Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/33RtuLHBjl991Md3InZxjrHtesM.roa
File: 33RtuLHBjl991Md3InZxjrHtesM.roa (raw, json)
Hash identifier: Cs5X/88g8qEoyAtsbEs7mQKObZyKEqt0tM6LsfMvFgI=
Subject key identifier: DF:74:6D:B8:B1:C1:8E:5F:7D:D4:C7:77:22:76:71:8E:B1:ED:7A:C3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FF0A1359063957C9C2F6C6862AD008022
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/33RtuLHBjl991Md3InZxjrHtesM.roa
Signing time: Fri 07 Jun 2024 02:57:27 +0000
ROA not before: Fri 07 Jun 2024 02:57:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
185.252.163.0/24 maxlen: 24
193.148.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Jun 2024 00:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f0:a1:35:90:63:95:7c:9c:2f:6c:68:62:ad:00:80:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 7 02:57:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df746db8b1c18e5f7dd4c7772276718eb1ed7ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d5:1d:ed:50:99:81:79:e7:c0:44:8e:bf:15:
f3:4c:25:a9:df:53:be:9d:b3:b1:83:6a:05:10:1d:
d0:5f:5d:86:cd:5c:aa:a2:34:2e:3d:3b:1a:f9:7a:
1d:b4:55:93:49:93:2d:79:b2:f0:07:23:60:d9:02:
c2:75:b5:48:23:44:e1:26:41:4f:15:f5:b8:c2:5a:
94:b1:6a:16:14:99:a7:ea:23:81:09:a6:4c:6f:c9:
8b:9d:47:87:30:28:61:fe:3d:2d:e0:34:0a:7c:b9:
1a:00:7d:e6:30:bc:92:b1:6e:24:e3:c9:3f:de:af:
ee:69:45:da:03:ca:8d:10:57:e1:6b:4e:f2:15:ee:
ea:da:4a:29:2d:d0:c2:b8:3c:21:2b:9d:1d:3d:03:
93:85:da:a8:25:a1:b5:b4:fe:34:79:0f:78:5a:c3:
d9:b2:3d:59:ba:07:3e:6b:ea:28:51:1c:c5:15:ca:
df:6a:aa:88:ef:77:29:74:21:7a:5c:1e:49:d0:0e:
d8:8b:0d:cd:4a:b4:92:32:9e:f0:db:65:0a:f8:9a:
23:bf:b0:52:28:5c:8d:74:ae:0d:7a:43:bf:12:1e:
7a:15:26:4e:97:d3:17:b3:a3:9f:da:68:03:3a:c2:
f7:8a:de:0e:fb:68:23:3f:1e:a5:7f:4a:ea:12:bd:
e3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:74:6D:B8:B1:C1:8E:5F:7D:D4:C7:77:22:76:71:8E:B1:ED:7A:C3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/33RtuLHBjl991Md3InZxjrHtesM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.119.0/24
185.252.160.0/23
185.252.163.0/24
193.148.253.0/24
Signature Algorithm: sha256WithRSAEncryption
73:f1:1c:ca:aa:9e:0f:ae:91:15:89:98:50:e1:6c:31:f3:1d:
6b:9c:58:58:bd:8e:0e:9b:fe:a8:7d:01:7f:9a:50:82:33:8b:
3b:d9:f4:d8:04:eb:b3:ab:2a:14:e8:c9:38:49:63:7a:25:01:
10:45:5e:d9:10:b9:ff:4f:7e:52:fb:00:48:22:93:99:d9:01:
a2:77:64:bd:4f:18:5c:82:d2:eb:70:a3:9a:2d:48:97:cf:93:
23:80:9f:2f:93:b4:e4:1d:f3:9e:5b:e5:2a:24:5c:42:c2:6a:
c2:10:3c:ac:bc:4d:bc:de:e4:4b:69:ef:fc:53:a3:37:cf:ef:
fe:d1:3a:e2:83:5d:dc:c7:65:01:b7:c5:86:d1:73:f2:45:df:
0c:23:4a:be:10:ae:b6:b8:1f:a4:61:7e:7f:fd:1c:dc:57:83:
e6:fd:d7:a9:5c:88:a7:9d:2b:1c:c5:38:91:3a:eb:b3:4c:08:
78:f9:60:b7:cb:10:0b:57:6e:79:68:24:63:5f:42:3a:04:80:
22:b3:2d:7d:bd:a4:d2:5d:c1:e7:a6:a8:41:9f:4b:a9:98:3a:
c5:a7:ee:d0:2e:fe:ed:83:62:01:a2:e2:54:d9:33:9d:e0:d1:
1d:ff:06:8c:df:ea:10:50:cc:5b:34:e9:6e:e5:96:8c:74:af:
e0:18:fc:12
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY/woTWQY5V8nC9saGKtAIAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjA3MDI1NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjc0NmRiOGIxYzE4ZTVmN2RkNGM3NzcyMjc2NzE4ZWIxZWQ3YWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdUd7VCZgXnnwESOvxXzTCWp31O+
nbOxg2oFEB3QX12GzVyqojQuPTsa+XodtFWTSZMtebLwByNg2QLCdbVII0ThJkFP
FfW4wlqUsWoWFJmn6iOBCaZMb8mLnUeHMChh/j0t4DQKfLkaAH3mMLySsW4k48k/
3q/uaUXaA8qNEFfha07yFe7q2kopLdDCuDwhK50dPQOThdqoJaG1tP40eQ94WsPZ
sj1Zugc+a+ooURzFFcrfaqqI73cpdCF6XB5J0A7Yiw3NSrSSMp7w22UK+Jojv7BS
KFyNdK4NekO/Eh56FSZOl9MXs6Of2mgDOsL3it4O+2gjPx6lf0rqEr3jrQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN90bbixwY5ffdTHdyJ2cY6x7XrDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMzNSdHVMSEJqbDk5MU1kM0luWnhqckh0ZXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBV3hEAwQA
XXt3AwQBufygAwQAufyjAwQAwZT9MA0GCSqGSIb3DQEBCwUAA4IBAQBz8RzKqp4P
rpEViZhQ4Wwx8x1rnFhYvY4Om/6ofQF/mlCCM4s72fTYBOuzqyoU6Mk4SWN6JQEQ
RV7ZELn/T35S+wBIIpOZ2QGid2S9TxhcgtLrcKOaLUiXz5MjgJ8vk7TkHfOeW+Uq
JFxCwmrCEDysvE283uRLae/8U6M3z+/+0Trig13cx2UBt8WG0XPyRd8MI0q+EK62
uB+kYX5//RzcV4Pm/depXIinnSscxTiROuuzTAh4+WC3yxALV255aCRjX0I6BIAi
sy19vaTSXcHnpqhBn0upmDrFp+7QLv7tg2IBouJU2TOd4NEd/waM3+oQUMxbNOlu
5ZaMdK/gGPwS
-----END CERTIFICATE-----
Generated at Thu Jun 13 01:11:13 2024 by rpki-client on console-fra.rpki-client.org