Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9mikId_sY7pvpkIpamO4DIdWWtA.roa
File: 9mikId_sY7pvpkIpamO4DIdWWtA.roa (raw, json)
Hash identifier: s3u03ipUPmWIvEkO/QUBHyrHk1xMfwGOrC4vAMbzG9c=
Subject key identifier: F6:68:A4:21:DF:EC:63:BA:6F:A6:42:29:6A:63:B8:0C:87:56:5A:D0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD06F729E3C639499889E638EBCBFB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9mikId_sY7pvpkIpamO4DIdWWtA.roa
Signing time: Tue 02 Jan 2024 06:29:37 +0000
ROA not before: Tue 02 Jan 2024 06:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207083
IP address blocks: 2.59.254.0/24 maxlen: 24
192.145.28.0/22 maxlen: 24
85.31.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 11:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:06:f7:29:e3:c6:39:49:98:89:e6:38:eb:cb:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f668a421dfec63ba6fa642296a63b80c87565ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1d:c4:87:07:f7:c9:b9:96:27:ba:5d:15:28:
1f:39:ec:37:48:2c:f7:76:9a:ec:8d:92:f8:dd:a9:
87:d9:00:e6:81:ce:4a:a9:19:8b:65:ba:1d:8a:00:
70:b3:4d:32:62:42:a0:67:fd:fb:a7:ea:4a:6d:bd:
e5:82:4e:cb:99:15:1b:3a:0f:77:53:c4:c1:e0:3c:
d6:ac:1d:d9:a6:b8:ae:da:f2:92:c7:d4:37:b5:e6:
99:a2:34:ec:aa:58:12:f1:53:c6:ff:4e:0a:93:d8:
fb:53:ae:cd:bb:5d:be:49:52:62:16:82:53:8a:75:
50:49:93:2b:24:7e:e3:ed:30:ef:2f:e0:37:d8:22:
8f:8d:ed:ea:5d:db:7e:03:e2:44:7e:da:33:65:4d:
d6:cd:f0:ad:5d:4d:c9:4d:26:cc:ad:42:3c:af:86:
4c:8b:2e:7a:bd:cf:97:fa:d2:0d:f1:0d:4e:05:dd:
f2:fc:dd:9b:57:83:1b:fb:d7:3a:d3:8d:cd:94:65:
40:4d:ec:41:a4:01:b6:8e:2a:a9:c9:63:6f:76:81:
ad:fd:5a:5d:77:f8:e9:ba:d6:8a:24:97:30:3b:31:
12:ed:6c:d1:06:6b:b8:1c:19:a4:3e:c5:a6:2b:fa:
a0:df:1c:7a:b1:7d:32:88:7c:da:bb:23:bb:2d:85:
61:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:68:A4:21:DF:EC:63:BA:6F:A6:42:29:6A:63:B8:0C:87:56:5A:D0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9mikId_sY7pvpkIpamO4DIdWWtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.254.0/24
85.31.45.0/24
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
03:80:6b:af:23:bb:90:c1:e3:86:21:91:c3:03:ee:b9:78:eb:
ff:b9:16:98:2c:5e:d7:5d:68:e0:c7:7a:23:3d:6d:ec:ee:a5:
c7:dc:33:49:2b:88:67:5e:53:9a:94:36:14:f9:c9:4b:b1:bf:
6f:99:4b:ba:3d:21:79:ad:cd:5e:3d:4b:eb:87:27:69:58:2b:
8b:5a:07:ca:af:f6:20:02:af:c0:ed:b3:1c:c6:82:18:48:7f:
b4:47:52:30:32:0b:cf:f5:fb:a8:fb:5d:c9:e3:a7:01:64:a0:
2e:28:5b:d7:4d:0d:02:6c:24:3e:1f:69:74:03:92:09:a2:2f:
bf:05:80:a2:67:fe:22:1e:5f:3d:00:39:a6:6d:bd:90:11:1e:
f5:ae:be:e1:48:ce:b9:59:ac:80:03:2b:ef:dc:df:c6:3a:64:
af:42:b4:b9:65:e1:b7:a4:d4:95:48:16:09:23:69:99:b4:e8:
60:96:95:5c:a8:a6:4d:52:5c:6a:ec:30:6e:4d:b8:76:55:9a:
ea:d3:e0:4b:bd:14:1f:cc:9a:ea:af:53:1f:4c:c6:86:07:40:
c1:fe:c1:4b:60:8c:95:86:34:58:0b:cd:c4:4c:8c:e4:82:48:
41:e5:07:63:47:12:04:39:f2:c2:e0:0a:ce:25:86:35:b8:b1:
05:c6:5c:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3Qb3KePGOUmYieY468v7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjY4YTQyMWRmZWM2M2JhNmZhNjQyMjk2YTYzYjgwYzg3NTY1YWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkx3Ehwf3ybmWJ7pdFSgfOew3SCz3
dprsjZL43amH2QDmgc5KqRmLZbodigBws00yYkKgZ/37p+pKbb3lgk7LmRUbOg93
U8TB4DzWrB3Zpriu2vKSx9Q3teaZojTsqlgS8VPG/04Kk9j7U67Nu12+SVJiFoJT
inVQSZMrJH7j7TDvL+A32CKPje3qXdt+A+JEftozZU3WzfCtXU3JTSbMrUI8r4ZM
iy56vc+X+tIN8Q1OBd3y/N2bV4Mb+9c6043NlGVATexBpAG2jiqpyWNvdoGt/Vpd
d/jputaKJJcwOzES7WzRBmu4HBmkPsWmK/qg3xx6sX0yiHzauyO7LYVhkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPZopCHf7GO6b6ZCKWpjuAyHVlrQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOW1pa0lkX3NZN3B2cGtJcGFtTzRESWRXV3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjv+AwQA
VR8tAwQCwJEcMA0GCSqGSIb3DQEBCwUAA4IBAQADgGuvI7uQweOGIZHDA+65eOv/
uRaYLF7XXWjgx3ojPW3s7qXH3DNJK4hnXlOalDYU+clLsb9vmUu6PSF5rc1ePUvr
hydpWCuLWgfKr/YgAq/A7bMcxoIYSH+0R1IwMgvP9fuo+13J46cBZKAuKFvXTQ0C
bCQ+H2l0A5IJoi+/BYCiZ/4iHl89ADmmbb2QER71rr7hSM65WayAAyvv3N/GOmSv
QrS5ZeG3pNSVSBYJI2mZtOhglpVcqKZNUlxq7DBuTbh2VZrq0+BLvRQfzJrqr1Mf
TMaGB0DB/sFLYIyVhjRYC83ETIzkgkhB5QdjRxIEOfLC4ArOJYY1uLEFxlz7
-----END CERTIFICATE-----
Generated at Tue Feb 6 15:04:15 2024 by rpki-client on console-ams.rpki-client.org