Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hKIjtvnVVM2YnNkAw5zQ8JhV-vE.roa
File: hKIjtvnVVM2YnNkAw5zQ8JhV-vE.roa (raw, json)
Hash identifier: 134aM/KA89vTW+DR51nygF/wf7ZXcVmAgrpOl5LJ+4Y=
Subject key identifier: 84:A2:23:B6:F9:D5:54:CD:98:9C:D9:00:C3:9C:D0:F0:98:55:FA:F1
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01905E195BC9B2C557077FD8931605C5894D
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hKIjtvnVVM2YnNkAw5zQ8JhV-vE.roa
Signing time: Fri 28 Jun 2024 09:07:18 +0000
ROA not before: Fri 28 Jun 2024 09:07:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.254.23.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
217.25.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 15:23:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5e:19:5b:c9:b2:c5:57:07:7f:d8:93:16:05:c5:89:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jun 28 09:07:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84a223b6f9d554cd989cd900c39cd0f09855faf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:50:df:e3:5f:ec:7e:50:56:4b:7c:d0:20:e4:
f6:df:e1:de:8b:d4:68:5d:04:d3:bc:ef:a5:ff:ee:
79:16:3d:d4:ae:f9:d5:c8:55:ee:83:fb:18:3b:ea:
b1:d9:a7:4a:67:c3:e9:e8:a1:c8:9f:a8:50:b9:b4:
67:44:e2:67:cd:4d:dd:90:b3:ad:bb:c0:22:7f:be:
ae:29:ad:f2:ec:f2:53:6c:a6:b9:51:29:f7:62:1d:
e1:cc:63:ff:14:48:bb:8b:c4:e2:ef:06:6a:fa:ce:
22:02:ab:cf:05:ae:d0:d6:43:84:b5:d5:5d:53:5c:
45:7b:cd:a1:ad:00:e0:20:84:b4:68:0b:b7:66:95:
54:0e:45:5c:00:21:76:98:40:11:b2:73:21:af:85:
dc:d9:a4:21:1a:ed:3f:66:c8:90:92:d3:65:8e:e0:
ec:a1:c9:87:0f:fd:91:00:d8:cc:ad:db:62:d4:8a:
3e:23:e5:91:ff:03:21:12:59:64:73:c4:96:7a:2a:
8d:58:b7:da:88:09:5b:ee:76:ca:8e:b2:ce:c5:3b:
1c:bc:a8:86:7e:6f:07:49:5a:42:02:d7:b8:fa:cc:
11:59:fa:44:b9:f6:0a:2e:18:de:f5:55:70:5a:df:
ea:fc:3e:16:26:c5:74:ef:08:cc:5c:46:09:b7:1b:
11:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A2:23:B6:F9:D5:54:CD:98:9C:D9:00:C3:9C:D0:F0:98:55:FA:F1
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hKIjtvnVVM2YnNkAw5zQ8JhV-vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.23.0/24
185.210.168.0/23
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c6:37:45:7d:51:5a:91:52:84:ee:c6:a3:e0:c3:f2:e0:3f:
ad:b8:39:4e:16:c1:23:e3:3f:2c:cd:03:89:e6:18:82:f5:64:
7a:59:72:ce:bf:6e:51:74:ed:9b:c1:25:61:3d:6a:c8:a4:b3:
1b:08:e1:19:04:6f:1d:57:a0:ac:be:5c:79:c0:6a:76:71:84:
d2:98:a3:f3:33:ea:7c:c2:3c:76:37:c3:d5:db:01:cc:25:1e:
9e:96:54:bf:1c:68:f3:50:93:1a:5a:6a:6d:90:fb:15:1b:dd:
4c:d1:d3:66:0d:88:f3:96:87:a8:22:23:a9:c6:9f:13:27:16:
0b:6c:a0:ba:51:58:a2:e4:58:45:45:1d:09:83:01:37:1e:db:
54:be:b4:40:df:5a:c9:54:fb:d7:55:e6:2b:64:6a:15:0e:14:
47:02:12:81:1c:a6:a3:9b:b6:66:33:ae:be:c4:35:ea:d0:e8:
b5:3a:46:10:b0:96:4a:af:3d:af:a4:c2:78:39:80:7b:2b:87:
79:d3:dd:60:2f:41:34:23:ab:11:dd:17:66:3a:f3:19:16:75:
29:21:44:c3:c3:f8:f0:c6:5e:e6:5d:4f:af:aa:77:30:80:ec:
c2:bb:31:e7:4d:b5:11:34:ba:a5:99:09:1e:5f:c2:c0:bb:ba:
ba:23:fc:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBeGVvJssVXB3/YkxYFxYlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjQwNjI4MDkwNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGEyMjNiNmY5ZDU1NGNkOTg5Y2Q5MDBjMzljZDBmMDk4NTVmYWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFDf41/sflBWS3zQIOT23+Hei9Ro
XQTTvO+l/+55Fj3UrvnVyFXug/sYO+qx2adKZ8Pp6KHIn6hQubRnROJnzU3dkLOt
u8Aif76uKa3y7PJTbKa5USn3Yh3hzGP/FEi7i8Ti7wZq+s4iAqvPBa7Q1kOEtdVd
U1xFe82hrQDgIIS0aAu3ZpVUDkVcACF2mEARsnMhr4Xc2aQhGu0/ZsiQktNljuDs
ocmHD/2RANjMrdti1Io+I+WR/wMhEllkc8SWeiqNWLfaiAlb7nbKjrLOxTscvKiG
fm8HSVpCAte4+swRWfpEufYKLhje9VVwWt/q/D4WJsV07wjMXEYJtxsRswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFISiI7b51VTNmJzZAMOc0PCYVfrxMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvaEtJanR2blZWTTJZbk5rQXc1elE4SmhWLXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/4XAwQB
udKoAwQA2RkMMA0GCSqGSIb3DQEBCwUAA4IBAQAwxjdFfVFakVKE7saj4MPy4D+t
uDlOFsEj4z8szQOJ5hiC9WR6WXLOv25RdO2bwSVhPWrIpLMbCOEZBG8dV6Csvlx5
wGp2cYTSmKPzM+p8wjx2N8PV2wHMJR6ellS/HGjzUJMaWmptkPsVG91M0dNmDYjz
loeoIiOpxp8TJxYLbKC6UVii5FhFRR0JgwE3HttUvrRA31rJVPvXVeYrZGoVDhRH
AhKBHKajm7ZmM66+xDXq0Oi1OkYQsJZKrz2vpMJ4OYB7K4d5091gL0E0I6sR3Rdm
OvMZFnUpIUTDw/jwxl7mXU+vqncwgOzCuzHnTbURNLqlmQkeX8LAu7q6I/zt
-----END CERTIFICATE-----
Generated at Thu Jul 11 17:47:37 2024 by rpki-client on console-fra.rpki-client.org