Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/f24DEA6AbW9pDV5ZdsfeJuwjU1Q.roa
File: f24DEA6AbW9pDV5ZdsfeJuwjU1Q.roa (raw, json)
Hash identifier: KmO974AzZ6mqCV4Fki4H4VbNcwZOerIsWRmN5JbOn94=
Subject key identifier: 7F:6E:03:10:0E:80:6D:6F:69:0D:5E:59:76:C7:DE:26:EC:23:53:54
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01897D83F5BF0F54D265883EE717FD0DBAF3
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/f24DEA6AbW9pDV5ZdsfeJuwjU1Q.roa
Signing time: Sat 22 Jul 2023 12:12:27 +0000
ROA not before: Sat 22 Jul 2023 12:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 217.25.12.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7d:83:f5:bf:0f:54:d2:65:88:3e:e7:17:fd:0d:ba:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jul 22 12:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f6e03100e806d6f690d5e5976c7de26ec235354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:29:b2:26:3e:18:42:da:d7:49:e4:47:91:f6:
d1:a0:81:81:36:5f:70:aa:a8:11:4f:cd:f2:12:43:
63:46:9d:dd:db:b6:65:93:c5:4b:0f:27:0c:a9:70:
87:6a:0e:ac:48:a6:1a:52:9e:6c:bc:b5:0c:8b:48:
87:e6:a1:bd:72:cd:01:56:51:e1:fe:32:1d:e3:68:
85:56:30:4d:e7:82:ee:f3:e1:a3:bc:75:96:80:15:
9f:38:72:b8:9e:b8:20:bb:ee:98:44:85:0b:67:cf:
26:6d:02:52:b4:89:29:e6:28:56:99:a4:ea:68:94:
b7:b2:75:1c:3b:37:4b:84:92:05:0f:fd:10:ef:b7:
bf:9b:82:46:80:86:ed:f6:c7:65:64:9f:82:ef:45:
70:96:d1:e9:12:c3:75:9f:91:6d:a7:5f:ff:6d:1b:
bd:25:f1:76:f2:35:8f:49:15:39:2d:cf:09:0b:6f:
6f:af:b9:b9:27:c9:42:db:61:cf:97:22:e7:09:c6:
2b:89:44:4c:e4:42:2b:e3:33:01:32:48:44:00:a4:
40:1f:b1:4b:41:7e:a7:9e:e1:d8:12:b3:0b:74:e0:
3e:d7:ae:fd:f3:ba:a2:f5:c5:69:71:11:d3:01:f1:
5e:39:1d:59:49:3b:11:82:c0:e7:31:2b:ad:46:36:
17:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:6E:03:10:0E:80:6D:6F:69:0D:5E:59:76:C7:DE:26:EC:23:53:54
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/f24DEA6AbW9pDV5ZdsfeJuwjU1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.10.0/24
87.254.17.0/24
87.254.19.0/24
87.254.22.0/24
185.210.168.0/22
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:d1:b7:47:f3:00:68:88:5d:aa:7d:01:86:28:c0:29:cb:00:
7d:d3:6a:3c:70:db:f9:be:64:f4:19:17:6b:be:28:48:e1:cf:
84:96:47:06:25:9c:d1:18:36:70:7c:8b:8f:c4:95:d5:4f:c9:
d9:bc:12:b8:d2:da:a6:9c:2f:73:c6:78:b3:ca:06:b7:9a:58:
ae:28:31:48:39:d3:78:86:1e:e1:1f:c9:99:9c:5c:c6:d8:63:
02:32:d6:e5:32:49:f9:13:35:d0:90:85:e8:7c:cd:59:4e:0f:
1d:b6:ef:69:7f:f1:e3:98:90:05:62:9a:99:48:cb:1e:61:1f:
78:ce:29:bf:40:61:27:58:de:95:b6:71:33:c7:9d:60:3c:88:
70:81:b3:0c:00:77:b3:27:c4:55:3b:d6:2c:b9:fc:9b:39:93:
22:56:59:de:b7:21:fb:93:9f:31:3f:b6:37:ae:3c:92:6b:74:
e1:65:d4:c9:c0:96:1f:10:36:42:61:94:20:06:97:60:26:94:
db:d0:4e:70:5e:31:bf:8e:cc:a7:3f:a5:5b:3e:d3:39:bf:ca:
58:24:bf:0d:89:b3:a9:ec:d1:87:18:23:36:fc:97:b5:92:18:
f7:f8:cd:78:f3:ea:dc:81:f4:e1:c9:27:2e:b2:b7:8d:cd:70:
d3:bc:5a:63
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYl9g/W/D1TSZYg+5xf9DbrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNzIyMTIxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjZlMDMxMDBlODA2ZDZmNjkwZDVlNTk3NmM3ZGUyNmVjMjM1MzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSmyJj4YQtrXSeRHkfbRoIGBNl9w
qqgRT83yEkNjRp3d27Zlk8VLDycMqXCHag6sSKYaUp5svLUMi0iH5qG9cs0BVlHh
/jId42iFVjBN54Lu8+GjvHWWgBWfOHK4nrggu+6YRIULZ88mbQJStIkp5ihWmaTq
aJS3snUcOzdLhJIFD/0Q77e/m4JGgIbt9sdlZJ+C70VwltHpEsN1n5Ftp1//bRu9
JfF28jWPSRU5Lc8JC29vr7m5J8lC22HPlyLnCcYriURM5EIr4zMBMkhEAKRAH7FL
QX6nnuHYErMLdOA+167987qi9cVpcRHTAfFeOR1ZSTsRgsDnMSutRjYXGQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH9uAxAOgG1vaQ1eWXbH3ibsI1NUMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvZjI0REVBNkFiVzlwRFY1WmRzZmVKdXdqVTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAV/4KAwQA
V/4RAwQAV/4TAwQAV/4WAwQCudKoAwQA2RkMMA0GCSqGSIb3DQEBCwUAA4IBAQCl
0bdH8wBoiF2qfQGGKMApywB902o8cNv5vmT0GRdrvihI4c+ElkcGJZzRGDZwfIuP
xJXVT8nZvBK40tqmnC9zxnizyga3mliuKDFIOdN4hh7hH8mZnFzG2GMCMtblMkn5
EzXQkIXofM1ZTg8dtu9pf/HjmJAFYpqZSMseYR94zim/QGEnWN6VtnEzx51gPIhw
gbMMAHezJ8RVO9YsufybOZMiVlnetyH7k58xP7Y3rjySa3ThZdTJwJYfEDZCYZQg
BpdgJpTb0E5wXjG/jsynP6VbPtM5v8pYJL8NibOp7NGHGCM2/Je1khj3+M148+rc
gfThyScusreNzXDTvFpj
-----END CERTIFICATE-----
Generated at Wed Jul 26 12:55:02 2023 by rpki-client on console-fra.rpki-client.org