Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/kXQ8K9_pnud626MaxRC0ydLKxBM.roa
File: kXQ8K9_pnud626MaxRC0ydLKxBM.roa (raw, json)
Hash identifier: BlaUyDVHCuWjTSyHrVb9Q7VeeoHHPM+QMlSELnjx3jM=
Subject key identifier: 91:74:3C:2B:DF:E9:9E:E7:7A:DB:A3:1A:C5:10:B4:C9:D2:CA:C4:13
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018810FA26EC641A772D9437A86D10EA94CB
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/kXQ8K9_pnud626MaxRC0ydLKxBM.roa
Signing time: Fri 12 May 2023 17:20:09 +0000
ROA not before: Fri 12 May 2023 17:20:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.170.0/23 maxlen: 24
217.25.1.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:fa:26:ec:64:1a:77:2d:94:37:a8:6d:10:ea:94:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: May 12 17:20:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91743c2bdfe99ee77adba31ac510b4c9d2cac413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:96:28:7f:f3:66:cc:31:19:a0:a4:42:6f:
e3:55:6a:35:a6:10:82:9e:a4:b1:1e:5f:21:b9:b5:
ca:76:5a:92:09:04:41:70:5c:ce:45:50:dc:0b:c9:
12:5e:d0:ae:54:ba:58:74:75:7e:7b:e7:26:ec:fc:
98:cf:db:a2:f9:16:e5:ed:18:bf:f6:c9:aa:f6:52:
a6:50:f6:27:65:cf:6d:99:e7:de:0f:85:70:df:ad:
dc:ff:e9:da:31:e1:dd:5a:4c:ee:66:e3:17:7c:ba:
0d:be:21:3e:f2:9d:40:58:56:5f:5a:2b:1e:d3:b9:
c3:15:85:a0:ed:79:e5:4d:2f:e4:20:80:00:a7:dc:
68:07:13:e1:f5:50:56:60:45:c1:c0:2d:07:1a:b9:
f6:b7:cd:dc:ef:e2:d8:e5:d2:71:31:2f:c8:47:e6:
e8:b0:75:97:d3:33:db:c8:43:d4:4d:f7:cd:0b:77:
5e:27:5c:60:d2:47:7c:8d:cc:ba:3a:53:ff:77:97:
e3:a6:3e:15:e4:5b:4a:1e:40:53:dc:20:e5:62:b9:
b1:2e:8d:e4:01:75:3e:ed:60:0c:9d:5a:5e:5e:94:
df:53:22:e3:66:df:cc:23:9e:2a:09:7a:b8:f1:fe:
93:b0:bb:6f:ff:90:32:cd:cd:53:aa:e7:19:6c:2c:
a0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:74:3C:2B:DF:E9:9E:E7:7A:DB:A3:1A:C5:10:B4:C9:D2:CA:C4:13
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/kXQ8K9_pnud626MaxRC0ydLKxBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
185.210.170.0/23
217.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
89:8c:60:12:bb:88:65:28:9e:7e:7d:91:33:94:13:f7:32:38:
a3:4a:4c:c5:8e:fb:15:9e:30:fc:5e:ac:81:74:5f:7b:b2:68:
3c:60:2a:1d:b0:47:f8:1f:3c:50:89:f0:54:2b:d3:35:f7:4d:
13:ec:a2:cc:79:48:b1:7b:d7:6a:f9:e0:1d:d7:a9:ed:fb:11:
92:c9:4a:7f:10:81:5e:52:f5:df:d4:5f:08:95:3d:3e:a0:4a:
2a:50:33:ae:79:41:eb:25:15:a5:af:38:58:07:81:a4:b6:a1:
9a:6d:41:7e:03:e6:7b:e4:d1:08:9c:79:29:cc:05:af:1b:3d:
67:11:fc:37:93:0a:df:fd:91:5b:2b:21:a2:7a:d9:2c:17:a7:
f3:3f:e3:3a:93:b1:c2:ad:fd:6a:aa:2a:8b:e8:b6:c3:e2:d6:
29:43:01:00:00:fc:23:1c:e8:2d:89:05:59:6d:91:30:29:7d:
8d:f9:26:2c:bc:96:41:43:08:97:44:f6:e0:da:47:8a:60:a8:
93:f6:1c:1e:2c:14:86:51:d0:28:ee:a6:6e:74:72:93:dd:6d:
56:73:65:b4:1d:3c:9a:72:c1:85:95:a8:c3:5a:09:37:54:4b:
4a:75:2f:f7:9b:eb:21:3c:e0:ff:eb:f1:14:5c:09:96:80:f2:
51:88:bf:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgQ+ibsZBp3LZQ3qG0Q6pTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNTEyMTcyMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTc0M2MyYmRmZTk5ZWU3N2FkYmEzMWFjNTEwYjRjOWQyY2FjNDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA2WKH/zZswxGaCkQm/jVWo1phCC
nqSxHl8hubXKdlqSCQRBcFzORVDcC8kSXtCuVLpYdHV+e+cm7PyYz9ui+Rbl7Ri/
9smq9lKmUPYnZc9tmefeD4Vw363c/+naMeHdWkzuZuMXfLoNviE+8p1AWFZfWise
07nDFYWg7XnlTS/kIIAAp9xoBxPh9VBWYEXBwC0HGrn2t83c7+LY5dJxMS/IR+bo
sHWX0zPbyEPUTffNC3deJ1xg0kd8jcy6OlP/d5fjpj4V5FtKHkBT3CDlYrmxLo3k
AXU+7WAMnVpeXpTfUyLjZt/MI54qCXq48f6TsLtv/5Ayzc1TqucZbCyg7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJF0PCvf6Z7netujGsUQtMnSysQTMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEva1hROEs5X3BudWQ2MjZNYXhSQzB5ZExLeEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/4CAwQA
V/4KAwQBudKqAwQA2RkBMA0GCSqGSIb3DQEBCwUAA4IBAQCJjGASu4hlKJ5+fZEz
lBP3MjijSkzFjvsVnjD8XqyBdF97smg8YCodsEf4HzxQifBUK9M1900T7KLMeUix
e9dq+eAd16nt+xGSyUp/EIFeUvXf1F8IlT0+oEoqUDOueUHrJRWlrzhYB4GktqGa
bUF+A+Z75NEInHkpzAWvGz1nEfw3kwrf/ZFbKyGietksF6fzP+M6k7HCrf1qqiqL
6LbD4tYpQwEAAPwjHOgtiQVZbZEwKX2N+SYsvJZBQwiXRPbg2keKYKiT9hweLBSG
UdAo7qZudHKT3W1Wc2W0HTyacsGFlajDWgk3VEtKdS/3m+shPOD/6/EUXAmWgPJR
iL+e
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org