Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/eL5PXAscQHIiAxp_fjfK6LWGmt4.roa
File: eL5PXAscQHIiAxp_fjfK6LWGmt4.roa (raw, json)
Hash identifier: hxwtoeWlxQBlehE01Nf3d6/XVEogF5RdWsz1ErSljp8=
Subject key identifier: 78:BE:4F:5C:0B:1C:40:72:22:03:1A:7F:7E:37:CA:E8:B5:86:9A:DE
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018B4D39D0833AFC3AD6F057AB578B9F4AF3
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/eL5PXAscQHIiAxp_fjfK6LWGmt4.roa
Signing time: Fri 20 Oct 2023 13:15:16 +0000
ROA not before: Fri 20 Oct 2023 13:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 217.25.12.0/24 maxlen: 24
87.254.31.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
217.25.3.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.23.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:39:d0:83:3a:fc:3a:d6:f0:57:ab:57:8b:9f:4a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Oct 20 13:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78be4f5c0b1c407222031a7f7e37cae8b5869ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:62:35:02:00:a0:90:eb:d7:76:11:04:6b:47:
4c:af:a5:74:6d:b2:43:e3:e0:54:e9:01:c5:3c:1d:
24:49:4d:f3:0c:2e:c2:94:06:6c:d5:48:9e:97:44:
20:f5:09:41:f7:45:45:bc:c3:21:24:90:c0:44:58:
bc:e3:64:07:a4:d1:da:86:fb:d8:6c:45:90:d7:5c:
18:0e:7c:93:b1:6a:ce:fe:91:ab:10:22:03:56:ae:
50:87:05:24:84:ff:91:a6:47:b2:09:2b:41:0c:c0:
8d:47:39:48:a3:7a:9b:83:fd:ba:e5:a8:93:e2:20:
3d:19:e9:de:c2:30:1f:65:92:29:02:4d:98:0d:03:
b6:26:a2:5d:6e:c7:8d:8f:b2:20:d9:e6:cd:4a:3d:
49:a4:3f:f5:4d:d2:8d:2e:9b:67:e3:5f:a0:8c:49:
ea:b9:2a:05:f7:61:d9:4f:a9:52:16:31:b9:38:4c:
f4:fd:a7:fd:80:f9:45:fa:ba:37:cb:4d:5e:8b:14:
7f:31:25:a1:3a:59:51:28:64:32:77:35:ac:c3:b3:
38:6a:a8:3c:9e:43:93:02:47:2b:74:6f:a6:32:dd:
df:81:0c:29:9d:1c:67:7d:95:6c:20:e3:c3:87:43:
a4:53:38:94:ac:e4:fc:d0:de:25:78:f3:fe:8e:0c:
3d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:BE:4F:5C:0B:1C:40:72:22:03:1A:7F:7E:37:CA:E8:B5:86:9A:DE
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/eL5PXAscQHIiAxp_fjfK6LWGmt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
87.254.17.0-87.254.19.255
87.254.22.0/23
87.254.31.0/24
185.210.168.0/22
217.25.3.0/24
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
76:77:fd:dd:4b:3b:7e:a4:ae:57:e2:b3:8e:b3:82:72:29:9d:
3f:9b:22:06:a5:39:7b:3d:c4:16:e5:9e:84:a7:06:92:04:bc:
be:33:41:c8:cd:0f:e3:da:df:2e:6a:af:f3:99:cf:42:5d:29:
18:9e:35:ba:3a:d2:ca:d8:f0:16:bc:4c:b8:43:29:6c:0b:86:
32:b9:5f:4e:bd:b4:88:9b:a1:71:e4:99:d4:8a:84:84:f1:c3:
91:80:f8:dc:5a:7a:d1:26:35:c7:63:95:ba:6c:15:07:03:78:
b7:1f:89:c2:05:cc:46:56:2e:14:2f:48:82:31:fd:8d:49:cb:
cb:ee:fc:a3:7c:74:74:09:29:44:0d:2a:6f:0f:e6:a9:60:21:
d0:16:a6:db:ff:9e:04:8f:e9:50:11:a8:45:f1:fa:24:36:c9:
25:6c:8b:c0:5d:b0:4d:4e:f4:c3:47:f9:1f:c9:78:7a:41:84:
34:46:30:da:d0:29:89:f4:55:d2:b4:e6:0a:72:db:0f:d3:b1:
54:5b:f0:98:6b:ed:bb:be:fe:cb:fd:26:5b:c1:70:77:b3:39:
5d:46:03:f6:aa:dc:12:40:bc:c2:09:1e:69:4d:68:ba:3f:9d:
f2:ad:01:15:a3:f9:62:1c:e6:fb:50:78:23:0f:37:77:c7:a6:
91:3c:c1:2b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYtNOdCDOvw61vBXq1eLn0rzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMxMDIwMTMxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGJlNGY1YzBiMWM0MDcyMjIwMzFhN2Y3ZTM3Y2FlOGI1ODY5YWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWI1AgCgkOvXdhEEa0dMr6V0bbJD
4+BU6QHFPB0kSU3zDC7ClAZs1Uiel0Qg9QlB90VFvMMhJJDARFi842QHpNHahvvY
bEWQ11wYDnyTsWrO/pGrECIDVq5QhwUkhP+RpkeyCStBDMCNRzlIo3qbg/265aiT
4iA9GenewjAfZZIpAk2YDQO2JqJdbseNj7Ig2ebNSj1JpD/1TdKNLptn41+gjEnq
uSoF92HZT6lSFjG5OEz0/af9gPlF+ro3y01eixR/MSWhOllRKGQydzWsw7M4aqg8
nkOTAkcrdG+mMt3fgQwpnRxnfZVsIOPDh0OkUziUrOT80N4lePP+jgw9YQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHi+T1wLHEByIgMaf343yui1hpreMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvZUw1UFhBc2NRSElpQXhwX2ZqZks2TFdHbXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAV/4CAwQA
V/4KMAwDBABX/hEDBAJX/hADBAFX/hYDBABX/h8DBAK50qgDBADZGQMDBADZGQww
DQYJKoZIhvcNAQELBQADggEBAHZ3/d1LO36krlfis46zgnIpnT+bIgalOXs9xBbl
noSnBpIEvL4zQcjND+Pa3y5qr/OZz0JdKRieNbo60srY8Ba8TLhDKWwLhjK5X069
tIiboXHkmdSKhITxw5GA+NxaetEmNcdjlbpsFQcDeLcficIFzEZWLhQvSIIx/Y1J
y8vu/KN8dHQJKUQNKm8P5qlgIdAWptv/ngSP6VARqEXx+iQ2ySVsi8BdsE1O9MNH
+R/JeHpBhDRGMNrQKYn0VdK05gpy2w/TsVRb8Jhr7bu+/sv9JlvBcHezOV1GA/aq
3BJAvMIJHmlNaLo/nfKtARWj+WIc5vtQeCMPN3fHppE8wSs=
-----END CERTIFICATE-----
Generated at Tue Nov 7 16:27:49 2023 by rpki-client on console-fra.rpki-client.org