Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/Xn0tsYuPmJ_8xx0klLLcABEArqU.roa
File: Xn0tsYuPmJ_8xx0klLLcABEArqU.roa (raw, json)
Hash identifier: wppxQjusVQwUjGmIhnfnX1Gu47CUfGH91/4ca57yyI0=
Subject key identifier: 5E:7D:2D:B1:8B:8F:98:9F:FC:C7:1D:24:94:B2:DC:00:11:00:AE:A5
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018CC726A22FDC19BDE4E22B890F7B3B77BC
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/Xn0tsYuPmJ_8xx0klLLcABEArqU.roa
Signing time: Mon 01 Jan 2024 22:30:46 +0000
ROA not before: Mon 01 Jan 2024 22:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 217.25.12.0/24 maxlen: 24
87.254.31.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.23.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:a2:2f:dc:19:bd:e4:e2:2b:89:0f:7b:3b:77:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 1 22:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e7d2db18b8f989ffcc71d2494b2dc001100aea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5c:73:f2:b4:9b:65:e5:a9:66:3d:67:f9:f8:
b9:a1:b3:f1:d0:32:ca:97:26:86:a1:de:05:24:ff:
2b:c4:2e:f7:22:6d:8a:1d:4c:09:92:60:bd:29:2b:
bf:ee:aa:b8:94:39:c1:9e:1f:14:6a:d3:16:5c:ce:
50:47:11:8b:ad:89:28:26:4e:ea:7f:e7:54:10:63:
38:ff:1d:6a:69:76:fc:b8:04:37:05:75:45:c3:62:
17:56:d0:48:7f:5d:44:61:fa:17:97:14:a5:bd:d4:
b6:95:07:2f:58:dc:b9:d8:a9:8f:e7:b8:6e:3f:b4:
7d:bc:bb:4f:5c:7d:dc:77:80:0a:7d:ce:0a:5c:af:
1b:4f:02:33:11:99:c2:64:07:37:7a:95:99:2c:31:
74:d6:42:40:6f:c9:84:a3:66:16:04:c4:93:cd:90:
ad:6a:75:c5:b8:86:72:26:0a:83:17:b4:d3:3a:6f:
94:bf:a6:ab:c3:47:4d:25:09:ce:ae:12:4d:c9:1d:
3b:1a:e4:8e:ba:ef:a9:94:f5:06:77:40:87:73:9a:
2f:54:50:f4:8c:69:5d:2d:3c:8e:6d:e1:3a:a2:45:
a3:6f:63:a6:f0:4e:7e:cb:ed:ab:49:8f:86:f8:2e:
06:f8:27:30:33:50:a0:14:49:3e:ce:b6:bc:4f:54:
7f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7D:2D:B1:8B:8F:98:9F:FC:C7:1D:24:94:B2:DC:00:11:00:AE:A5
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/Xn0tsYuPmJ_8xx0klLLcABEArqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.10.0/24
87.254.17.0/24
87.254.22.0/23
87.254.31.0/24
185.210.168.0/22
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
19:df:8d:40:9c:de:bd:f0:82:16:f0:c0:51:81:dc:76:49:f0:
1b:11:ad:80:a1:39:72:b8:e9:25:f0:3a:43:0b:a1:90:88:97:
98:a3:99:c3:f7:9d:5e:05:0e:8a:9a:ff:7a:76:ba:14:15:08:
66:41:bb:25:08:87:35:c3:8b:a9:f2:e6:9a:7e:d4:44:aa:7c:
9e:02:a4:e5:1c:fe:b7:4a:cf:e7:30:c4:a5:9d:dc:f5:25:51:
06:00:67:8e:f9:d8:84:bc:32:70:91:8f:7c:a1:43:ac:63:cd:
58:60:fe:bd:b7:38:4f:54:e0:a8:59:01:e6:98:4d:4d:b7:3b:
92:8a:12:0a:eb:30:b0:86:19:ef:21:08:6c:d4:81:04:b0:18:
dc:a0:31:64:57:44:e9:53:92:ee:52:69:bb:0c:c4:f8:b0:5a:
9f:3d:ec:4d:09:1a:29:62:38:64:4b:0f:de:1e:5a:40:ce:79:
3e:85:5d:10:6e:11:a1:2f:93:98:4c:f1:4f:70:49:24:ef:b3:
1b:d3:19:5f:38:23:0e:3b:a3:7b:9f:e2:14:54:18:5f:6a:b8:
51:7a:ba:e5:ae:5a:a3:e2:7e:0c:7b:77:ba:ed:2b:2e:19:8c:
2e:96:d4:c3:90:43:46:83:90:1f:8d:27:1b:aa:74:1e:d1:5a:
f3:7a:a6:8d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHJqIv3Bm95OIriQ97O3e8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjQwMTAxMjIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdkMmRiMThiOGY5ODlmZmNjNzFkMjQ5NGIyZGMwMDExMDBhZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVxz8rSbZeWpZj1n+fi5obPx0DLK
lyaGod4FJP8rxC73Im2KHUwJkmC9KSu/7qq4lDnBnh8UatMWXM5QRxGLrYkoJk7q
f+dUEGM4/x1qaXb8uAQ3BXVFw2IXVtBIf11EYfoXlxSlvdS2lQcvWNy52KmP57hu
P7R9vLtPXH3cd4AKfc4KXK8bTwIzEZnCZAc3epWZLDF01kJAb8mEo2YWBMSTzZCt
anXFuIZyJgqDF7TTOm+Uv6arw0dNJQnOrhJNyR07GuSOuu+plPUGd0CHc5ovVFD0
jGldLTyObeE6okWjb2Om8E5+y+2rSY+G+C4G+CcwM1CgFEk+zra8T1R/SwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF59LbGLj5if/McdJJSy3AARAK6lMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvWG4wdHNZdVBtSl84eHgwa2xMTGNBQkVBcnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAV/4KAwQA
V/4RAwQBV/4WAwQAV/4fAwQCudKoAwQA2RkMMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
341AnN698IIW8MBRgdx2SfAbEa2AoTlyuOkl8DpDC6GQiJeYo5nD951eBQ6Kmv96
droUFQhmQbslCIc1w4up8uaaftREqnyeAqTlHP63Ss/nMMSlndz1JVEGAGeO+diE
vDJwkY98oUOsY81YYP69tzhPVOCoWQHmmE1NtzuSihIK6zCwhhnvIQhs1IEEsBjc
oDFkV0TpU5LuUmm7DMT4sFqfPexNCRopYjhkSw/eHlpAznk+hV0QbhGhL5OYTPFP
cEkk77Mb0xlfOCMOO6N7n+IUVBhfarhRerrlrlqj4n4Me3e67SsuGYwultTDkENG
g5AfjScbqnQe0VrzeqaN
-----END CERTIFICATE-----
Generated at Wed Jan 3 19:17:29 2024 by rpki-client on console-fra.rpki-client.org