Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zzdPWsojHc-AT5eorkrmDR4SwXE.roa
File: zzdPWsojHc-AT5eorkrmDR4SwXE.roa (raw, json)
Hash identifier: /vSt3fPvYerUwdeaFxSedHb0Jwobk5enPgHw88IINBY=
Subject key identifier: CF:37:4F:5A:CA:23:1D:CF:80:4F:97:A8:AE:4A:E6:0D:1E:12:C1:71
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018D7ED0E3C7BE3BD646ED708B8F25C7BB3B
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zzdPWsojHc-AT5eorkrmDR4SwXE.roa
Signing time: Tue 06 Feb 2024 14:27:15 +0000
ROA not before: Tue 06 Feb 2024 14:27:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.254.17.0/24 maxlen: 24
87.254.23.0/24 maxlen: 24
87.254.31.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 14:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:d0:e3:c7:be:3b:d6:46:ed:70:8b:8f:25:c7:bb:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Feb 6 14:27:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf374f5aca231dcf804f97a8ae4ae60d1e12c171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:36:3f:fd:87:5f:3f:80:b3:91:90:eb:9e:99:
ad:b9:94:ef:36:1e:7e:6f:66:31:96:b1:25:d7:23:
fa:a1:de:af:22:0e:6d:a2:80:49:a8:b7:b9:f9:f6:
ee:1f:8f:a5:32:7e:84:9a:36:c8:07:6e:10:f9:79:
58:e0:c4:a1:cd:03:8d:91:4a:e3:36:5d:02:42:07:
4b:3a:28:fc:19:cd:6b:f6:b8:c2:ad:d5:25:d1:51:
7b:c8:44:5d:31:bd:ae:1e:0f:d3:86:69:d9:55:2a:
14:14:70:70:01:06:1e:37:21:99:99:40:99:c0:cf:
47:2b:10:d4:82:e3:08:5b:a0:bb:57:9c:59:d0:28:
a5:8f:9d:9b:80:2f:ca:ac:98:d9:59:ab:8b:dd:f8:
cf:30:24:34:e6:ae:ef:59:1e:70:b7:91:2d:05:ed:
08:8c:54:76:96:c3:3d:9f:68:f3:df:38:40:5d:40:
93:6d:fd:55:c5:34:b5:e5:e5:c5:09:12:4b:f3:ec:
e9:2f:ef:fe:2d:7d:9b:d5:6f:ce:18:2e:85:55:c1:
ad:ae:f7:af:98:fc:63:99:d2:83:6c:28:e2:35:a4:
d2:49:0e:c5:2a:3f:42:06:30:a1:9b:15:bb:25:e0:
b1:53:b8:1b:d7:36:d0:cc:93:f1:7d:01:05:0a:d2:
42:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:37:4F:5A:CA:23:1D:CF:80:4F:97:A8:AE:4A:E6:0D:1E:12:C1:71
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zzdPWsojHc-AT5eorkrmDR4SwXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.17.0/24
87.254.23.0/24
87.254.31.0/24
185.210.168.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:f7:48:b1:e5:83:b3:71:60:1e:a4:0e:05:f1:0e:ec:dd:06:
d8:1f:25:8a:2c:d4:69:55:01:30:53:a9:6e:d9:2a:e8:0c:15:
41:a2:12:e5:22:07:06:69:0e:c1:de:20:ce:4c:4c:7f:ec:6d:
b9:54:55:cc:72:f4:9d:29:71:25:a6:74:49:2c:2a:27:19:6c:
a5:05:a3:2a:31:c4:c3:63:a0:fd:2d:eb:8d:b3:3d:a0:82:42:
82:ff:af:8e:10:53:a3:14:7d:c7:07:30:a8:53:90:43:b5:5a:
e4:47:39:2d:c4:64:30:da:6c:c6:13:38:32:5e:82:32:6e:02:
20:66:34:84:49:d1:dd:1d:f3:4a:93:0f:60:fe:c7:b2:4f:05:
74:f4:63:1f:73:d8:e8:94:b8:a4:d7:41:f2:48:de:5f:e1:46:
3c:b6:6f:e3:d3:8a:4d:66:de:35:4d:c4:56:ea:84:0d:ea:db:
f2:ad:ff:a8:27:ac:34:97:7b:b5:8f:85:f2:83:2e:6d:60:de:
97:63:77:94:2f:ee:05:3f:75:5a:13:27:7d:61:67:f2:62:b8:
08:f5:19:28:d1:f6:17:89:dd:1d:c5:20:36:dc:a0:e4:00:ef:
27:fa:f0:52:b7:96:fa:ec:1c:75:a7:29:3b:3f:b9:7e:2f:95:
0b:6a:c3:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1+0OPHvjvWRu1wi48lx7s7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjQwMjA2MTQyNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM3NGY1YWNhMjMxZGNmODA0Zjk3YThhZTRhZTYwZDFlMTJjMTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzY//YdfP4CzkZDrnpmtuZTvNh5+
b2YxlrEl1yP6od6vIg5tooBJqLe5+fbuH4+lMn6EmjbIB24Q+XlY4MShzQONkUrj
Nl0CQgdLOij8Gc1r9rjCrdUl0VF7yERdMb2uHg/ThmnZVSoUFHBwAQYeNyGZmUCZ
wM9HKxDUguMIW6C7V5xZ0Cilj52bgC/KrJjZWauL3fjPMCQ05q7vWR5wt5EtBe0I
jFR2lsM9n2jz3zhAXUCTbf1VxTS15eXFCRJL8+zpL+/+LX2b1W/OGC6FVcGtrvev
mPxjmdKDbCjiNaTSSQ7FKj9CBjChmxW7JeCxU7gb1zbQzJPxfQEFCtJCdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM83T1rKIx3PgE+XqK5K5g0eEsFxMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvenpkUFdzb2pIYy1BVDVlb3Jrcm1EUjRTd1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/4RAwQA
V/4XAwQAV/4fAwQBudKoMA0GCSqGSIb3DQEBCwUAA4IBAQBr90ix5YOzcWAepA4F
8Q7s3QbYHyWKLNRpVQEwU6lu2SroDBVBohLlIgcGaQ7B3iDOTEx/7G25VFXMcvSd
KXElpnRJLConGWylBaMqMcTDY6D9LeuNsz2ggkKC/6+OEFOjFH3HBzCoU5BDtVrk
RzktxGQw2mzGEzgyXoIybgIgZjSESdHdHfNKkw9g/seyTwV09GMfc9jolLik10Hy
SN5f4UY8tm/j04pNZt41TcRW6oQN6tvyrf+oJ6w0l3u1j4Xygy5tYN6XY3eUL+4F
P3VaEyd9YWfyYrgI9Rko0fYXid0dxSA23KDkAO8n+vBSt5b67Bx1pyk7P7l+L5UL
asOE
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:17:07 2024 by rpki-client on console-ams.rpki-client.org