Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/26qPHn4BThea8hPpywYNxf0h7c4.roa
File: 26qPHn4BThea8hPpywYNxf0h7c4.roa (raw, json)
Hash identifier: JJ5diNkWXO3PHf5Z3ZI+MXPXtP1SNvx0d5kd10nTVi0=
Subject key identifier: DB:AA:8F:1E:7E:01:4E:17:9A:F2:13:E9:CB:06:0D:C5:FD:21:ED:CE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCF3B1DF5E517409ECD6E3C0D53975
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/26qPHn4BThea8hPpywYNxf0h7c4.roa
Signing time: Tue 02 Jan 2024 06:29:32 +0000
ROA not before: Tue 02 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60539
IP address blocks: 87.121.162.0/24 maxlen: 24
94.156.177.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:f3:b1:df:5e:51:74:09:ec:d6:e3:c0:d5:39:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbaa8f1e7e014e179af213e9cb060dc5fd21edce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:18:2b:f8:1f:f0:1f:99:09:ea:2b:08:0c:b5:
12:9b:2b:1f:41:d1:63:96:9b:28:52:d1:b5:af:7c:
08:e0:d3:1c:e4:fd:f9:d0:81:1c:6e:e6:01:95:04:
46:24:8e:69:e1:6c:a2:a0:23:43:68:f5:13:65:94:
4a:67:dd:4d:ce:7b:ab:9e:e0:1e:0c:a4:9a:2c:8e:
cc:9d:dc:85:4f:61:82:ed:fc:bb:fc:f8:98:23:9f:
bc:4b:2e:8a:af:e4:79:d8:4e:7a:b3:a1:03:4d:9e:
b8:4e:8e:2f:0d:3d:b4:e8:ba:21:96:78:af:d8:08:
1f:07:84:7f:a3:6d:3a:47:ac:5a:8f:6d:b9:b2:a1:
47:be:9e:61:9f:aa:56:53:37:fc:a1:be:03:ab:1f:
20:9a:8e:21:71:8e:2b:a6:4b:4c:df:a8:17:34:eb:
dd:bd:98:2a:8c:81:a1:6c:2f:d8:1c:b1:f6:61:2f:
40:37:c6:49:c5:58:69:2e:7c:6c:c4:fd:39:73:25:
cf:66:68:03:67:38:20:c8:99:66:24:4d:00:36:08:
77:bc:54:26:3a:41:33:ab:27:91:e2:da:2e:6f:3a:
96:1e:95:e6:59:cf:c8:4e:14:31:2e:ed:d0:d1:df:
a6:9b:4b:09:0d:3f:71:a1:9f:ed:67:08:dd:13:80:
0e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:AA:8F:1E:7E:01:4E:17:9A:F2:13:E9:CB:06:0D:C5:FD:21:ED:CE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/26qPHn4BThea8hPpywYNxf0h7c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.89.0/24
87.121.162.0/24
94.156.177.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:f0:1b:9c:1f:72:71:72:05:53:a2:6d:87:bb:8e:85:98:4e:
4c:7e:b2:ab:0b:8f:ee:e9:35:31:45:47:b1:85:d2:1a:38:5d:
76:c9:9e:57:82:11:65:97:d4:dc:dd:fb:7b:a5:00:aa:9f:64:
16:c7:3f:ae:f6:04:2d:f4:be:b0:6d:35:93:e6:7f:8d:77:04:
56:f6:d2:55:f7:42:f6:0f:a2:fc:0d:45:da:c4:fe:c7:e3:e9:
36:88:cb:aa:1d:ee:af:43:39:1b:b6:32:d1:a5:30:b4:2b:c9:
d9:cb:a1:c4:f5:92:a2:25:5f:c8:14:d5:96:1f:e6:48:8d:e4:
67:80:cf:88:aa:2c:35:75:5e:28:80:5f:f8:6f:77:a6:3a:41:
62:2d:28:6d:24:81:b7:50:56:f9:b9:5d:14:13:79:88:cb:fd:
e3:a0:ef:a8:43:7c:a1:77:2c:fb:0d:51:a9:17:5a:8b:84:d3:
30:a4:bb:6a:7b:cf:c7:8f:03:80:21:ef:85:71:a7:b3:a4:c1:
3d:6d:83:aa:5b:db:9f:a9:63:53:27:4e:a9:7c:58:5e:ca:de:
0a:98:58:b0:c3:fd:19:e9:b6:11:34:35:d5:4e:94:cb:c1:0e:
5b:ab:c5:f8:ae:e7:fa:ca:92:db:dd:00:14:4e:7b:13:2d:54:
25:be:b1:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3POx315RdAns1uPA1Tl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmFhOGYxZTdlMDE0ZTE3OWFmMjEzZTljYjA2MGRjNWZkMjFlZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBgr+B/wH5kJ6isIDLUSmysfQdFj
lpsoUtG1r3wI4NMc5P350IEcbuYBlQRGJI5p4WyioCNDaPUTZZRKZ91NznurnuAe
DKSaLI7MndyFT2GC7fy7/PiYI5+8Sy6Kr+R52E56s6EDTZ64To4vDT206Lohlniv
2AgfB4R/o206R6xaj225sqFHvp5hn6pWUzf8ob4Dqx8gmo4hcY4rpktM36gXNOvd
vZgqjIGhbC/YHLH2YS9AN8ZJxVhpLnxsxP05cyXPZmgDZzggyJlmJE0ANgh3vFQm
OkEzqyeR4toubzqWHpXmWc/IThQxLu3Q0d+mm0sJDT9xoZ/tZwjdE4AODwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNuqjx5+AU4XmvIT6csGDcX9Ie3OMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMjZxUEhuNEJUaGVhOGhQcHl3WU54ZjBoN2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVRZAwQA
V3miAwQAXpyxMA0GCSqGSIb3DQEBCwUAA4IBAQCb8BucH3JxcgVTom2Hu46FmE5M
frKrC4/u6TUxRUexhdIaOF12yZ5XghFll9Tc3ft7pQCqn2QWxz+u9gQt9L6wbTWT
5n+NdwRW9tJV90L2D6L8DUXaxP7H4+k2iMuqHe6vQzkbtjLRpTC0K8nZy6HE9ZKi
JV/IFNWWH+ZIjeRngM+Iqiw1dV4ogF/4b3emOkFiLShtJIG3UFb5uV0UE3mIy/3j
oO+oQ3yhdyz7DVGpF1qLhNMwpLtqe8/HjwOAIe+FcaezpME9bYOqW9ufqWNTJ06p
fFheyt4KmFiww/0Z6bYRNDXVTpTLwQ5bq8X4ruf6ypLb3QAUTnsTLVQlvrFt
-----END CERTIFICATE-----
Generated at Fri Jan 5 08:48:37 2024 by rpki-client on console-ams.rpki-client.org