Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/wH08lxnCP8t-I1c_7GcIRLd2bao.roa
File: wH08lxnCP8t-I1c_7GcIRLd2bao.roa (raw, json)
Hash identifier: 4aMzQ+SHBivpoEFRZdvlbqYm+0iJZhd7+PuoWgSp9n0=
Subject key identifier: C0:7D:3C:97:19:C2:3F:CB:7E:23:57:3F:EC:67:08:44:B7:76:6D:AA
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0189B0ABA978D2A7A1C7D4F6A3D8A886645B
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/wH08lxnCP8t-I1c_7GcIRLd2bao.roa
Signing time: Tue 01 Aug 2023 10:36:27 +0000
ROA not before: Tue 01 Aug 2023 10:36:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 217.25.12.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Sep 2023 11:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:ab:a9:78:d2:a7:a1:c7:d4:f6:a3:d8:a8:86:64:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Aug 1 10:36:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c07d3c9719c23fcb7e23573fec670844b7766daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:27:52:bc:bc:91:0e:ed:65:a7:09:16:3e:b3:
59:1c:77:b3:16:b1:6d:4d:b4:53:b8:0f:24:af:cf:
05:9d:59:c8:fb:36:db:e9:c3:07:14:1a:09:ca:31:
72:fc:4c:78:2b:c1:ad:02:de:0f:d2:a5:fb:28:f4:
5c:43:bf:a0:81:42:9d:ff:27:00:5b:2b:dc:67:05:
7f:af:14:8c:c5:1b:60:ce:8f:96:2e:9d:94:67:5b:
5d:dd:49:6a:e5:96:e5:d3:cc:b9:a2:0e:39:e1:95:
b8:c6:5e:b1:f4:58:b4:12:8d:0d:68:fc:8d:df:85:
bd:72:8f:46:6f:46:ce:ef:ef:e3:bc:45:d9:73:b8:
6a:a2:9b:e7:7c:54:78:41:58:58:a6:37:6c:03:32:
17:2c:39:63:73:50:28:b7:e1:e5:f9:0f:aa:2c:02:
72:f1:e1:b0:86:66:d0:2e:7f:7c:e7:3b:12:f5:c1:
8c:19:51:91:37:87:bf:47:6d:d2:5f:14:75:a2:b2:
e4:16:ff:28:a6:59:7f:9a:2a:e4:c6:a7:5d:e0:06:
5e:5a:40:3d:2c:5a:b6:b6:c4:75:e3:43:74:ca:6c:
4b:56:84:d3:05:5f:45:cb:81:ee:c2:36:bc:0e:1d:
cf:03:24:0b:88:ed:17:79:e2:13:2c:53:ee:73:7c:
bd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:7D:3C:97:19:C2:3F:CB:7E:23:57:3F:EC:67:08:44:B7:76:6D:AA
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/wH08lxnCP8t-I1c_7GcIRLd2bao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
87.254.17.0-87.254.19.255
87.254.22.0/24
185.210.168.0/22
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
71:b2:e3:30:5f:89:f6:ec:6b:43:f2:97:b2:2f:4e:b3:f4:39:
b9:35:76:6a:ff:c6:88:a2:36:9a:8a:74:d9:1b:46:6e:5d:80:
a2:41:21:67:07:96:49:c9:73:14:4e:07:15:50:28:28:5a:fe:
37:13:6b:15:90:ff:a7:f8:b9:21:0e:52:a7:ea:02:47:17:a6:
4f:15:5f:94:51:b3:cb:6f:2e:84:15:a9:0a:d6:c2:46:9d:26:
4d:12:46:ad:f2:ff:d1:e9:db:1d:1b:20:6f:f1:5e:c4:78:ba:
21:bb:05:59:f8:84:fe:47:7b:3d:3f:01:37:49:64:a1:8f:38:
0d:e3:d3:01:81:24:3b:a7:65:3f:63:7b:ea:72:45:20:a4:54:
64:c8:9c:04:88:c5:5d:86:38:ff:72:38:1d:32:76:c0:86:20:
12:45:80:63:51:a8:36:97:5c:46:56:ed:f0:93:5b:68:9f:e8:
8c:a5:c7:09:1b:13:55:f2:bf:93:54:9d:e7:9f:eb:12:fe:73:
cc:12:2a:b7:65:70:c8:9a:f5:50:d0:d8:18:23:32:06:f2:b7:
7c:ef:2d:de:b6:26:0e:6d:8b:7c:a6:1a:e4:d5:32:52:83:11:
ee:99:79:f4:ed:bf:0c:52:0b:7c:1f:c3:a3:06:3e:b5:05:73:
ac:17:44:17
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYmwq6l40qehx9T2o9iohmRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwODAxMTAzNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDdkM2M5NzE5YzIzZmNiN2UyMzU3M2ZlYzY3MDg0NGI3NzY2ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjidSvLyRDu1lpwkWPrNZHHezFrFt
TbRTuA8kr88FnVnI+zbb6cMHFBoJyjFy/Ex4K8GtAt4P0qX7KPRcQ7+ggUKd/ycA
WyvcZwV/rxSMxRtgzo+WLp2UZ1td3Ulq5Zbl08y5og454ZW4xl6x9Fi0Eo0NaPyN
34W9co9Gb0bO7+/jvEXZc7hqopvnfFR4QVhYpjdsAzIXLDljc1Aot+Hl+Q+qLAJy
8eGwhmbQLn985zsS9cGMGVGRN4e/R23SXxR1orLkFv8opll/mirkxqdd4AZeWkA9
LFq2tsR140N0ymxLVoTTBV9Fy4Huwja8Dh3PAyQLiO0XeeITLFPuc3y9MQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMB9PJcZwj/LfiNXP+xnCES3dm2qMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvd0gwOGx4bkNQOHQtSTFjXzdHY0lSTGQyYmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAV/4CAwQA
V/4KMAwDBABX/hEDBAJX/hADBABX/hYDBAK50qgDBADZGQwwDQYJKoZIhvcNAQEL
BQADggEBAHGy4zBfifbsa0Pyl7IvTrP0Obk1dmr/xoiiNpqKdNkbRm5dgKJBIWcH
lknJcxROBxVQKCha/jcTaxWQ/6f4uSEOUqfqAkcXpk8VX5RRs8tvLoQVqQrWwkad
Jk0SRq3y/9Hp2x0bIG/xXsR4uiG7BVn4hP5Hez0/ATdJZKGPOA3j0wGBJDunZT9j
e+pyRSCkVGTInASIxV2GOP9yOB0ydsCGIBJFgGNRqDaXXEZW7fCTW2if6Iylxwkb
E1Xyv5NUneef6xL+c8wSKrdlcMia9VDQ2BgjMgbyt3zvLd62Jg5ti3ymGuTVMlKD
Ee6ZefTtvwxSC3wfw6MGPrUFc6wXRBc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:04 2024 by rpki-client on console-fra.rpki-client.org