Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/uJOhlvriWEHcxbGFV6MIzaEadzA.roa
File: uJOhlvriWEHcxbGFV6MIzaEadzA.roa (raw, json)
Hash identifier: mN1Ion8x4Sqk0qflK+/1sgNqlqxhq31NM6kfy8aYPtw=
Subject key identifier: B8:93:A1:96:FA:E2:58:41:DC:C5:B1:85:57:A3:08:CD:A1:1A:77:30
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01882585FADB2BE28A6F144295D43BCE1D37
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/uJOhlvriWEHcxbGFV6MIzaEadzA.roa
Signing time: Tue 16 May 2023 17:05:17 +0000
ROA not before: Tue 16 May 2023 17:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.254.29.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.170.0/23 maxlen: 24
217.25.1.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:25:85:fa:db:2b:e2:8a:6f:14:42:95:d4:3b:ce:1d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: May 16 17:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b893a196fae25841dcc5b18557a308cda11a7730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:69:6b:e3:ca:71:42:d0:96:10:52:07:57:71:
bc:93:43:44:f8:77:37:71:c2:1c:e6:0a:dd:ab:f9:
42:cf:17:a5:2d:9f:85:b7:66:ab:85:e6:82:25:42:
96:28:52:3c:99:c1:d5:26:0e:60:7a:85:e9:76:ab:
a6:c3:b9:22:8a:2d:14:15:01:2c:40:5a:bc:4d:77:
3d:57:ae:fc:db:dd:c4:b1:e8:6a:61:e6:cf:dc:8a:
71:7d:0d:2f:88:cf:c1:c1:7c:92:8a:33:89:b9:2e:
fb:4d:bc:af:c7:1b:0c:13:a4:78:ed:a4:b9:93:57:
06:09:98:51:26:7e:86:21:f3:df:a7:7c:4a:7c:ef:
fb:b6:fd:17:97:bc:d8:b4:82:cb:56:2a:94:1e:21:
a0:bb:6b:ee:f4:e5:bc:b7:34:cc:89:1d:d8:a0:f4:
2d:2b:6a:fe:39:55:85:8e:2a:e2:32:a1:d1:51:2b:
83:d2:37:5f:26:23:13:25:79:93:53:e0:bf:e4:60:
cf:3e:39:7f:fc:c1:07:d3:13:39:5a:9c:f3:d2:ac:
6c:5b:e0:aa:31:8f:90:65:e5:0c:6f:b5:c7:cb:11:
94:53:c3:93:72:e5:79:6c:bf:e8:ad:9f:b0:f5:9d:
80:98:9c:67:03:8a:70:b8:96:e4:bb:50:68:69:87:
b0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:93:A1:96:FA:E2:58:41:DC:C5:B1:85:57:A3:08:CD:A1:1A:77:30
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/uJOhlvriWEHcxbGFV6MIzaEadzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
87.254.29.0/24
185.210.170.0/23
217.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
77:8f:ac:63:04:92:12:42:66:19:62:93:3e:d8:6b:e2:a4:dd:
50:2f:ea:28:fd:a8:af:68:f7:90:0b:db:0d:1b:94:04:31:d8:
ee:48:22:db:bd:a5:6e:d5:6a:5d:43:44:2d:53:e7:d0:c0:86:
1f:9e:ef:03:79:9f:90:98:57:8d:44:25:25:f7:f0:3b:43:2b:
ca:b4:67:b6:e9:5f:0c:a9:7d:16:9d:32:dd:be:ec:31:36:03:
13:95:14:04:9b:e2:aa:3c:2b:3c:32:ec:6e:91:61:6c:28:84:
c6:4e:7e:13:94:99:86:d2:41:db:9c:7a:50:8c:7f:8e:2b:1c:
a5:2a:4a:c5:df:1b:49:e0:29:e6:46:ec:77:e6:ea:a3:19:79:
9d:98:2e:e0:1a:25:92:a1:c2:0b:f5:59:2a:e9:16:9e:0b:4d:
0c:fb:cf:05:ef:e6:cb:07:4f:36:a6:ab:10:a9:f2:11:5e:39:
48:03:08:2e:e1:b5:d6:8e:9f:bf:ad:1f:47:40:af:fd:fd:4b:
2e:ce:87:a3:34:7e:8f:08:f2:1a:6f:d0:8c:46:e5:4b:54:9d:
d7:7d:f2:69:67:00:1d:23:88:eb:5f:b0:0e:7a:d3:6a:1c:00:
2e:88:09:f0:e8:cb:0d:51:34:91:01:d5:61:85:9b:d8:20:50:
03:0c:25:f7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYglhfrbK+KKbxRCldQ7zh03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNTE2MTcwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODkzYTE5NmZhZTI1ODQxZGNjNWIxODU1N2EzMDhjZGExMWE3NzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmlr48pxQtCWEFIHV3G8k0NE+Hc3
ccIc5grdq/lCzxelLZ+Ft2arheaCJUKWKFI8mcHVJg5geoXpdqumw7kiii0UFQEs
QFq8TXc9V678293EsehqYebP3IpxfQ0viM/BwXySijOJuS77TbyvxxsME6R47aS5
k1cGCZhRJn6GIfPfp3xKfO/7tv0Xl7zYtILLViqUHiGgu2vu9OW8tzTMiR3YoPQt
K2r+OVWFjiriMqHRUSuD0jdfJiMTJXmTU+C/5GDPPjl//MEH0xM5Wpzz0qxsW+Cq
MY+QZeUMb7XHyxGUU8OTcuV5bL/orZ+w9Z2AmJxnA4pwuJbku1BoaYewKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLiToZb64lhB3MWxhVejCM2hGncwMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvdUpPaGx2cmlXRUhjeGJHRlY2TUl6YUVhZHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAV/4CAwQA
V/4KAwQAV/4dAwQBudKqAwQA2RkBMA0GCSqGSIb3DQEBCwUAA4IBAQB3j6xjBJIS
QmYZYpM+2GvipN1QL+oo/aivaPeQC9sNG5QEMdjuSCLbvaVu1WpdQ0QtU+fQwIYf
nu8DeZ+QmFeNRCUl9/A7QyvKtGe26V8MqX0WnTLdvuwxNgMTlRQEm+KqPCs8Muxu
kWFsKITGTn4TlJmG0kHbnHpQjH+OKxylKkrF3xtJ4CnmRux35uqjGXmdmC7gGiWS
ocIL9Vkq6RaeC00M+88F7+bLB082pqsQqfIRXjlIAwgu4bXWjp+/rR9HQK/9/Usu
zoejNH6PCPIab9CMRuVLVJ3XffJpZwAdI4jrX7AOetNqHAAuiAnw6MsNUTSRAdVh
hZvYIFADDCX3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org