Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1oF74I3QKuAQCrBTU4v-LkLNZRU.roa
File: 1oF74I3QKuAQCrBTU4v-LkLNZRU.roa (raw, json)
Hash identifier: hfWTXkb6hDmn56+ybQ5qdBjw06eK5e3RzJSRdFdMay8=
Subject key identifier: D6:81:7B:E0:8D:D0:2A:E0:10:0A:B0:53:53:8B:FE:2E:42:CD:65:15
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019143E76ABEE71731EC8C3D1853C7A64F15
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1oF74I3QKuAQCrBTU4v-LkLNZRU.roa
Signing time: Mon 12 Aug 2024 00:05:25 +0000
ROA not before: Mon 12 Aug 2024 00:05:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
87.121.146.0/24 maxlen: 24
93.123.74.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
212.87.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 22:37:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:43:e7:6a:be:e7:17:31:ec:8c:3d:18:53:c7:a6:4f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 12 00:05:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6817be08dd02ae0100ab053538bfe2e42cd6515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:66:57:e3:c9:f6:84:5f:8d:a2:de:c6:d3:de:
3d:42:4e:87:e1:98:59:2b:ef:ab:9f:8f:ed:f7:7c:
d2:c8:c6:d5:88:df:70:cd:aa:cb:d8:b7:83:dc:cf:
19:1c:ba:cb:09:9c:77:b7:24:71:f9:dd:41:5e:f0:
15:46:b1:ec:d7:e0:80:60:0c:7e:79:11:99:da:53:
f1:08:33:58:b8:03:81:81:14:a7:ce:d8:f1:53:5b:
ea:3d:21:d0:f8:07:d2:4b:73:9e:4c:96:3b:f8:17:
3c:19:2e:64:04:eb:2f:5d:1c:0a:9d:df:16:f6:b5:
2e:2a:e1:a0:fb:b9:89:9b:72:8b:40:7e:88:8e:89:
99:f9:4a:84:2d:a1:74:ec:98:f7:7f:4a:fa:6b:e7:
9c:78:5e:df:2f:f5:2c:64:0f:49:4e:bd:9a:6e:a0:
64:1b:36:b1:6e:b7:6f:23:51:85:d4:3a:1c:ce:15:
70:2a:66:9a:6d:28:b6:bb:66:4b:4c:2f:07:91:fa:
d1:9c:f1:21:26:6b:b3:36:b4:1f:b7:d2:36:63:58:
9a:4b:02:dd:27:ec:48:a0:6c:dd:bb:00:30:b2:3b:
ca:ea:41:7d:a7:08:cb:93:11:38:ab:45:3d:50:93:
5a:89:e5:23:1a:52:89:64:ef:f1:02:8e:d2:36:b0:
d4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:81:7B:E0:8D:D0:2A:E0:10:0A:B0:53:53:8B:FE:2E:42:CD:65:15
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1oF74I3QKuAQCrBTU4v-LkLNZRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
87.121.146.0/24
93.123.74.0/23
185.252.160.0/23
212.87.204.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:55:3c:e2:91:9c:46:63:34:26:45:1e:75:4d:88:b2:3d:64:
7a:2f:56:0f:39:ac:30:ed:57:2d:a2:e6:12:7d:09:06:d9:fb:
2e:c7:ff:70:f2:91:04:8c:fd:4d:da:69:fb:dd:73:24:10:4f:
b6:98:06:7e:c8:5e:2d:2f:f7:5b:7f:2c:82:50:6e:df:cc:16:
15:a2:cf:0b:73:51:ff:31:c3:79:98:e6:26:c1:09:07:fe:50:
e2:11:f0:57:9c:c9:ce:27:5e:71:5e:2c:5a:50:af:ac:90:7b:
f2:44:29:fa:3d:3f:8f:3d:bd:ff:96:84:94:c1:71:6a:ba:15:
0f:7e:3a:70:fc:a7:3b:83:ce:9c:fe:7f:19:65:09:46:aa:ec:
c0:aa:20:89:8c:17:18:bb:f0:4d:3d:b8:af:61:9b:53:f5:c7:
b8:81:44:39:2f:1f:ed:91:e8:9d:5f:26:22:c2:06:c0:bf:bf:
b3:48:91:38:cf:0b:06:77:50:c2:35:8f:55:20:cd:ec:71:4c:
ed:02:d7:1f:37:41:ae:25:35:17:ee:8f:88:8a:41:4e:73:5f:
8f:28:ad:7a:0d:be:31:96:73:2f:28:e5:67:1b:e5:cd:d9:a6:
be:29:8a:5c:53:99:3e:3f:43:8f:52:fb:5e:cd:23:8d:15:72:
e6:68:89:50
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFD52q+5xcx7Iw9GFPHpk8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODEyMDAwNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjgxN2JlMDhkZDAyYWUwMTAwYWIwNTM1MzhiZmUyZTQyY2Q2NTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2ZX48n2hF+Not7G0949Qk6H4ZhZ
K++rn4/t93zSyMbViN9wzarL2LeD3M8ZHLrLCZx3tyRx+d1BXvAVRrHs1+CAYAx+
eRGZ2lPxCDNYuAOBgRSnztjxU1vqPSHQ+AfSS3OeTJY7+Bc8GS5kBOsvXRwKnd8W
9rUuKuGg+7mJm3KLQH6IjomZ+UqELaF07Jj3f0r6a+eceF7fL/UsZA9JTr2abqBk
GzaxbrdvI1GF1DoczhVwKmaabSi2u2ZLTC8HkfrRnPEhJmuzNrQft9I2Y1iaSwLd
J+xIoGzduwAwsjvK6kF9pwjLkxE4q0U9UJNaieUjGlKJZO/xAo7SNrDUcQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNaBe+CN0CrgEAqwU1OL/i5CzWUVMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMW9GNzRJM1FLdUFRQ3JCVFU0di1Ma0xOWlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBV3hEAwQA
V3mSAwQBXXtKAwQBufygAwQA1FfMMA0GCSqGSIb3DQEBCwUAA4IBAQA7VTzikZxG
YzQmRR51TYiyPWR6L1YPOaww7VctouYSfQkG2fsux/9w8pEEjP1N2mn73XMkEE+2
mAZ+yF4tL/dbfyyCUG7fzBYVos8Lc1H/McN5mOYmwQkH/lDiEfBXnMnOJ15xXixa
UK+skHvyRCn6PT+PPb3/loSUwXFquhUPfjpw/Kc7g86c/n8ZZQlGquzAqiCJjBcY
u/BNPbivYZtT9ce4gUQ5Lx/tkeidXyYiwgbAv7+zSJE4zwsGd1DCNY9VIM3scUzt
AtcfN0GuJTUX7o+IikFOc1+PKK16Db4xlnMvKOVnG+XN2aa+KYpcU5k+P0OPUvte
zSONFXLmaIlQ
-----END CERTIFICATE-----
Generated at Wed Aug 14 02:00:11 2024 by rpki-client on console-fra.rpki-client.org