Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1eG_qY4Mpxff0xgniRXB3JlEdus.roa
File: 1eG_qY4Mpxff0xgniRXB3JlEdus.roa (raw, json)
Hash identifier: gSCwWbzpTiPaf02g6Wen3aHtXIkQzi3l9yiAE9R7Cls=
Subject key identifier: D5:E1:BF:A9:8E:0C:A7:17:DF:D3:18:27:89:15:C1:DC:99:44:76:EB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01933BCA3EE9CAA1141D080C030BDB61048A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1eG_qY4Mpxff0xgniRXB3JlEdus.roa
Signing time: Sun 17 Nov 2024 20:22:10 +0000
ROA not before: Sun 17 Nov 2024 20:22:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
93.123.80.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 00:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3b:ca:3e:e9:ca:a1:14:1d:08:0c:03:0b:db:61:04:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 17 20:22:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5e1bfa98e0ca717dfd318278915c1dc994476eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:10:a9:a7:63:2f:15:25:50:d7:70:5c:e1:41:
85:8f:90:92:af:b6:31:0f:f6:d5:5e:15:ed:f9:d6:
76:11:ee:ea:f8:6e:dc:64:96:c8:68:5e:b6:dd:90:
e4:92:aa:c0:b7:79:78:3b:a0:dc:68:ad:7b:ca:4d:
0f:58:44:43:38:15:94:34:10:cb:e2:c4:24:f9:f2:
e3:bc:23:4b:2e:4c:b4:ec:d0:c0:cc:62:e2:6b:cf:
e9:d4:ff:a6:40:cb:22:6c:39:e7:f5:14:f2:bb:dd:
a6:8e:b5:45:40:40:41:50:18:2c:f9:a5:92:42:04:
94:37:83:1a:63:15:eb:83:2e:5c:7d:b0:aa:98:6c:
2f:6a:50:aa:24:90:27:12:d4:ba:d8:3d:28:43:3c:
69:88:57:b0:1e:20:ea:3b:f5:50:0f:60:0e:19:c2:
07:f9:a4:f3:40:a8:ab:6b:f0:b1:df:0b:e0:f5:00:
d1:56:c6:9a:c1:95:12:fb:97:98:4d:ee:85:da:2e:
9b:21:4b:35:36:82:70:73:82:ab:8b:e0:ec:16:3c:
6a:32:9d:46:74:47:4b:29:5a:68:d8:dc:0e:71:95:
90:48:c7:a1:fa:49:65:9c:7a:54:3a:e1:13:8c:02:
43:03:60:30:d1:26:c6:08:38:4d:3b:3c:3e:9a:e0:
79:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E1:BF:A9:8E:0C:A7:17:DF:D3:18:27:89:15:C1:DC:99:44:76:EB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1eG_qY4Mpxff0xgniRXB3JlEdus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.74.0/23
93.123.80.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:d8:b7:18:bc:23:21:84:9f:a9:49:37:8e:96:96:81:d6:08:
5d:b7:d7:bf:fa:5d:c0:a0:44:9b:7b:aa:8e:38:01:9d:f4:2a:
ec:21:9f:a8:61:48:ca:aa:91:75:55:75:39:a2:0d:25:5b:19:
81:e7:c9:b9:85:0c:f6:71:22:a3:42:fb:70:02:d5:ff:e7:e1:
41:dd:b4:52:35:30:59:c9:0f:96:ff:20:62:61:8b:0f:8d:22:
17:20:e8:f9:7c:36:32:d1:54:2b:10:b9:bd:3c:20:48:3f:86:
55:df:67:86:f8:f6:61:f4:2c:9c:91:1b:ca:f2:9e:35:ff:17:
70:c9:d9:49:c0:cf:ed:d0:74:dc:b7:20:9e:b6:2e:ad:ab:71:
44:98:cd:49:23:95:73:84:e7:82:57:16:56:7b:1f:91:7a:e4:
9d:16:0e:1c:53:41:5b:52:9f:f4:40:e7:04:dc:f5:b4:eb:7e:
12:b5:10:d4:d0:0e:5b:e3:9f:f0:89:22:bd:ba:65:b1:5c:65:
d2:06:d8:a3:06:ae:d3:4a:b8:df:23:d4:17:f0:c2:19:6f:89:
c3:98:3a:23:de:64:18:92:01:af:33:4e:cb:34:98:fa:42:dc:
53:e2:16:c1:9f:03:07:f8:ee:83:bd:59:50:e6:a6:d1:d2:30:
0b:06:0d:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZM7yj7pyqEUHQgMAwvbYQSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTE3MjAyMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUxYmZhOThlMGNhNzE3ZGZkMzE4Mjc4OTE1YzFkYzk5NDQ3NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxCpp2MvFSVQ13Bc4UGFj5CSr7Yx
D/bVXhXt+dZ2Ee7q+G7cZJbIaF623ZDkkqrAt3l4O6DcaK17yk0PWERDOBWUNBDL
4sQk+fLjvCNLLky07NDAzGLia8/p1P+mQMsibDnn9RTyu92mjrVFQEBBUBgs+aWS
QgSUN4MaYxXrgy5cfbCqmGwvalCqJJAnEtS62D0oQzxpiFewHiDqO/VQD2AOGcIH
+aTzQKira/Cx3wvg9QDRVsaawZUS+5eYTe6F2i6bIUs1NoJwc4Kri+DsFjxqMp1G
dEdLKVpo2NwOcZWQSMeh+kllnHpUOuETjAJDA2Aw0SbGCDhNOzw+muB5zwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNXhv6mODKcX39MYJ4kVwdyZRHbrMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMWVHX3FZNE1weGZmMHhnbmlSWEIzSmxFZHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBV3hEAwQB
XXtKAwQAXXtQAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQA92LcYvCMhhJ+pSTeO
lpaB1ghdt9e/+l3AoESbe6qOOAGd9CrsIZ+oYUjKqpF1VXU5og0lWxmB58m5hQz2
cSKjQvtwAtX/5+FB3bRSNTBZyQ+W/yBiYYsPjSIXIOj5fDYy0VQrELm9PCBIP4ZV
32eG+PZh9CyckRvK8p41/xdwydlJwM/t0HTctyCeti6tq3FEmM1JI5VzhOeCVxZW
ex+ReuSdFg4cU0FbUp/0QOcE3PW0634StRDU0A5b45/wiSK9umWxXGXSBtijBq7T
SrjfI9QX8MIZb4nDmDoj3mQYkgGvM07LNJj6QtxT4hbBnwMH+O6DvVlQ5qbR0jAL
Bg31
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:02:35 2024 by rpki-client on console-ams.rpki-client.org