Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/sk0-GNruu6lcaqiSx7HG4CP35y0.roa
File: sk0-GNruu6lcaqiSx7HG4CP35y0.roa (raw, json)
Hash identifier: slsH8SEK2ahuj+LPxnVG97LDeaRgrvOl+zgUvjZlxlY=
Subject key identifier: B2:4D:3E:18:DA:EE:BB:A9:5C:6A:A8:92:C7:B1:C6:E0:23:F7:E7:2D
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0187FA8EA773695C20195B98C33379200249
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/sk0-GNruu6lcaqiSx7HG4CP35y0.roa
Signing time: Mon 08 May 2023 08:51:05 +0000
ROA not before: Mon 08 May 2023 08:51:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
217.25.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 May 2023 21:58:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:8e:a7:73:69:5c:20:19:5b:98:c3:33:79:20:02:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: May 8 08:51:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b24d3e18daeebba95c6aa892c7b1c6e023f7e72d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0a:d3:ed:5f:30:aa:94:a3:9d:3f:86:a5:71:
b4:7a:03:1f:67:98:3a:24:cb:a8:97:55:0c:72:d7:
fd:59:c2:af:c0:e5:e0:1e:94:f7:89:cb:34:ea:39:
74:fa:39:2f:7e:d3:78:e6:1b:b4:7e:f3:62:08:48:
e7:4c:0f:b5:35:39:79:5a:38:1b:92:47:cd:0d:74:
4a:ae:b5:ce:dc:53:23:f3:bb:17:53:b4:81:62:11:
03:c6:4c:de:a2:0f:e8:7f:e5:22:ad:51:f3:8a:07:
22:f9:13:71:c1:f3:e6:c7:78:ff:06:b2:d3:c8:c3:
35:1e:34:d8:fe:f0:1e:bc:7b:3e:0f:36:68:51:0e:
35:c1:6d:e5:ed:b3:a5:f3:71:a2:a1:3b:35:8e:d3:
9c:00:b3:e5:c9:19:05:eb:6a:d2:47:8d:b3:85:c2:
61:d3:3e:4c:2f:38:c9:c5:22:6c:d0:71:5c:50:92:
e3:f2:87:ba:ab:bd:33:3d:0c:1c:8b:5c:60:4f:d6:
72:7e:4c:c1:ca:6d:52:bd:0e:a9:a9:cf:94:54:5b:
14:38:81:93:89:51:21:9e:87:f1:92:26:7c:de:c2:
cf:ee:8a:fa:38:6a:8e:59:48:36:a3:87:20:3b:ad:
33:61:12:5d:90:ac:36:08:b4:78:c4:84:ef:df:fc:
c4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:4D:3E:18:DA:EE:BB:A9:5C:6A:A8:92:C7:B1:C6:E0:23:F7:E7:2D
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/sk0-GNruu6lcaqiSx7HG4CP35y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
185.210.168.0/22
217.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:a7:95:93:d9:e7:b8:33:55:06:eb:69:75:33:d8:53:e0:9b:
47:17:d8:a6:20:94:0b:a5:58:ba:b1:2a:98:4c:36:26:10:c8:
0a:a8:db:71:0c:1f:9f:16:59:47:b4:e4:5c:79:56:a7:79:bb:
19:54:7c:14:e6:fc:73:26:25:18:cb:81:78:5a:17:11:57:56:
2b:65:44:b7:d1:06:6b:9d:d2:8e:83:4a:d6:ea:94:66:f4:2d:
b4:61:7d:b5:be:a4:f4:c1:ca:91:83:d2:e2:4b:27:b9:51:fc:
17:6b:5a:3c:b0:be:2f:d2:2d:b1:8a:e3:e7:cf:6f:0d:f6:95:
21:67:2b:07:0b:be:15:fe:23:35:e1:44:e1:2b:7f:67:39:74:
6f:3f:70:0f:4f:50:6d:c9:59:4d:d3:d4:2a:91:5f:87:bc:68:
86:45:64:8b:2f:bc:2e:0f:9e:ce:6a:cd:19:5f:a4:49:0c:82:
33:b9:7c:6a:50:1b:66:b2:10:a7:b4:90:19:d1:97:bf:61:a6:
1c:82:47:2d:11:ea:ae:b4:42:d2:bf:6c:12:36:9a:84:23:05:
d3:c0:eb:63:88:45:b1:35:a7:3d:f8:8f:3d:21:ce:fb:9c:c6:
1c:07:b6:e7:1d:e1:02:04:47:38:26:fe:db:16:a2:ed:41:11:
65:cf:db:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYf6jqdzaVwgGVuYwzN5IAJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNTA4MDg1MTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjRkM2UxOGRhZWViYmE5NWM2YWE4OTJjN2IxYzZlMDIzZjdlNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuArT7V8wqpSjnT+GpXG0egMfZ5g6
JMuol1UMctf9WcKvwOXgHpT3ics06jl0+jkvftN45hu0fvNiCEjnTA+1NTl5Wjgb
kkfNDXRKrrXO3FMj87sXU7SBYhEDxkzeog/of+UirVHzigci+RNxwfPmx3j/BrLT
yMM1HjTY/vAevHs+DzZoUQ41wW3l7bOl83GioTs1jtOcALPlyRkF62rSR42zhcJh
0z5MLzjJxSJs0HFcUJLj8oe6q70zPQwci1xgT9ZyfkzBym1SvQ6pqc+UVFsUOIGT
iVEhnofxkiZ83sLP7or6OGqOWUg2o4cgO60zYRJdkKw2CLR4xITv3/zEBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLJNPhja7rupXGqoksexxuAj9+ctMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvc2swLUdOcnV1NmxjYXFpU3g3SEc0Q1AzNXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/4CAwQA
V/4KAwQCudKoAwQA2RkBMA0GCSqGSIb3DQEBCwUAA4IBAQCup5WT2ee4M1UG62l1
M9hT4JtHF9imIJQLpVi6sSqYTDYmEMgKqNtxDB+fFllHtORceVanebsZVHwU5vxz
JiUYy4F4WhcRV1YrZUS30QZrndKOg0rW6pRm9C20YX21vqT0wcqRg9LiSye5UfwX
a1o8sL4v0i2xiuPnz28N9pUhZysHC74V/iM14UThK39nOXRvP3APT1BtyVlN09Qq
kV+HvGiGRWSLL7wuD57Oas0ZX6RJDIIzuXxqUBtmshCntJAZ0Ze/YaYcgkctEequ
tELSv2wSNpqEIwXTwOtjiEWxNac9+I89Ic77nMYcB7bnHeECBEc4Jv7bFqLtQRFl
z9tI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:04 2024 by rpki-client on console-fra.rpki-client.org