57:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
217.25.1.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:07:4b:49:d2:93:5f:7c:a1:39:eb:d6:64:ed:4f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: May 11 08:57:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c24efe3dc111e5dbda01496995f7ab88cdf48cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d6:49:50:0a:c4:80:d9:a4:38:f0:5a:eb:90:
e3:2b:d3:0b:1c:f1:41:92:22:d4:3e:f6:c0:96:d1:
35:cc:d5:a0:6e:8f:db:d4:a2:68:f5:2a:f2:dd:fd:
37:91:49:9d:47:fa:9e:18:1a:5a:86:23:f7:84:9f:
f5:98:e2:c6:6a:af:28:d6:d7:0e:ce:9f:27:58:9c:
77:3c:74:a9:e1:e0:54:51:d3:1f:67:b7:c9:3e:83:
60:db:ce:05:85:ca:7b:fd:c1:6b:38:37:c7:21:0e:
4f:f3:b6:92:b1:f0:1a:b4:fc:50:9b:c6:fa:7c:66:
5e:bd:67:81:83:2e:0e:21:0b:ed:e0:ef:87:39:62:
14:ed:f2:9e:06:2d:41:64:67:d0:d9:97:c1:02:05:
25:6e:80:a2:2f:e7:97:ad:01:0b:74:68:43:82:5c:
1d:ff:91:48:f7:31:1e:8f:b2:f2:f2:39:f3:9a:98:
38:14:ab:4e:a7:70:83:9a:79:ad:f3:a3:82:c6:11:
8b:e1:6e:6e:79:0b:d5:fd:96:36:4c:b8:a9:a5:be:
e5:78:18:55:90:7b:2a:34:b2:3b:e0:fa:a9:de:0d:
b3:d0:57:ff:49:e7:a4:82:c5:0d:8b:9e:3c:1e:cf:
18:47:be:eb:56:58:e2:38:2e:53:c2:1f:97:4b:1d:
06:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:24:EF:E3:DC:11:1E:5D:BD:A0:14:96:99:5F:7A:B8:8C:DF:48:CC
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/XCTv49wRHl29oBSWmV96uIzfSMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
185.210.168.0/22
217.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:49:2d:b6:1e:0b:93:2d:9f:3d:31:67:7a:3f:18:a8:3f:ae:
a5:d7:0f:8d:ba:a8:b8:97:5a:27:09:9a:b3:f8:73:b0:a9:f8:
42:66:a4:85:d6:f1:e9:52:ea:51:10:40:01:0a:a4:53:02:e7:
82:97:4d:7f:d5:d1:9a:d4:02:d2:cb:4e:da:8c:e1:a3:8e:42:
d5:f2:43:e5:dc:4d:44:2d:4b:fb:d0:06:66:68:15:f2:66:2e:
c1:86:91:c9:0d:ca:c1:36:60:44:43:80:70:80:7c:ff:6f:4c:
f9:63:f3:b7:36:2e:de:ea:04:0d:bb:3e:95:91:4c:cd:00:ca:
dc:e3:fa:3c:a7:6a:14:ac:de:73:9f:98:2f:da:aa:7f:b9:35:
26:b1:bc:f0:b1:e0:5d:df:a7:d3:3b:ed:3c:1a:7d:4d:46:f8:
d0:99:33:e7:3e:fd:bc:87:de:89:9b:6f:73:03:d2:50:d7:06:
e0:6e:a9:d1:54:79:19:c9:0b:f6:b2:30:e7:e0:c8:d7:7f:2e:
e6:2d:2c:69:68:9e:e5:ed:51:7a:26:c0:1f:d6:14:a6:05:33:
d3:73:31:fd:b9:01:89:8b:1d:f7:10:90:ed:f4:90:e3:a8:96:
b0:58:9d:04:39:5b:7a:ed:4b:fb:46:64:e4:09:8f:d1:56:1d:
f1:b1:ae:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgKB0tJ0pNffKE569Zk7U8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNTExMDg1NzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzI0ZWZlM2RjMTExZTVkYmRhMDE0OTY5OTVmN2FiODhjZGY0OGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotZJUArEgNmkOPBa65DjK9MLHPFB
kiLUPvbAltE1zNWgbo/b1KJo9Sry3f03kUmdR/qeGBpahiP3hJ/1mOLGaq8o1tcO
zp8nWJx3PHSp4eBUUdMfZ7fJPoNg284Fhcp7/cFrODfHIQ5P87aSsfAatPxQm8b6
fGZevWeBgy4OIQvt4O+HOWIU7fKeBi1BZGfQ2ZfBAgUlboCiL+eXrQELdGhDglwd
/5FI9zEej7Ly8jnzmpg4FKtOp3CDmnmt86OCxhGL4W5ueQvV/ZY2TLippb7leBhV
kHsqNLI74Pqp3g2z0Ff/SeekgsUNi548Hs8YR77rVljiOC5Twh+XSx0GIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFwk7+PcER5dvaAUlplferiM30jMMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvWENUdjQ5d1JIbDI5b0JTV21WOTZ1SXpmU013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/4CAwQA
V/4KAwQCudKoAwQA2RkBMA0GCSqGSIb3DQEBCwUAA4IBAQBLSS22HguTLZ89MWd6
PxioP66l1w+Nuqi4l1onCZqz+HOwqfhCZqSF1vHpUupREEABCqRTAueCl01/1dGa
1ALSy07ajOGjjkLV8kPl3E1ELUv70AZmaBXyZi7BhpHJDcrBNmBEQ4BwgHz/b0z5
Y/O3Ni7e6gQNuz6VkUzNAMrc4/o8p2oUrN5zn5gv2qp/uTUmsbzwseBd36fTO+08
Gn1NRvjQmTPnPv28h96Jm29zA9JQ1wbgbqnRVHkZyQv2sjDn4MjXfy7mLSxpaJ7l
7VF6JsAf1hSmBTPTczH9uQGJix33EJDt9JDjqJawWJ0EOVt67Uv7RmTkCY/RVh3x
sa5s
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org