Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/AFNAu11QiaO_54ztU-mwg5hZpg4.roa
File: AFNAu11QiaO_54ztU-mwg5hZpg4.roa (raw, json)
Hash identifier: 8Cmq8c083GcS0KtL4t1LHAF98kLDB2qnsVDbQYu9ozQ=
Subject key identifier: 00:53:40:BB:5D:50:89:A3:BF:E7:8C:ED:53:E9:B0:83:98:59:A6:0E
Certificate issuer: /CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Certificate serial: 018C671173CCBC76CCBE4BB0C99B51FDC1BB
Authority key identifier: 79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/AFNAu11QiaO_54ztU-mwg5hZpg4.roa
Signing time: Thu 14 Dec 2023 06:44:06 +0000
ROA not before: Thu 14 Dec 2023 06:44:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35571
IP address blocks: 87.236.84.0/23 maxlen: 23
87.236.80.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:11:73:cc:bc:76:cc:be:4b:b0:c9:9b:51:fd:c1:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Validity
Not Before: Dec 14 06:44:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=005340bb5d5089a3bfe78ced53e9b0839859a60e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1c:ee:64:60:1a:8e:a8:2e:4a:d9:1e:21:c5:
2f:ee:31:5f:cf:95:ea:4a:0b:7b:d4:4c:c2:01:4e:
4d:1a:ce:97:ae:a3:a0:4b:02:5b:48:fe:70:aa:18:
ed:ea:ec:8b:ec:b5:76:86:5a:74:14:e6:e4:dc:19:
73:85:88:d1:d0:07:91:b5:70:5e:04:b3:e9:58:54:
48:a6:37:ad:8b:49:0f:ff:33:1a:19:90:5a:06:8d:
6b:55:40:82:20:36:c2:96:4c:e9:4d:c0:58:c1:35:
74:cd:e4:39:1d:ef:48:47:79:5c:60:99:a6:ac:0c:
20:96:65:6a:c9:2e:c9:05:35:29:83:3e:57:a7:f1:
2b:d3:52:68:b2:0f:ef:dd:cf:51:45:2b:13:e6:8a:
fc:c3:40:27:83:d8:19:a1:02:1a:f0:c7:05:bc:f1:
bf:03:fd:c4:b1:aa:40:4d:0d:a7:23:0c:8a:65:d6:
97:48:c5:11:97:f0:08:af:6b:18:10:a7:5e:16:0d:
2e:e9:bb:89:42:95:7b:2e:1c:e2:4b:f1:10:da:58:
ab:96:90:1e:98:14:9c:86:d2:3b:be:6d:3d:ed:26:
30:e2:36:b9:b3:28:c7:2e:e5:c2:1e:04:10:13:9a:
cc:5c:47:bf:85:bc:d7:c6:4b:8c:5e:d9:ad:c0:91:
05:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:53:40:BB:5D:50:89:A3:BF:E7:8C:ED:53:E9:B0:83:98:59:A6:0E
X509v3 Authority Key Identifier:
keyid:79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/AFNAu11QiaO_54ztU-mwg5hZpg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/eXmGPOqCrrjp3zhLOapRdvS8-mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.80.0-87.236.85.255
Signature Algorithm: sha256WithRSAEncryption
20:cf:41:24:4c:eb:fb:bc:41:6a:bc:ac:66:a8:ae:03:ea:ef:
52:26:82:28:0d:23:81:aa:5a:a4:f6:0d:46:0d:6b:a1:af:4e:
