Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BQr9XHbWrtKN95rP_sbBpnLSX00.roa
File: BQr9XHbWrtKN95rP_sbBpnLSX00.roa (raw, json)
Hash identifier: OqpHJUPsL/NuHSvlxGsrn/sCIQL9ywBepUMAv7pAK08=
Subject key identifier: 05:0A:FD:5C:76:D6:AE:D2:8D:F7:9A:CF:FE:C6:C1:A6:72:D2:5F:4D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A8E38040999B1B3A843846F4F4BDEDFA2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BQr9XHbWrtKN95rP_sbBpnLSX00.roa
Signing time: Wed 13 Sep 2023 11:05:50 +0000
ROA not before: Wed 13 Sep 2023 11:05:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49217
IP address blocks: 178.215.237.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Sep 2023 08:24:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:38:04:09:99:b1:b3:a8:43:84:6f:4f:4b:de:df:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 13 11:05:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=050afd5c76d6aed28df79acffec6c1a672d25f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:73:06:63:1f:33:e1:ba:9b:c2:cb:4a:38:f2:
05:13:d8:8c:88:81:fb:dd:10:f5:4d:8b:dc:43:5c:
78:13:38:fb:c6:eb:b4:93:33:f6:a1:50:25:db:67:
81:fb:0a:5a:ce:4e:71:98:0b:63:9b:84:c2:9e:36:
ec:58:8c:8e:08:0e:58:b3:a2:0e:b9:eb:2a:5e:a1:
5b:88:33:75:4a:6d:a9:8f:e1:87:90:69:42:84:03:
05:a3:c8:33:b0:a0:92:94:33:82:44:09:93:43:13:
93:17:b5:9d:5b:f1:e1:ed:1d:76:73:8a:45:e7:f1:
0c:dd:c3:f8:b7:3f:55:91:96:cc:6a:e7:65:1b:6c:
b8:9b:f6:ad:ca:f2:2e:54:92:ee:e1:fc:d1:a3:6d:
13:c3:99:95:3e:c7:8b:91:bd:0c:69:21:c3:7a:4f:
65:84:7f:83:ee:30:06:51:7c:71:54:7b:73:e3:f3:
75:9e:31:b0:0d:72:64:f2:d5:42:d2:c8:74:6d:66:
a6:da:bb:e7:a9:e0:67:3e:07:49:28:b5:59:65:92:
38:2c:0f:64:59:81:a7:4f:ac:15:ae:76:8b:14:64:
d8:2c:d4:f9:cb:a6:3f:43:8f:d7:e9:81:ff:3a:26:
fd:b2:9e:e1:01:5b:fe:dc:13:3d:e4:20:bb:03:0d:
e2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0A:FD:5C:76:D6:AE:D2:8D:F7:9A:CF:FE:C6:C1:A6:72:D2:5F:4D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BQr9XHbWrtKN95rP_sbBpnLSX00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.33.0/24
94.156.176.0/24
178.215.237.0/24
Signature Algorithm: sha256WithRSAEncryption
33:95:5c:3f:ef:44:7f:f6:dd:de:64:fc:40:10:4e:b2:80:a8:
dd:d9:2b:db:e3:b4:fc:92:32:4f:37:8d:78:25:d5:99:a2:af:
21:66:ad:bb:d7:dd:07:59:e7:84:dc:5a:1d:dc:a9:2e:dc:20:
74:b1:0d:b9:a3:a9:40:e3:82:48:94:d6:28:0c:9b:dc:38:91:
49:17:9b:27:c2:0b:a8:9b:28:10:b3:52:f7:0c:2f:65:64:7f:
67:65:c4:ce:90:05:08:15:93:13:18:8c:89:78:59:29:1a:c8:
10:67:5f:f9:63:d3:d4:d3:da:a1:3a:50:c0:9f:ba:ce:0d:39:
b1:b9:5e:15:83:66:d1:82:40:35:4b:58:c6:99:f3:10:3c:1c:
50:63:6d:b1:22:79:d3:34:8c:96:c3:e9:bb:30:ed:b5:35:13:
c4:7f:7a:98:fe:64:67:8d:bc:47:43:f3:38:54:f9:ad:96:3b:
16:37:b4:05:99:5f:19:d3:67:a4:85:16:e3:ed:12:25:34:c4:
58:ff:a9:cd:bd:12:d7:40:99:15:d2:fd:de:29:27:0f:a7:ee:
1a:5a:b3:e7:02:6e:b1:ea:a1:5d:3f:a0:d3:dd:46:f1:07:9b:
50:d7:da:bb:46:59:42:04:60:9f:41:e6:f6:c0:68:d0:83:ca:
b4:d9:7b:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqOOAQJmbGzqEOEb09L3t+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTEzMTEwNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTBhZmQ1Yzc2ZDZhZWQyOGRmNzlhY2ZmZWM2YzFhNjcyZDI1ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HMGYx8z4bqbwstKOPIFE9iMiIH7
3RD1TYvcQ1x4Ezj7xuu0kzP2oVAl22eB+wpazk5xmAtjm4TCnjbsWIyOCA5Ys6IO
uesqXqFbiDN1Sm2pj+GHkGlChAMFo8gzsKCSlDOCRAmTQxOTF7WdW/Hh7R12c4pF
5/EM3cP4tz9VkZbMaudlG2y4m/atyvIuVJLu4fzRo20Tw5mVPseLkb0MaSHDek9l
hH+D7jAGUXxxVHtz4/N1njGwDXJk8tVC0sh0bWam2rvnqeBnPgdJKLVZZZI4LA9k
WYGnT6wVrnaLFGTYLNT5y6Y/Q4/X6YH/Oib9sp7hAVv+3BM95CC7Aw3i4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAUK/Vx21q7Sjfeaz/7GwaZy0l9NMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQlFyOVhIYldydEtOOTVyUF9zYkJwbkxTWDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV3ghAwQA
XpywAwQAstftMA0GCSqGSIb3DQEBCwUAA4IBAQAzlVw/70R/9t3eZPxAEE6ygKjd
2Svb47T8kjJPN414JdWZoq8hZq27190HWeeE3Fod3Kku3CB0sQ25o6lA44JIlNYo
DJvcOJFJF5snwguomygQs1L3DC9lZH9nZcTOkAUIFZMTGIyJeFkpGsgQZ1/5Y9PU
09qhOlDAn7rODTmxuV4Vg2bRgkA1S1jGmfMQPBxQY22xInnTNIyWw+m7MO21NRPE
f3qY/mRnjbxHQ/M4VPmtljsWN7QFmV8Z02ekhRbj7RIlNMRY/6nNvRLXQJkV0v3e
KScPp+4aWrPnAm6x6qFdP6DT3UbxB5tQ19q7RllCBGCfQeb2wGjQg8q02Xsl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:26 2024 by rpki-client on console-ams.rpki-client.org