Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CDfW9DpgB6AsgYiw0uXCzYfj1oo.roa
File: CDfW9DpgB6AsgYiw0uXCzYfj1oo.roa (raw, json)
Hash identifier: Y+BtKntjUEhgxSUJp8VBzpf/1RbU8x4xDBrstPAFK2k=
Subject key identifier: 08:37:D6:F4:3A:60:07:A0:2C:81:88:B0:D2:E5:C2:CD:87:E3:D6:8A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FD87354FC69188BCB31D4B19C2A87DED9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CDfW9DpgB6AsgYiw0uXCzYfj1oo.roa
Signing time: Sun 02 Jun 2024 10:16:27 +0000
ROA not before: Sun 02 Jun 2024 10:16:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
185.252.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 02:57:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d8:73:54:fc:69:18:8b:cb:31:d4:b1:9c:2a:87:de:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 2 10:16:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0837d6f43a6007a02c8188b0d2e5c2cd87e3d68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:eb:9c:d2:34:c6:8a:6c:e4:a0:b9:64:5a:ba:
ec:dd:0c:71:b5:d9:c6:40:ca:13:b4:b9:9e:02:ec:
e9:9d:aa:b7:25:86:0a:f6:ad:f0:58:fb:fd:a5:ff:
03:9e:53:26:cd:55:1f:91:09:cb:56:76:4c:5f:22:
97:20:f9:85:06:22:b2:16:b5:cd:3c:b1:54:ca:c0:
64:9b:25:f7:1f:37:ec:37:24:65:4d:b9:bd:9a:fb:
ea:a6:85:19:2e:7a:be:60:c8:80:7b:32:7c:16:1f:
65:1c:bd:75:a5:c3:9a:d2:77:93:c0:f7:65:b2:85:
63:9e:ec:42:a9:e3:5f:40:3e:31:24:ed:55:e6:e6:
d4:a2:80:aa:59:60:3d:94:92:11:97:10:f9:74:cc:
2b:35:24:3f:cc:59:8d:d4:81:80:2a:e6:a6:df:ea:
fc:db:92:a4:8d:c3:f0:c5:d3:5e:26:1e:7c:16:ad:
e2:7d:b6:cc:7c:b8:3b:d0:4f:2b:9a:cc:83:59:68:
7f:5c:5c:ce:00:85:8c:e5:b2:34:d3:e0:6e:73:7c:
18:be:c1:ea:ec:38:1e:0a:86:91:d6:71:63:ca:5f:
07:02:f6:17:e2:0b:2a:1c:62:06:51:5a:5e:c2:f6:
26:18:d7:a3:f2:ca:1d:28:49:d3:47:a8:00:79:22:
a7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:37:D6:F4:3A:60:07:A0:2C:81:88:B0:D2:E5:C2:CD:87:E3:D6:8A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CDfW9DpgB6AsgYiw0uXCzYfj1oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.119.0/24
185.252.160.0/23
185.252.163.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:35:e2:ab:56:59:96:63:e0:d6:e0:02:10:c0:9f:73:89:b0:
5e:27:fe:7f:75:d4:d0:4f:8f:69:38:1d:5f:d4:54:f8:94:3f:
26:6e:48:b0:2b:e5:35:52:f9:bb:35:31:82:9a:39:20:40:27:
d8:b7:2b:e1:5d:f4:d1:f5:fa:ea:49:72:6d:21:9a:2f:a8:a8:
92:85:75:cf:ca:14:66:a1:2c:f4:9a:d1:34:05:23:26:b4:08:
a7:f2:c9:e2:cd:50:c3:85:86:1c:df:9d:5d:8d:7b:73:52:aa:
5d:5f:57:52:8b:52:c4:1a:7e:57:66:69:01:0c:4c:93:78:a2:
e0:01:e7:be:fb:55:22:57:4b:9f:e7:bb:6a:d0:c8:90:95:89:
2a:09:77:64:e3:43:e8:a3:24:c9:a4:92:df:e2:7e:9c:6e:d4:
eb:46:fd:0c:47:df:d7:7a:45:d5:4b:d3:67:86:e8:23:57:1e:
5a:b3:92:96:43:b3:4d:c8:83:24:77:e5:ec:b6:30:2a:18:62:
23:9b:05:46:6e:6f:19:92:9e:5a:fc:f8:de:2a:dc:0a:18:63:
da:b4:82:98:73:ea:7b:72:24:fe:21:f5:37:ea:e8:58:18:50:
15:44:54:f7:c8:89:ea:b1:3f:ff:35:14:71:77:4f:49:79:a4:
52:38:e0:ec
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/Yc1T8aRiLyzHUsZwqh97ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjAyMTAxNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODM3ZDZmNDNhNjAwN2EwMmM4MTg4YjBkMmU1YzJjZDg3ZTNkNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuuc0jTGimzkoLlkWrrs3QxxtdnG
QMoTtLmeAuzpnaq3JYYK9q3wWPv9pf8DnlMmzVUfkQnLVnZMXyKXIPmFBiKyFrXN
PLFUysBkmyX3HzfsNyRlTbm9mvvqpoUZLnq+YMiAezJ8Fh9lHL11pcOa0neTwPdl
soVjnuxCqeNfQD4xJO1V5ubUooCqWWA9lJIRlxD5dMwrNSQ/zFmN1IGAKuam3+r8
25KkjcPwxdNeJh58Fq3ifbbMfLg70E8rmsyDWWh/XFzOAIWM5bI00+Buc3wYvsHq
7DgeCoaR1nFjyl8HAvYX4gsqHGIGUVpewvYmGNej8sodKEnTR6gAeSKnRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAg31vQ6YAegLIGIsNLlws2H49aKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ0RmVzlEcGdCNkFzZ1lpdzB1WEN6WWZqMW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBV3hEAwQA
XXt3AwQBufygAwQAufyjMA0GCSqGSIb3DQEBCwUAA4IBAQC1NeKrVlmWY+DW4AIQ
wJ9zibBeJ/5/ddTQT49pOB1f1FT4lD8mbkiwK+U1Uvm7NTGCmjkgQCfYtyvhXfTR
9frqSXJtIZovqKiShXXPyhRmoSz0mtE0BSMmtAin8snizVDDhYYc351djXtzUqpd
X1dSi1LEGn5XZmkBDEyTeKLgAee++1UiV0uf57tq0MiQlYkqCXdk40PooyTJpJLf
4n6cbtTrRv0MR9/XekXVS9NnhugjVx5as5KWQ7NNyIMkd+XstjAqGGIjmwVGbm8Z
kp5a/PjeKtwKGGPatIKYc+p7ciT+IfU36uhYGFAVRFT3yInqsT//NRRxd09JeaRS
OODs
-----END CERTIFICATE-----
Generated at Fri Jun 7 04:10:47 2024 by rpki-client on console-fra.rpki-client.org