ce:bc:37:5c:d7:a4:41:50:e4:4a:dd:32:12:2a:d9:f7:8b:0a:
42:f7:0a:d6:97:10:3c:24:ac:c0:39:cd:a4:5f:96:78:f6:50:
49:e1:cb:a5:24:8c:29:e0:44:c0:26:09:30:06:81:40:38:dd:
c1:78:24:84:2c:07:82:e8:ac:dd:70:39:6c:d1:4e:50:f4:5f:
b8:f5:f4:80:cf:d3:81:73:e7:c0:f7:95:9a:84:3f:6a:df:54:
cd:1a:c0:c1:45:6d:fd:fa:60:4b:de:d7:a5:f2:f2:5b:84:fb:
08:df:6a:b9:16:f8:1e:f2:1a:fd:0b:59:e1:f8:66:77:61:e0:
c7:5f:67:51:11:4a:04:46:2b:3b:1e:6f:ac:9a:41:6a:8a:e3:
59:64:59:37:3e:a0:30:a1:b6:d5:7d:78:fa:b2:4d:17:9d:46:
b1:98:53:55:75:5b:8d:cb:2b:f2:13:47:df:9a:f7:43:b9:f5:
2a:f9:48:f6:5c:ea:a3:20:b0:c0:26:a7:a4:6d:e6:42:a9:18:
f7:b6:1e:80:5a:99:24:bb:3c:53:ed:c7:34:89:d6:22:ef:09:
c6:72:31:95
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYxnEXPMvHbMvkuwyZtR/cG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5Nzk4NjNjZWE4MmFlYjhlOWRmMzg0YjM5YWE1MTc2ZjRi
Y2ZhNjEwHhcNMjMxMjE0MDY0NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDUzNDBiYjVkNTA4OWEzYmZlNzhjZWQ1M2U5YjA4Mzk4NTlhNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBzuZGAajqguStkeIcUv7jFfz5Xq
Sgt71EzCAU5NGs6XrqOgSwJbSP5wqhjt6uyL7LV2hlp0FObk3BlzhYjR0AeRtXBe
BLPpWFRIpjeti0kP/zMaGZBaBo1rVUCCIDbClkzpTcBYwTV0zeQ5He9IR3lcYJmm
rAwglmVqyS7JBTUpgz5Xp/Er01Josg/v3c9RRSsT5or8w0Ang9gZoQIa8McFvPG/
A/3EsapATQ2nIwyKZdaXSMURl/AIr2sYEKdeFg0u6buJQpV7LhziS/EQ2lirlpAe
mBSchtI7vm097SYw4ja5syjHLuXCHgQQE5rMXEe/hbzXxkuMXtmtwJEFhwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFABTQLtdUImjv+eM7VPpsIOYWaYOMB8GA1UdIwQY
MBaAFHl5hjzqgq646d84SzmqUXb0vPphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhtR1BPcUNycmpwM3poTE9hcFJkdlM4LW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8xY2NmMjUtMjBkZS00YjJlLWEwZTEt
ZGU0YWNmNDQ3ZmFlLzEvQUZOQXUxMVFpYU9fNTR6dFUtbXdnNWhacGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8xY2NmMjUtMjBkZS00YjJlLWEwZTEtZGU0YWNmNDQ3ZmFl
LzEvZVhtR1BPcUNycmpwM3poTE9hcFJkdlM4LW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARX7FAD
BAFX7FQwDQYJKoZIhvcNAQELBQADggEBACDPQSRM6/u8QWq8rGaorgPq71ImgigN
I4GqWqT2DUYNa6GvTs68N1zXpEFQ5ErdMhIq2feLCkL3CtaXEDwkrMA5zaRflnj2
UEnhy6UkjCngRMAmCTAGgUA43cF4JIQsB4LorN1wOWzRTlD0X7j19IDP04Fz58D3
lZqEP2rfVM0awMFFbf36YEve16Xy8luE+wjfarkW+B7yGv0LWeH4Zndh4MdfZ1ER
SgRGKzseb6yaQWqK41lkWTc+oDChttV9ePqyTRedRrGYU1V1W43LK/ITR9+a90O5
9Sr5SPZc6qMgsMAmp6Rt5kKpGPe2HoBamSS7PFPtxzSJ1iLvCcZyMZU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:21 2024 by rpki-client on console-fra.rpki-client.org