Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/sSmRUpDD2UwDbV0ywGecY6VlYJs.roa
File: sSmRUpDD2UwDbV0ywGecY6VlYJs.roa (raw, json)
Hash identifier: h/BTQc6bicKN7F0ldxcB3+0a6ohxsz/JlIoj+N+CFX0=
Subject key identifier: B1:29:91:52:90:C3:D9:4C:03:6D:5D:32:C0:67:9C:63:A5:65:60:9B
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018D35A8CE4B6F2411FE7162D5F6C38CA414
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/sSmRUpDD2UwDbV0ywGecY6VlYJs.roa
Signing time: Tue 23 Jan 2024 09:31:11 +0000
ROA not before: Tue 23 Jan 2024 09:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.254.17.0/24 maxlen: 24
87.254.23.0/24 maxlen: 24
87.254.31.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 14:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:a8:ce:4b:6f:24:11:fe:71:62:d5:f6:c3:8c:a4:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 23 09:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b129915290c3d94c036d5d32c0679c63a565609b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:61:5d:10:6b:c4:40:61:e0:50:85:36:6b:d0:
91:ad:55:29:50:b7:10:84:8a:6f:f7:55:25:82:9f:
f1:c8:b4:95:f7:24:ca:8f:29:9d:0b:bf:b8:24:d0:
73:d2:13:33:d2:5a:6a:7e:1c:0c:34:ea:00:92:77:
7d:a2:12:6e:f1:7b:bb:97:98:43:66:e7:3c:8e:08:
8c:d5:8b:0d:ae:09:b8:bf:3f:a9:95:0d:17:4c:89:
a6:e3:0b:45:ee:1b:ee:87:ff:25:e2:d2:7e:74:d5:
3a:77:9a:14:bc:0f:33:25:5d:e0:14:d3:19:39:27:
b9:b8:bb:4c:a1:b0:20:b1:fa:7e:bd:13:f6:23:a7:
d9:ac:ed:9c:89:bb:89:03:61:2f:0e:a5:c3:0e:ba:
50:8a:3c:ef:80:48:51:c3:1b:fa:3f:46:98:81:d4:
07:f3:46:1f:e7:14:9b:df:f7:43:70:c2:6b:78:25:
38:38:db:d9:53:35:46:50:aa:51:d6:c1:23:7f:d4:
20:05:1c:9c:4d:bc:e7:97:f5:56:96:49:71:b1:99:
8e:02:43:76:3d:95:90:c6:e8:83:47:7f:9a:c7:2e:
94:15:33:79:e9:a6:e5:2f:61:0a:ca:e9:c1:b1:1f:
de:b8:c4:d7:ed:25:04:44:17:fe:6c:86:0f:0c:d2:
6f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:29:91:52:90:C3:D9:4C:03:6D:5D:32:C0:67:9C:63:A5:65:60:9B
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/sSmRUpDD2UwDbV0ywGecY6VlYJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.17.0/24
87.254.23.0/24
87.254.31.0/24
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
13:5a:26:23:05:9b:d1:ee:12:88:95:9b:72:80:09:0d:64:42:
31:c1:2b:c3:22:0c:2f:6c:7c:9f:d4:b1:42:c9:a2:9b:b9:8e:
26:4d:7b:6f:e4:a2:03:a5:e0:a1:72:cc:8e:31:88:24:0e:31:
ac:c5:29:55:96:f5:3b:49:46:b9:cb:d0:7c:c6:f4:12:78:87:
10:95:d7:9d:e0:a7:cb:27:35:0b:c2:4f:06:13:95:27:a9:fc:
9e:e1:7a:72:d3:15:24:1c:d9:02:54:7a:a9:cf:65:61:d0:07:
e3:db:1c:0e:c9:5e:16:32:90:b5:b5:ff:39:56:55:2a:03:cb:
c4:94:2f:cb:25:a0:b0:7b:e5:d7:9b:f1:da:3f:40:a7:85:5c:
23:4a:d9:ac:10:76:4c:d2:20:98:0a:bd:d7:ea:3d:d0:b3:ad:
95:73:d8:4a:e6:5d:00:1c:79:a8:ab:f4:6c:ae:6c:49:32:f1:
58:52:fc:ca:22:2b:93:bb:91:35:e9:a0:8e:35:02:aa:ba:17:
9b:8d:e0:07:a8:42:97:36:90:45:ae:66:02:54:f0:a0:b5:a3:
81:48:cd:3c:d7:45:5b:bf:8a:00:3e:fc:c2:ba:43:86:7f:ec:
36:26:80:e9:9a:5a:7f:ad:57:d1:60:bc:47:be:19:3f:22:d5:
86:a4:ed:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY01qM5LbyQR/nFi1fbDjKQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjQwMTIzMDkzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTI5OTE1MjkwYzNkOTRjMDM2ZDVkMzJjMDY3OWM2M2E1NjU2MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmFdEGvEQGHgUIU2a9CRrVUpULcQ
hIpv91Ulgp/xyLSV9yTKjymdC7+4JNBz0hMz0lpqfhwMNOoAknd9ohJu8Xu7l5hD
Zuc8jgiM1YsNrgm4vz+plQ0XTImm4wtF7hvuh/8l4tJ+dNU6d5oUvA8zJV3gFNMZ
OSe5uLtMobAgsfp+vRP2I6fZrO2cibuJA2EvDqXDDrpQijzvgEhRwxv6P0aYgdQH
80Yf5xSb3/dDcMJreCU4ONvZUzVGUKpR1sEjf9QgBRycTbznl/VWlklxsZmOAkN2
PZWQxuiDR3+axy6UFTN56ablL2EKyunBsR/euMTX7SUERBf+bIYPDNJvqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLEpkVKQw9lMA21dMsBnnGOlZWCbMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvc1NtUlVwREQyVXdEYlYweXdHZWNZNlZsWUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/4RAwQA
V/4XAwQAV/4fAwQCudKoMA0GCSqGSIb3DQEBCwUAA4IBAQATWiYjBZvR7hKIlZty
gAkNZEIxwSvDIgwvbHyf1LFCyaKbuY4mTXtv5KIDpeChcsyOMYgkDjGsxSlVlvU7
SUa5y9B8xvQSeIcQlded4KfLJzULwk8GE5Unqfye4Xpy0xUkHNkCVHqpz2Vh0Afj
2xwOyV4WMpC1tf85VlUqA8vElC/LJaCwe+XXm/HaP0CnhVwjStmsEHZM0iCYCr3X
6j3Qs62Vc9hK5l0AHHmoq/RsrmxJMvFYUvzKIiuTu5E16aCONQKquhebjeAHqEKX
NpBFrmYCVPCgtaOBSM0810Vbv4oAPvzCukOGf+w2JoDpmlp/rVfRYLxHvhk/ItWG
pO2y
-----END CERTIFICATE-----
Generated at Tue Feb 6 18:22:41 2024 by rpki-client on console-fra.rpki-client.org