Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/vO2WZf_38cFfxR5cJPCcsLdckcQ.roa
File: vO2WZf_38cFfxR5cJPCcsLdckcQ.roa (raw, json)
Hash identifier: LQ5wcV6ZS+YyKsG7pG3yvKWDBarP5qVMt0N9O2TZA+w=
Subject key identifier: BC:ED:96:65:FF:F7:F1:C1:5F:C5:1E:5C:24:F0:9C:B0:B7:5C:91:C4
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01857070795E194BD91B8299B0AE5FFE3DCB
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/vO2WZf_38cFfxR5cJPCcsLdckcQ.roa
Signing time: Mon 02 Jan 2023 03:04:57 +0000
ROA not before: Mon 02 Jan 2023 03:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.9.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
185.210.168.0/22 maxlen: 24
87.254.16.0/24 maxlen: 24
87.254.17.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:79:5e:19:4b:d9:1b:82:99:b0:ae:5f:fe:3d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 2 03:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bced9665fff7f1c15fc51e5c24f09cb0b75c91c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fb:1e:90:14:45:6c:dd:1b:e0:fa:a2:6e:0f:
b9:46:06:1c:3a:b8:ac:f8:db:f8:a3:40:66:1a:0f:
45:6f:60:ec:f5:13:10:11:0d:66:91:59:a5:09:03:
ab:11:4f:5f:f0:19:c4:e7:82:17:a9:10:5c:0f:36:
d4:6c:c3:33:94:92:b4:c1:e6:fe:31:aa:26:c6:b6:
f7:a4:76:ef:35:ee:1d:10:d0:f5:dd:aa:14:7f:97:
0a:3c:a4:3e:15:68:39:e5:11:3d:68:04:24:38:79:
d7:e2:9d:ee:74:8d:70:ba:45:57:ec:84:5e:13:34:
2d:10:9e:2a:6c:4b:6a:7c:f3:32:da:be:fd:03:37:
67:65:07:af:2b:43:91:00:e7:39:3c:85:7b:77:eb:
e3:d8:a9:d7:46:0b:06:31:9b:48:be:0f:ac:4d:38:
ce:a7:bc:bb:b4:53:4d:c0:10:74:bc:02:98:90:b6:
76:2d:ef:4e:03:1e:34:f1:fd:2a:3b:be:8f:93:31:
f5:1e:a9:4f:07:2e:6d:90:19:c2:4d:b7:29:e1:be:
5b:8f:62:ae:b0:69:92:a6:06:fb:4a:2e:8f:f4:88:
f0:1a:50:5a:9a:b3:4b:a3:60:eb:3f:d2:39:b1:df:
d8:e6:bc:2d:e3:76:77:a5:a4:a1:8a:b4:cb:09:0b:
cb:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:ED:96:65:FF:F7:F1:C1:5F:C5:1E:5C:24:F0:9C:B0:B7:5C:91:C4
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/vO2WZf_38cFfxR5cJPCcsLdckcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.9.0/24
87.254.11.0/24
87.254.16.0/23
185.210.168.0/22
Signature Algorithm: sha256WithRSAEncryption
75:31:af:60:c4:04:cd:5c:82:ad:08:af:db:22:7b:49:48:bf:
d5:d8:7f:db:56:5e:f6:ec:e2:8c:f6:37:92:37:97:50:90:a9:
1a:93:ba:70:c2:9d:17:e8:25:e0:4e:fe:65:6a:62:b5:c4:a7:
4c:ed:c1:73:17:6d:8d:b6:59:85:6e:31:64:3c:b2:12:ea:ca:
8f:49:6c:bd:aa:45:6d:ab:ed:0f:4e:f9:d4:19:b4:79:40:8c:
63:a3:76:7c:5d:5e:06:dc:f3:c7:be:f7:1b:c2:fb:9a:f5:7f:
d3:eb:7f:57:3f:1a:7f:0c:ca:18:1a:15:82:05:14:fc:2d:e7:
16:03:d2:eb:77:bd:f3:41:c1:08:1b:74:3e:7d:a8:90:d1:ba:
b0:5e:76:a2:1d:f6:68:2d:28:f2:2e:8c:32:13:82:a7:4f:eb:
ed:8e:e8:1b:44:90:7e:94:f7:26:29:f3:fe:bb:83:12:8a:15:
79:c1:35:61:43:aa:ca:bb:d1:d5:41:01:53:24:7f:91:0e:94:
51:e8:5b:59:fd:08:83:1b:ed:05:39:84:9d:bd:63:ee:50:d3:
59:ba:72:19:52:fc:a7:26:62:60:17:c9:7b:a7:91:62:73:5b:
f9:87:d6:16:b3:91:4a:b8:39:a4:a2:ca:3a:78:a5:a5:45:28:
b6:99:c2:9c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwcHleGUvZG4KZsK5f/j3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwMTAyMDMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2VkOTY2NWZmZjdmMWMxNWZjNTFlNWMyNGYwOWNiMGI3NWM5MWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPsekBRFbN0b4Pqibg+5RgYcOris
+Nv4o0BmGg9Fb2Ds9RMQEQ1mkVmlCQOrEU9f8BnE54IXqRBcDzbUbMMzlJK0web+
Maomxrb3pHbvNe4dEND13aoUf5cKPKQ+FWg55RE9aAQkOHnX4p3udI1wukVX7IRe
EzQtEJ4qbEtqfPMy2r79AzdnZQevK0ORAOc5PIV7d+vj2KnXRgsGMZtIvg+sTTjO
p7y7tFNNwBB0vAKYkLZ2Le9OAx408f0qO76PkzH1HqlPBy5tkBnCTbcp4b5bj2Ku
sGmSpgb7Si6P9IjwGlBamrNLo2DrP9I5sd/Y5rwt43Z3paShirTLCQvLnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLztlmX/9/HBX8UeXCTwnLC3XJHEMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvdk8yV1pmXzM4Y0ZmeFI1Y0pQQ2NzTGRja2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAV/4CAwQA
V/4JAwQAV/4LAwQBV/4QAwQCudKoMA0GCSqGSIb3DQEBCwUAA4IBAQB1Ma9gxATN
XIKtCK/bIntJSL/V2H/bVl727OKM9jeSN5dQkKkak7pwwp0X6CXgTv5lamK1xKdM
7cFzF22NtlmFbjFkPLIS6sqPSWy9qkVtq+0PTvnUGbR5QIxjo3Z8XV4G3PPHvvcb
wvua9X/T639XPxp/DMoYGhWCBRT8LecWA9Lrd73zQcEIG3Q+faiQ0bqwXnaiHfZo
LSjyLowyE4KnT+vtjugbRJB+lPcmKfP+u4MSihV5wTVhQ6rKu9HVQQFTJH+RDpRR
6FtZ/QiDG+0FOYSdvWPuUNNZunIZUvynJmJgF8l7p5Fic1v5h9YWs5FKuDmkoso6
eKWlRSi2mcKc
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org