Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hwjpX2JAEuFg9_OwqVzVPugqgJU.roa
File: hwjpX2JAEuFg9_OwqVzVPugqgJU.roa (raw, json)
Hash identifier: Endsfw4CofNL+x9jTaUakWO9y7uj2zvbQ9X9QJXz0CA=
Subject key identifier: 87:08:E9:5F:62:40:12:E1:60:F7:F3:B0:A9:5C:D5:3E:E8:2A:80:95
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018B2FB69259C3E18C684D141606CD284D2E
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hwjpX2JAEuFg9_OwqVzVPugqgJU.roa
Signing time: Sat 14 Oct 2023 19:42:55 +0000
ROA not before: Sat 14 Oct 2023 19:42:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.23.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2f:b6:92:59:c3:e1:8c:68:4d:14:16:06:cd:28:4d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Oct 14 19:42:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8708e95f624012e160f7f3b0a95cd53ee82a8095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:57:0e:45:a5:c4:35:b4:57:e8:99:78:cf:a9:
14:74:13:f0:80:d3:22:bd:03:ae:33:b4:90:11:29:
3a:b8:4e:d5:8f:f3:de:07:d0:25:d6:d9:0d:0c:9b:
90:dc:6a:b8:00:2b:fb:34:dd:09:43:ca:ff:40:db:
c1:e2:2e:b9:96:b8:87:72:66:45:ce:87:6c:fe:32:
c2:a0:7d:52:bd:6d:80:c1:5c:a0:ae:1c:50:86:1d:
0b:ac:4f:d1:53:12:1c:1f:d0:68:de:4a:3e:4a:f2:
57:c5:45:da:e0:43:50:37:79:0b:8d:ae:d9:5b:c2:
b7:0a:6b:31:b7:df:81:d9:a2:a5:bb:aa:24:7e:43:
58:44:b6:40:a7:ac:05:e7:ab:bd:4d:c4:99:22:21:
d7:ce:71:c5:0d:78:d4:f5:11:e3:38:77:14:d1:27:
cf:34:ab:33:9d:1b:b1:72:a4:0a:92:b0:1c:d2:a4:
39:04:7c:fc:ac:11:46:1a:af:b4:99:e4:d1:39:9f:
2b:2a:1b:94:e9:c1:6e:e8:eb:5b:66:67:41:a0:2c:
3d:a3:58:6b:23:c1:75:69:ff:55:8d:e4:e2:4c:32:
c4:ce:3e:e8:90:72:79:4c:90:3d:4d:a2:76:85:01:
26:10:d6:c8:b1:ef:bc:b2:b5:e7:f9:7f:8e:2a:f8:
88:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:08:E9:5F:62:40:12:E1:60:F7:F3:B0:A9:5C:D5:3E:E8:2A:80:95
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hwjpX2JAEuFg9_OwqVzVPugqgJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
87.254.17.0-87.254.19.255
87.254.22.0/23
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:a6:f4:f0:29:fa:d1:66:4e:ff:ee:dc:0d:d4:8d:45:fd:da:
ef:51:81:ec:8f:7e:cb:06:20:f3:a9:b7:09:6d:22:65:3a:fe:
7f:6e:9f:fc:79:b1:54:b3:04:d9:bd:09:68:45:34:42:2c:c4:
eb:60:f0:c5:e3:1c:7c:5b:33:9b:14:c4:8b:1a:87:a8:0f:37:
24:09:9b:f1:1f:95:66:20:f4:f7:64:2e:58:97:e2:fe:8e:dd:
90:4a:b0:17:9f:35:70:a8:95:eb:97:4a:21:31:f8:23:15:d7:
d9:2b:d7:66:ad:16:1c:e2:01:14:fb:36:fb:df:14:ed:d7:cc:
b3:d7:9b:46:3c:3e:82:b5:be:b2:62:55:e5:dd:2c:88:ff:2a:
64:ba:e1:36:80:e4:2f:f6:c7:96:11:e3:32:4a:bf:d1:08:84:
10:b1:aa:48:86:f0:13:f1:6e:db:b4:a0:5f:19:24:44:f4:aa:
d9:67:f3:cb:10:1b:ac:89:50:b4:f1:77:8f:62:37:ca:0d:d7:
5d:1c:46:3e:6d:a4:09:f9:70:3e:c2:97:59:61:11:f2:e6:66:
33:36:02:fc:58:ce:50:99:80:24:5a:74:ff:41:6b:ee:c8:54:
7e:a2:b6:5c:82:4d:65:68:5b:cf:fe:9e:a3:0d:21:21:32:5a:
a3:54:30:70
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYsvtpJZw+GMaE0UFgbNKE0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMxMDE0MTk0MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzA4ZTk1ZjYyNDAxMmUxNjBmN2YzYjBhOTVjZDUzZWU4MmE4MDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1cORaXENbRX6Jl4z6kUdBPwgNMi
vQOuM7SQESk6uE7Vj/PeB9Al1tkNDJuQ3Gq4ACv7NN0JQ8r/QNvB4i65lriHcmZF
zods/jLCoH1SvW2AwVygrhxQhh0LrE/RUxIcH9Bo3ko+SvJXxUXa4ENQN3kLja7Z
W8K3Cmsxt9+B2aKlu6okfkNYRLZAp6wF56u9TcSZIiHXznHFDXjU9RHjOHcU0SfP
NKsznRuxcqQKkrAc0qQ5BHz8rBFGGq+0meTROZ8rKhuU6cFu6OtbZmdBoCw9o1hr
I8F1af9VjeTiTDLEzj7okHJ5TJA9TaJ2hQEmENbIse+8srXn+X+OKviI9QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIcI6V9iQBLhYPfzsKlc1T7oKoCVMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvaHdqcFgySkFFdUZnOV9Pd3FWelZQdWdxZ0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAV/4CAwQA
V/4KMAwDBABX/hEDBAJX/hADBAFX/hYDBAK50qgwDQYJKoZIhvcNAQELBQADggEB
AGum9PAp+tFmTv/u3A3UjUX92u9RgeyPfssGIPOptwltImU6/n9un/x5sVSzBNm9
CWhFNEIsxOtg8MXjHHxbM5sUxIsah6gPNyQJm/EflWYg9PdkLliX4v6O3ZBKsBef
NXColeuXSiEx+CMV19kr12atFhziART7NvvfFO3XzLPXm0Y8PoK1vrJiVeXdLIj/
KmS64TaA5C/2x5YR4zJKv9EIhBCxqkiG8BPxbtu0oF8ZJET0qtln88sQG6yJULTx
d49iN8oN110cRj5tpAn5cD7Cl1lhEfLmZjM2AvxYzlCZgCRadP9Ba+7IVH6itlyC
TWVoW8/+nqMNISEyWqNUMHA=
Generated at Wed Oct 18 14:44:25 2023 by rpki-client on console-fra.rpki-client.org