Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/rkfH9mINYOsdXXf6Y9CYy24Iaq8.roa
File: rkfH9mINYOsdXXf6Y9CYy24Iaq8.roa (raw, json)
Hash identifier: YfH19FtkvxS85oFuMVjw4MbSQNsLbO7KBJmZWKdyJis=
Subject key identifier: AE:47:C7:F6:62:0D:60:EB:1D:5D:77:FA:63:D0:98:CB:6E:08:6A:AF
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01857070773E05FEEE8AB280ABEBFDD8C4E7
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/rkfH9mINYOsdXXf6Y9CYy24Iaq8.roa
Signing time: Mon 02 Jan 2023 03:04:56 +0000
ROA not before: Mon 02 Jan 2023 03:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20915
IP address blocks: 87.254.25.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.0.0/19 maxlen: 19
87.254.10.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
217.25.0.0/20 maxlen: 20
87.254.19.0/24 maxlen: 24
2a00:eac0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:77:3e:05:fe:ee:8a:b2:80:ab:eb:fd:d8:c4:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 2 03:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae47c7f6620d60eb1d5d77fa63d098cb6e086aaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:dc:c1:9d:3b:04:5a:bf:90:81:7d:ba:91:8f:
fd:12:ad:bd:0d:4b:2f:f6:e6:47:56:66:68:02:af:
ea:ed:53:49:d1:18:f4:12:42:54:f3:b2:88:2d:c2:
37:b3:29:fb:11:00:7b:3b:ab:f4:68:82:49:e7:89:
67:74:e8:38:44:f1:2b:8b:03:af:68:6f:48:4c:24:
9b:17:37:3d:3a:42:23:2f:4b:9f:97:f7:a8:73:ef:
ef:e0:e4:2d:ba:34:86:13:28:27:98:a7:ad:d8:3d:
c6:97:e5:b6:da:2b:02:85:d8:54:fc:e7:92:7c:fd:
64:0c:32:ea:ce:39:c1:d1:6d:45:cc:16:10:90:7b:
e4:f0:f7:8b:19:5d:fc:06:76:56:35:f1:c4:9c:e2:
64:f1:73:91:c6:3f:13:ae:ff:65:38:b3:60:0a:36:
ab:4c:dd:40:7c:e8:ea:f2:25:d8:04:a3:4a:0b:2b:
b0:4a:a0:1f:bc:5c:85:9d:7e:8b:f0:d5:e1:91:6c:
b2:71:20:12:ac:6b:b6:5c:0a:7d:63:42:6d:89:ab:
39:e1:93:b2:c9:2b:c5:6f:fd:15:12:5a:18:6f:90:
27:45:24:79:ee:d0:39:91:8f:60:b6:57:fd:e8:b8:
f6:a1:bf:28:77:43:59:22:35:fc:f6:67:1c:56:3f:
5c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:47:C7:F6:62:0D:60:EB:1D:5D:77:FA:63:D0:98:CB:6E:08:6A:AF
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/rkfH9mINYOsdXXf6Y9CYy24Iaq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.0.0/19
217.25.0.0/20
IPv6:
2a00:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
01:92:36:c2:7c:3f:c9:11:7b:ff:00:32:0d:e4:73:2f:b0:82:
1c:f6:ae:ec:41:ec:00:96:a4:23:48:c3:ad:ee:4e:4e:c8:1d:
74:06:40:45:b1:c6:30:ab:c0:31:25:38:29:26:2c:61:0a:f5:
47:7c:6a:01:29:d2:86:f4:b6:ea:fc:c5:b1:99:aa:b9:82:9e:
60:d0:2d:72:95:3e:bf:a4:27:74:6f:e9:db:41:81:cf:5c:e7:
06:d0:39:67:74:89:f1:eb:e6:40:5a:c6:82:3b:89:f2:69:bd:
92:be:93:83:d1:ac:0b:51:c7:b8:2d:1d:e5:3f:84:c2:af:30:
b1:b6:ba:80:42:22:63:ec:7f:d8:3b:a6:10:22:77:69:88:8f:
be:67:ca:5b:c9:91:eb:c5:c6:1f:23:80:e3:f6:d2:c6:3c:be:
8b:d6:91:ca:b4:8d:60:b1:31:09:d7:ed:09:bf:1a:c3:81:ce:
81:46:9d:70:4d:68:bc:eb:ff:d1:b3:00:69:c9:21:3e:6f:9f:
10:5a:fc:e3:1e:33:3b:35:55:2b:a5:76:83:8f:9f:ba:b9:8f:
c6:88:34:4c:51:57:d9:10:44:5a:a2:16:38:08:4a:8d:8c:bb:
ed:fb:e7:d0:c0:f8:ce:d9:28:90:94:78:02:64:72:be:97:eb:
50:f7:ee:5a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwcHc+Bf7uirKAq+v92MTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwMTAyMDMwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTQ3YzdmNjYyMGQ2MGViMWQ1ZDc3ZmE2M2QwOThjYjZlMDg2YWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNzBnTsEWr+QgX26kY/9Eq29DUsv
9uZHVmZoAq/q7VNJ0Rj0EkJU87KILcI3syn7EQB7O6v0aIJJ54lndOg4RPEriwOv
aG9ITCSbFzc9OkIjL0ufl/eoc+/v4OQtujSGEygnmKet2D3Gl+W22isChdhU/OeS
fP1kDDLqzjnB0W1FzBYQkHvk8PeLGV38BnZWNfHEnOJk8XORxj8Trv9lOLNgCjar
TN1AfOjq8iXYBKNKCyuwSqAfvFyFnX6L8NXhkWyycSASrGu2XAp9Y0Jtias54ZOy
ySvFb/0VEloYb5AnRSR57tA5kY9gtlf96Lj2ob8od0NZIjX89mccVj9ckwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK5Hx/ZiDWDrHV13+mPQmMtuCGqvMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvcmtmSDltSU5ZT3NkWFhmNlk5Q1l5MjRJYXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFV/4AAwQE
2RkAMA0EAgACMAcDBQAqAOrAMA0GCSqGSIb3DQEBCwUAA4IBAQABkjbCfD/JEXv/
ADIN5HMvsIIc9q7sQewAlqQjSMOt7k5OyB10BkBFscYwq8AxJTgpJixhCvVHfGoB
KdKG9Lbq/MWxmaq5gp5g0C1ylT6/pCd0b+nbQYHPXOcG0DlndInx6+ZAWsaCO4ny
ab2SvpOD0awLUce4LR3lP4TCrzCxtrqAQiJj7H/YO6YQIndpiI++Z8pbyZHrxcYf
I4Dj9tLGPL6L1pHKtI1gsTEJ1+0JvxrDgc6BRp1wTWi86//RswBpySE+b58QWvzj
HjM7NVUrpXaDj5+6uY/GiDRMUVfZEERaohY4CEqNjLvt++fQwPjO2SiQlHgCZHK+
l+tQ9+5a
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org