Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/o8_3DaEozJbWGjF4NWoDG1X6iFs.roa
File: o8_3DaEozJbWGjF4NWoDG1X6iFs.roa (raw, json)
Hash identifier: WGYdqls3mpGffsnh34NBc0ue0RNNzQWMH7PD9c204CY=
Subject key identifier: A3:CF:F7:0D:A1:28:CC:96:D6:1A:31:78:35:6A:03:1B:55:FA:88:5B
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018B209E20778A641727270764294CB8F16C
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/o8_3DaEozJbWGjF4NWoDG1X6iFs.roa
Signing time: Wed 11 Oct 2023 21:21:55 +0000
ROA not before: Wed 11 Oct 2023 21:21:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.12.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.23.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:20:9e:20:77:8a:64:17:27:27:07:64:29:4c:b8:f1:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Oct 11 21:21:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3cff70da128cc96d61a3178356a031b55fa885b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d6:04:aa:fc:24:d5:29:a2:22:5e:88:fa:28:
e9:c3:21:19:e4:6f:d3:78:20:97:63:a5:cd:08:96:
f8:b6:38:04:18:50:e7:e3:b9:72:8e:fc:71:cf:15:
4d:d2:84:17:74:35:9d:3b:9f:0a:4c:16:f0:8a:de:
a8:2c:80:a5:ba:17:fa:1f:f0:cb:46:12:e4:88:80:
d9:12:11:a5:16:14:31:3b:4b:9c:dd:6c:57:c9:39:
01:97:ff:40:ec:ba:ef:d9:0c:0c:c0:d7:e0:bf:1a:
d8:2a:e8:f8:a7:c2:c5:51:87:ff:bc:db:9d:4d:35:
bf:73:96:97:c7:98:0c:23:e6:ad:7e:a7:5e:e0:57:
b4:fd:5e:e3:b5:6c:46:a2:4b:fe:7b:c3:cb:4f:e1:
ca:c4:d0:1f:8a:1e:7b:de:ae:80:f9:f5:80:88:8d:
d4:f2:fe:75:89:80:67:fc:fc:b6:4e:2a:2e:d9:97:
a1:67:82:10:57:fa:af:8e:d5:44:be:65:b1:31:74:
31:03:3b:36:49:4d:19:9e:8e:de:26:34:1b:77:48:
53:8e:fb:a8:7a:3f:ef:ef:48:ee:9d:ea:d3:00:5f:
ec:6e:f2:9c:b6:0c:b2:d9:8e:2e:c3:0a:5a:ac:98:
ef:80:a9:c9:c2:93:8b:d3:ba:90:99:d5:86:d2:57:
85:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CF:F7:0D:A1:28:CC:96:D6:1A:31:78:35:6A:03:1B:55:FA:88:5B
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/o8_3DaEozJbWGjF4NWoDG1X6iFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
87.254.12.0/23
87.254.17.0-87.254.19.255
87.254.22.0/23
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
19:9a:5f:49:40:1b:fb:09:41:20:e8:cd:e0:b6:f7:93:38:02:
ba:fb:06:61:79:d9:7b:a5:7b:04:d2:bf:71:1e:34:7f:a9:35:
f8:c3:32:13:92:d4:0d:f5:df:cc:98:59:36:2a:b5:8d:56:11:
39:c0:5f:8a:14:e0:00:90:d2:ca:b9:d3:cc:04:94:5b:05:5b:
b1:c4:63:fe:db:a0:fe:3a:3f:2c:a0:df:bc:14:38:84:d9:4b:
86:e5:b6:0f:38:6e:e9:a8:3a:68:fa:1e:e5:68:21:6e:9d:0f:
63:b5:62:a5:2d:52:df:f5:d2:18:8e:8e:a6:f3:26:2c:c0:39:
19:27:51:18:ca:ee:1c:c8:15:cc:f3:9a:8b:ab:30:12:06:44:
e4:b7:eb:0b:b7:25:38:0d:a2:d6:cd:a6:3c:0d:cf:74:d8:82:
6a:38:d2:8b:10:6e:bf:05:e4:ed:37:27:5c:a8:b7:4d:1e:bf:
db:08:5d:d7:b0:73:90:82:2e:d6:e2:41:5b:d8:8f:1f:a2:05:
05:07:25:68:5b:e6:ef:f6:8a:eb:08:6c:b7:8a:de:81:e4:74:
b6:9e:e3:ee:52:20:72:62:b0:e0:87:58:84:73:92:4f:af:08:
14:da:6d:21:8b:60:cd:71:cf:2f:be:f9:4d:e0:ff:e1:75:b4:
d6:5d:89:7f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYsgniB3imQXJycHZClMuPFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMxMDExMjEyMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NmZjcwZGExMjhjYzk2ZDYxYTMxNzgzNTZhMDMxYjU1ZmE4ODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidYEqvwk1SmiIl6I+ijpwyEZ5G/T
eCCXY6XNCJb4tjgEGFDn47lyjvxxzxVN0oQXdDWdO58KTBbwit6oLICluhf6H/DL
RhLkiIDZEhGlFhQxO0uc3WxXyTkBl/9A7Lrv2QwMwNfgvxrYKuj4p8LFUYf/vNud
TTW/c5aXx5gMI+atfqde4Fe0/V7jtWxGokv+e8PLT+HKxNAfih573q6A+fWAiI3U
8v51iYBn/Py2Tiou2ZehZ4IQV/qvjtVEvmWxMXQxAzs2SU0Zno7eJjQbd0hTjvuo
ej/v70junerTAF/sbvKctgyy2Y4uwwparJjvgKnJwpOL07qQmdWG0leFYwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKPP9w2hKMyW1hoxeDVqAxtV+ohbMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvbzhfM0RhRW96SmJXR2pGNE5Xb0RHMVg2aUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAV/4CAwQA
V/4KAwQBV/4MMAwDBABX/hEDBAJX/hADBAFX/hYDBAK50qgwDQYJKoZIhvcNAQEL
BQADggEBABmaX0lAG/sJQSDozeC295M4Arr7BmF52XulewTSv3EeNH+pNfjDMhOS
1A3138yYWTYqtY1WETnAX4oU4ACQ0sq508wElFsFW7HEY/7boP46Pyyg37wUOITZ
S4bltg84bumoOmj6HuVoIW6dD2O1YqUtUt/10hiOjqbzJizAORknURjK7hzIFczz
mourMBIGROS36wu3JTgNotbNpjwNz3TYgmo40osQbr8F5O03J1yot00ev9sIXdew
c5CCLtbiQVvYjx+iBQUHJWhb5u/2iusIbLeK3oHkdLae4+5SIHJisOCHWIRzkk+v
CBTabSGLYM1xzy+++U3g/+F1tNZdiX8=
Generated at Sat Oct 14 20:16:11 2023 by rpki-client on console-ams.rpki-client.org