Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3mCHVuaf-8_6OMq-nbYOq4tdxZ8.roa
File: 3mCHVuaf-8_6OMq-nbYOq4tdxZ8.roa (raw, json)
Hash identifier: 7Dm/Uwa4tVsMtpFKaT+v5crwdVfTZTlgxvDQJsP+To8=
Subject key identifier: DE:60:87:56:E6:9F:FB:CF:FA:38:CA:BE:9D:B6:0E:AB:8B:5D:C5:9F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F9BD20A736D3B100938546F5D2E865B19
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3mCHVuaf-8_6OMq-nbYOq4tdxZ8.roa
Signing time: Tue 21 May 2024 15:43:04 +0000
ROA not before: Tue 21 May 2024 15:43:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 00:17:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:d2:0a:73:6d:3b:10:09:38:54:6f:5d:2e:86:5b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 21 15:43:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de608756e69ffbcffa38cabe9db60eab8b5dc59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:33:d8:8c:ee:d2:9a:b8:82:db:09:fc:22:80:
8c:c4:f0:d6:8a:0d:77:8e:da:f3:6b:37:36:dc:d4:
b4:65:36:58:be:68:9b:62:e6:df:cb:bb:d9:1b:1d:
31:f0:e4:69:10:f5:59:a8:f2:7b:f6:a7:fe:94:56:
ea:5c:10:05:5e:f3:6e:85:88:ee:8b:96:5b:6f:63:
36:06:39:fe:1f:f6:6f:0a:61:0b:39:be:df:22:7d:
5d:bd:f2:bd:61:90:23:3c:1d:bf:6f:97:cc:ac:0d:
d2:db:76:45:7f:1b:d1:aa:5f:cf:15:79:75:82:87:
3a:75:40:3f:66:73:80:0e:50:0b:76:7c:3d:41:b3:
3a:68:8f:2c:f8:28:2a:0b:86:21:1c:b2:80:0b:04:
64:9e:d7:b4:89:6b:c6:77:59:47:f3:36:4d:e9:9f:
db:e9:6b:5d:24:b7:b9:bb:d2:a3:34:5c:40:55:27:
82:3f:48:cb:44:01:c3:dd:11:fa:d2:55:34:c1:06:
cd:1f:b9:0d:1b:77:3b:39:2d:a6:ed:30:b7:d1:9f:
fa:23:af:65:eb:c3:e7:24:47:47:52:52:fd:64:99:
3e:1f:54:42:77:b9:9d:e5:ce:a7:be:7e:d7:a5:73:
dd:3e:1f:24:ce:9a:cc:a3:20:a2:12:dc:91:42:92:
bc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:60:87:56:E6:9F:FB:CF:FA:38:CA:BE:9D:B6:0E:AB:8B:5D:C5:9F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3mCHVuaf-8_6OMq-nbYOq4tdxZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.74.0/23
185.252.160.0/23
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:d9:2d:76:f1:62:3c:87:dc:02:a7:20:46:36:f8:f7:91:52:
d0:11:f4:b8:30:eb:00:b8:1c:1e:89:2e:91:f3:e6:43:bc:18:
27:35:f8:2e:af:f9:73:5b:ea:b7:b1:d4:88:2e:94:b7:f2:3c:
36:0b:a4:c3:9b:43:f0:7c:c5:8f:c0:af:2b:b4:ab:3c:03:40:
a1:2a:4d:a2:51:9c:55:a3:85:3e:7d:39:16:3d:3d:df:a6:20:
f8:6d:49:0f:35:2d:44:77:dd:a9:e6:3e:73:7e:5a:8c:d4:98:
0b:99:5e:e3:39:ef:8a:54:29:f0:ea:f2:fc:62:59:ad:d2:4d:
89:49:2b:fe:c9:39:37:72:5a:8a:38:ab:c9:55:73:96:fa:b6:
b9:9d:ac:0d:6e:82:37:60:be:9a:4b:71:4b:f4:41:db:cd:34:
fb:e1:ea:9b:82:a9:7d:12:5e:90:1a:62:94:2a:89:1b:4a:27:
63:f9:88:71:7a:5a:44:d1:c2:3e:38:e9:75:95:e0:6d:fb:de:
0e:94:05:db:47:a2:e4:7e:d6:ad:06:3a:59:4a:c6:bb:49:8b:
7a:29:26:22:26:2b:0a:6d:b1:66:5d:7d:08:04:2c:e4:3e:79:
d8:30:34:9d:ec:96:c1:2c:86:fe:4c:8e:16:d1:68:e7:7b:0f:
02:58:04:25
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+b0gpzbTsQCThUb10uhlsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTIxMTU0MzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTYwODc1NmU2OWZmYmNmZmEzOGNhYmU5ZGI2MGVhYjhiNWRjNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujPYjO7SmriC2wn8IoCMxPDWig13
jtrzazc23NS0ZTZYvmibYubfy7vZGx0x8ORpEPVZqPJ79qf+lFbqXBAFXvNuhYju
i5Zbb2M2Bjn+H/ZvCmELOb7fIn1dvfK9YZAjPB2/b5fMrA3S23ZFfxvRql/PFXl1
goc6dUA/ZnOADlALdnw9QbM6aI8s+CgqC4YhHLKACwRknte0iWvGd1lH8zZN6Z/b
6WtdJLe5u9KjNFxAVSeCP0jLRAHD3RH60lU0wQbNH7kNG3c7OS2m7TC30Z/6I69l
68PnJEdHUlL9ZJk+H1RCd7md5c6nvn7XpXPdPh8kzprMoyCiEtyRQpK8iQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN5gh1bmn/vP+jjKvp22DquLXcWfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM21DSFZ1YWYtOF82T01xLW5iWU9xNHRkeFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBV3hEAwQB
XXtKAwQBufygAwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQAP2S128WI8h9wCpyBG
Nvj3kVLQEfS4MOsAuBweiS6R8+ZDvBgnNfgur/lzW+q3sdSILpS38jw2C6TDm0Pw
fMWPwK8rtKs8A0ChKk2iUZxVo4U+fTkWPT3fpiD4bUkPNS1Ed92p5j5zflqM1JgL
mV7jOe+KVCnw6vL8Ylmt0k2JSSv+yTk3clqKOKvJVXOW+ra5nawNboI3YL6aS3FL
9EHbzTT74eqbgql9El6QGmKUKokbSidj+YhxelpE0cI+OOl1leBt+94OlAXbR6Lk
ftatBjpZSsa7SYt6KSYiJisKbbFmXX0IBCzkPnnYMDSd7JbBLIb+TI4W0Wjnew8C
WAQl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:57 2024 by rpki-client on console-fra.rpki-client.org