Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9Fm09NzJrf4Oa1OfRvdFIa1xnNA.roa
File: 9Fm09NzJrf4Oa1OfRvdFIa1xnNA.roa (raw, json)
Hash identifier: dAQfdP0q7T6F5WuJMcOnC2jYk5JG2N6vny4DKKrE9FA=
Subject key identifier: F4:59:B4:F4:DC:C9:AD:FE:0E:6B:53:9F:46:F7:45:21:AD:71:9C:D0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190063C0487402925F01C72D7609C7A4DB0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9Fm09NzJrf4Oa1OfRvdFIa1xnNA.roa
Signing time: Tue 11 Jun 2024 07:38:34 +0000
ROA not before: Tue 11 Jun 2024 07:38:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208287
IP address blocks: 84.21.173.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jun 2024 10:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:3c:04:87:40:29:25:f0:1c:72:d7:60:9c:7a:4d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 11 07:38:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f459b4f4dcc9adfe0e6b539f46f74521ad719cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ec:df:bb:b4:de:58:09:76:ef:38:00:0e:6f:
86:19:fc:a5:cd:91:5e:20:7b:bc:99:19:c1:d2:bb:
4c:ae:aa:a0:4d:03:0c:35:22:ce:45:81:86:70:fd:
7c:55:41:f9:41:cc:55:53:db:c3:aa:d8:1d:94:48:
bc:34:8d:ef:99:98:88:63:b5:6a:01:4d:f7:66:49:
6b:98:95:fb:3b:10:cb:b4:38:c7:d1:95:cc:52:97:
80:f3:37:62:19:6f:d4:c9:2e:e5:8a:f8:79:ad:15:
49:57:af:44:dd:50:e0:29:89:03:23:32:fc:61:3b:
88:6b:a0:1b:cc:fa:66:13:d2:97:23:2c:dd:80:ff:
95:e1:42:9a:6c:2a:93:17:86:8b:03:60:e4:9c:38:
c0:bc:3c:1f:55:d5:e5:37:2e:6e:3c:cb:23:0a:5d:
6d:b5:4a:d5:b1:79:a5:47:d5:8e:79:45:5b:47:f4:
34:78:7f:f0:93:0f:44:5c:77:b6:44:74:6b:a0:21:
1d:46:d3:69:cf:ce:57:ab:75:ed:d3:d3:d8:6e:80:
1a:fd:40:6c:a9:cf:95:66:ad:54:3f:4c:08:f5:de:
0c:e7:f6:a3:c4:40:8e:85:1a:80:18:8b:af:c2:e7:
dd:57:36:19:10:90:fe:4c:65:51:c0:74:d6:c8:d2:
84:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:59:B4:F4:DC:C9:AD:FE:0E:6B:53:9F:46:F7:45:21:AD:71:9C:D0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9Fm09NzJrf4Oa1OfRvdFIa1xnNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.173.0/24
185.222.160.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:61:84:8a:aa:ac:2a:3d:2a:d4:5f:4a:a7:68:10:d2:27:c6:
f9:88:e3:f8:1a:8c:38:3b:27:cc:8c:f8:77:7f:70:d0:8d:38:
16:f2:9e:f8:49:46:bc:76:5b:33:22:0c:30:2f:b2:4c:5d:2f:
74:00:80:e9:21:7e:90:72:0d:0d:3e:cd:f3:25:a9:82:bc:ad:
c3:91:d2:39:64:20:4b:3a:2c:7e:d6:06:fd:2a:06:74:60:95:
65:77:a7:34:7e:fb:94:29:85:b1:fa:35:92:80:ee:49:3f:6d:
a1:cb:91:ed:e6:68:e1:0d:fc:34:1e:3f:26:ac:36:18:1e:cd:
d8:75:b2:cb:29:fa:d4:e0:63:35:08:75:75:fb:60:ed:8a:9f:
d0:c5:2c:b1:cb:90:20:2e:6f:bf:fb:57:05:15:f9:cc:c1:77:
4e:11:7c:4e:37:59:ef:8b:86:9a:6c:49:fa:ae:90:6b:e8:c9:
cb:ea:85:36:d8:17:5d:ef:c8:99:80:59:6e:1b:f8:e3:8f:50:
a0:ca:83:c9:a8:52:94:dd:6a:7d:64:fa:32:db:48:23:53:3f:
23:cf:81:54:12:b6:f0:36:dc:8b:56:60:b0:d7:ed:19:69:88:
24:84:da:a2:50:6a:68:df:1b:d6:af:5f:d0:b1:ed:d3:2e:3e:
06:d0:2c:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAGPASHQCkl8Bxy12Ccek2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjExMDczODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU5YjRmNGRjYzlhZGZlMGU2YjUzOWY0NmY3NDUyMWFkNzE5Y2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+zfu7TeWAl27zgADm+GGfylzZFe
IHu8mRnB0rtMrqqgTQMMNSLORYGGcP18VUH5QcxVU9vDqtgdlEi8NI3vmZiIY7Vq
AU33ZklrmJX7OxDLtDjH0ZXMUpeA8zdiGW/UyS7livh5rRVJV69E3VDgKYkDIzL8
YTuIa6AbzPpmE9KXIyzdgP+V4UKabCqTF4aLA2DknDjAvDwfVdXlNy5uPMsjCl1t
tUrVsXmlR9WOeUVbR/Q0eH/wkw9EXHe2RHRroCEdRtNpz85Xq3Xt09PYboAa/UBs
qc+VZq1UP0wI9d4M5/ajxECOhRqAGIuvwufdVzYZEJD+TGVRwHTWyNKEuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPRZtPTcya3+DmtTn0b3RSGtcZzQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOUZtMDlOekpyZjRPYTFPZlJ2ZEZJYTF4bk5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVBWtAwQA
ud6gMA0GCSqGSIb3DQEBCwUAA4IBAQBrYYSKqqwqPSrUX0qnaBDSJ8b5iOP4Gow4
OyfMjPh3f3DQjTgW8p74SUa8dlszIgwwL7JMXS90AIDpIX6Qcg0NPs3zJamCvK3D
kdI5ZCBLOix+1gb9KgZ0YJVld6c0fvuUKYWx+jWSgO5JP22hy5Ht5mjhDfw0Hj8m
rDYYHs3YdbLLKfrU4GM1CHV1+2Dtip/QxSyxy5AgLm+/+1cFFfnMwXdOEXxON1nv
i4aabEn6rpBr6MnL6oU22Bdd78iZgFluG/jjj1CgyoPJqFKU3Wp9ZPoy20gjUz8j
z4FUErbwNtyLVmCw1+0ZaYgkhNqiUGpo3xvWr1/Qse3TLj4G0Cwl
-----END CERTIFICATE-----
Generated at Wed Jun 12 13:31:49 2024 by rpki-client on console-fra.rpki-client.org