Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5DiFEttFXqO3P7vHJtisk-qrGO0.roa
File: 5DiFEttFXqO3P7vHJtisk-qrGO0.roa (raw, json)
Hash identifier: evsfT+qGrTyEsvUZoOkIPRyFUgWJv3AEfZe25EKXK5E=
Subject key identifier: E4:38:85:12:DB:45:5E:A3:B7:3F:BB:C7:26:D8:AC:93:EA:AB:18:ED
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01903D4B799D40E5DDB176088C7F2BF35770
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5DiFEttFXqO3P7vHJtisk-qrGO0.roa
Signing time: Sat 22 Jun 2024 00:14:34 +0000
ROA not before: Sat 22 Jun 2024 00:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 79.110.48.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Jun 2024 00:13:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3d:4b:79:9d:40:e5:dd:b1:76:08:8c:7f:2b:f3:57:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 22 00:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4388512db455ea3b73fbbc726d8ac93eaab18ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3b:26:9e:44:9c:e7:b7:43:05:ec:a8:7c:45:
ea:60:e8:fc:78:3a:29:09:2c:a3:3a:3c:cb:ed:44:
3a:a0:1b:06:a3:c4:96:a6:0b:19:8d:db:8a:78:ce:
18:c1:59:9b:b1:f4:a5:0a:ba:80:dc:85:f4:b8:5f:
41:d3:62:69:5f:1e:97:71:dc:0f:c9:a5:b3:04:fd:
51:8e:7a:bb:5e:37:00:51:56:7d:ac:bd:7e:46:ad:
02:10:88:06:f9:45:34:97:92:fc:e1:49:1f:4e:38:
8e:3f:8c:e4:a7:1f:ee:37:e7:e8:10:36:69:32:60:
92:97:06:d7:c5:69:dd:45:03:73:47:f7:1f:29:0d:
71:1b:82:f0:a8:96:74:ae:e3:4a:4a:c5:62:67:2f:
4c:cd:70:a9:17:db:ca:aa:85:08:ab:04:4b:fe:92:
b7:03:74:65:97:b2:8d:04:2a:89:54:cd:36:d1:87:
68:fa:c8:ff:47:f3:6c:d8:56:ff:44:ca:26:88:be:
ec:58:d5:69:d3:5c:6c:3a:87:61:03:8c:79:27:8a:
ea:65:e9:9e:10:32:0f:aa:60:1b:ae:72:26:45:a5:
44:9d:3f:07:44:92:d7:9b:33:31:a2:ae:f6:f4:74:
50:93:eb:26:a0:af:7b:11:3a:a2:06:c0:26:60:90:
49:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:38:85:12:DB:45:5E:A3:B7:3F:BB:C7:26:D8:AC:93:EA:AB:18:ED
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5DiFEttFXqO3P7vHJtisk-qrGO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.48.0/24
87.120.68.0/23
93.123.119.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:bb:db:db:b0:03:d6:ac:d2:0c:df:8e:1e:67:fb:29:ad:3e:
b2:f4:7a:36:02:96:99:fe:be:90:54:92:9a:b6:94:b2:fb:7d:
14:c7:c0:82:fe:d8:b3:b6:cc:a8:47:85:cd:3a:fc:cf:f3:be:
1d:02:12:4c:31:c2:6d:d1:e0:df:8c:37:5f:17:74:f2:dd:a2:
8c:a3:37:7e:40:60:31:7a:36:d9:42:16:81:1a:63:86:ae:dc:
1f:32:9c:6d:24:95:02:5c:06:01:0c:1a:45:13:c8:38:3e:f3:
98:a1:be:4f:02:45:28:d8:f4:11:7f:fc:31:db:48:62:a7:6b:
4c:2c:60:25:3b:5f:9d:bc:0b:b0:43:48:da:35:9b:fb:34:bd:
93:a7:06:86:f2:f8:77:8e:00:16:30:87:c1:6e:e0:6b:c8:ea:
52:99:7a:99:6c:ba:07:4b:ca:31:a6:8f:f0:8e:ad:9b:2f:68:
25:aa:90:f7:4c:e8:5d:17:71:5e:54:35:aa:bc:e5:26:67:8a:
58:48:51:1e:c2:b9:49:77:0c:b6:e0:0e:e2:84:84:e0:ed:bf:
57:69:71:a7:c8:c3:82:0a:00:89:30:02:b3:ce:91:9f:18:34:
00:33:c3:aa:24:39:a9:e1:91:7d:33:cd:60:54:fb:51:cf:1d:
6a:67:f7:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZA9S3mdQOXdsXYIjH8r81dwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjIyMDAxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDM4ODUxMmRiNDU1ZWEzYjczZmJiYzcyNmQ4YWM5M2VhYWIxOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjsmnkSc57dDBeyofEXqYOj8eDop
CSyjOjzL7UQ6oBsGo8SWpgsZjduKeM4YwVmbsfSlCrqA3IX0uF9B02JpXx6XcdwP
yaWzBP1Rjnq7XjcAUVZ9rL1+Rq0CEIgG+UU0l5L84UkfTjiOP4zkpx/uN+foEDZp
MmCSlwbXxWndRQNzR/cfKQ1xG4LwqJZ0ruNKSsViZy9MzXCpF9vKqoUIqwRL/pK3
A3Rll7KNBCqJVM020Ydo+sj/R/Ns2Fb/RMomiL7sWNVp01xsOodhA4x5J4rqZeme
EDIPqmAbrnImRaVEnT8HRJLXmzMxoq729HRQk+smoK97ETqiBsAmYJBJhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOQ4hRLbRV6jtz+7xybYrJPqqxjtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNURpRkV0dEZYcU8zUDd2SEp0aXNrLXFyR08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT24wAwQB
V3hEAwQAXXt3AwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQCeu9vbsAPWrNIM344e
Z/sprT6y9Ho2ApaZ/r6QVJKatpSy+30Ux8CC/tiztsyoR4XNOvzP874dAhJMMcJt
0eDfjDdfF3Ty3aKMozd+QGAxejbZQhaBGmOGrtwfMpxtJJUCXAYBDBpFE8g4PvOY
ob5PAkUo2PQRf/wx20hip2tMLGAlO1+dvAuwQ0jaNZv7NL2TpwaG8vh3jgAWMIfB
buBryOpSmXqZbLoHS8oxpo/wjq2bL2glqpD3TOhdF3FeVDWqvOUmZ4pYSFEewrlJ
dwy24A7ihITg7b9XaXGnyMOCCgCJMAKzzpGfGDQAM8OqJDmp4ZF9M81gVPtRzx1q
Z/ee
-----END CERTIFICATE-----
Generated at Fri Jun 28 02:20:19 2024 by rpki-client on console-ams.rpki-client.org