Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6pW-lg6klMoDgkT1b_IdWOxyKMA.roa
File: 6pW-lg6klMoDgkT1b_IdWOxyKMA.roa (raw, json)
Hash identifier: KAehNv5JxNjECOwOpdK6bcqsvBRjvtbyvBsw6qbee/U=
Subject key identifier: EA:95:BE:96:0E:A4:94:CA:03:82:44:F5:6F:F2:1D:58:EC:72:28:C0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01917DF34E4F01C0423A5F91D251AF735788
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6pW-lg6klMoDgkT1b_IdWOxyKMA.roa
Signing time: Fri 23 Aug 2024 06:36:22 +0000
ROA not before: Fri 23 Aug 2024 06:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 05:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7d:f3:4e:4f:01:c0:42:3a:5f:91:d2:51:af:73:57:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 23 06:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea95be960ea494ca038244f56ff21d58ec7228c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5f:84:66:43:43:68:03:31:f1:2a:e1:70:01:
27:1f:42:5a:41:ab:f4:6b:c1:c4:f8:db:2b:30:64:
e5:5f:b8:e5:41:4e:ca:4d:dc:da:7d:9f:7f:f8:54:
6e:60:9b:8d:86:53:62:98:5e:e3:90:f7:d0:41:c1:
eb:5e:bc:02:eb:d9:43:4b:cc:8a:6e:0b:2d:90:bb:
6b:99:8d:36:93:43:02:69:7b:43:d2:cd:6a:31:aa:
16:97:4f:e6:14:82:2b:42:64:45:02:ad:b3:26:05:
c3:48:6c:4c:e3:d0:83:da:2a:54:82:f1:7a:32:4a:
eb:37:6d:e6:93:7e:90:72:0c:cc:8f:e0:79:6f:8c:
b2:ca:53:69:6e:6f:87:3a:39:af:f1:7d:85:3d:67:
65:2f:99:62:d2:d3:3e:28:e9:9d:6b:b4:57:72:e5:
45:81:73:47:7d:e7:6b:aa:03:a9:7f:c4:e8:b2:f6:
bc:75:a8:30:f5:b9:6c:1c:1a:80:29:79:5c:c5:0f:
5c:79:62:2e:46:36:72:c1:f6:e7:b7:8d:96:96:cf:
03:eb:dd:7e:ee:86:f3:d3:cc:d3:74:d7:4b:b9:ba:
5b:64:ed:3d:ff:34:e0:f5:7c:a9:25:ac:9d:40:40:
8a:62:c7:be:f5:e8:c8:86:ce:9a:43:7a:8a:a8:9f:
4e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:95:BE:96:0E:A4:94:CA:03:82:44:F5:6F:F2:1D:58:EC:72:28:C0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6pW-lg6klMoDgkT1b_IdWOxyKMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:9a:0b:14:1f:5f:9b:2d:15:2a:cf:98:27:60:c5:37:b7:5f:
fd:b7:0a:68:cd:fe:5c:dc:c8:20:63:ba:67:b4:ef:ff:db:41:
da:bb:3c:af:45:62:ed:06:df:17:2f:0a:cb:4b:1e:ca:49:38:
96:ce:e5:cb:74:c6:ae:1e:f3:8d:3c:e0:c9:f4:93:97:53:1f:
e7:04:6a:a1:70:57:5d:7b:43:4c:b9:4a:f8:5c:5b:c1:f4:41:
cf:94:7d:c5:65:61:7a:0a:f4:a3:41:36:3a:49:31:f7:84:d8:
22:76:bc:92:70:c1:b6:32:70:1d:39:b4:07:01:67:88:3c:87:
9f:e1:e2:f4:f7:aa:65:be:73:9d:9b:b6:4f:64:ca:37:72:bb:
cf:c6:dc:9f:80:2f:fe:62:49:a5:ea:22:30:4b:40:a4:48:54:
95:6d:cf:03:af:54:2c:94:07:b2:e9:a0:cb:0c:06:e0:a7:a4:
18:75:3b:b6:08:71:ae:25:9a:f0:71:28:84:62:7f:fb:66:f7:
8c:bc:cd:99:97:23:b6:95:50:e0:4a:c5:b0:f9:3d:19:38:6e:
2b:14:bc:05:06:37:3f:45:13:cf:1e:b2:ca:23:82:27:c8:6b:
da:42:5a:1f:da:b9:6d:72:a3:9c:77:13:9c:22:20:cd:80:ac:
0f:6f:0b:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZF9805PAcBCOl+R0lGvc1eIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODIzMDYzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTk1YmU5NjBlYTQ5NGNhMDM4MjQ0ZjU2ZmYyMWQ1OGVjNzIyOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF+EZkNDaAMx8SrhcAEnH0JaQav0
a8HE+NsrMGTlX7jlQU7KTdzafZ9/+FRuYJuNhlNimF7jkPfQQcHrXrwC69lDS8yK
bgstkLtrmY02k0MCaXtD0s1qMaoWl0/mFIIrQmRFAq2zJgXDSGxM49CD2ipUgvF6
MkrrN23mk36QcgzMj+B5b4yyylNpbm+HOjmv8X2FPWdlL5li0tM+KOmda7RXcuVF
gXNHfedrqgOpf8Tosva8dagw9blsHBqAKXlcxQ9ceWIuRjZywfbnt42Wls8D691+
7obz08zTdNdLubpbZO09/zTg9XypJaydQECKYse+9ejIhs6aQ3qKqJ9OUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOqVvpYOpJTKA4JE9W/yHVjscijAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNnBXLWxnNmtsTW9EZ2tUMWJfSWRXT3h5S01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBV3hEAwQB
XXtKAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQBMmgsUH1+bLRUqz5gnYMU3t1/9
twpozf5c3MggY7pntO//20HauzyvRWLtBt8XLwrLSx7KSTiWzuXLdMauHvONPODJ
9JOXUx/nBGqhcFdde0NMuUr4XFvB9EHPlH3FZWF6CvSjQTY6STH3hNgidryScMG2
MnAdObQHAWeIPIef4eL096plvnOdm7ZPZMo3crvPxtyfgC/+Ykml6iIwS0CkSFSV
bc8Dr1QslAey6aDLDAbgp6QYdTu2CHGuJZrwcSiEYn/7ZveMvM2ZlyO2lVDgSsWw
+T0ZOG4rFLwFBjc/RRPPHrLKI4InyGvaQlof2rltcqOcdxOcIiDNgKwPbwu7
-----END CERTIFICATE-----
Generated at Thu Aug 29 08:34:02 2024 by rpki-client on console-ams.rpki-client.org