Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CkbsZm_E0Bk6g0CioVuzuXKat40.roa
File: CkbsZm_E0Bk6g0CioVuzuXKat40.roa (raw, json)
Hash identifier: IWbiIpRIp6CsLTWpbl2y/7H2ERMNd+vIUmUiUjCEJgE=
Subject key identifier: 0A:46:EC:66:6F:C4:D0:19:3A:83:40:A2:A1:5B:B3:B9:72:9A:B7:8D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A201CE972480A35086323B5BCA71ED728
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CkbsZm_E0Bk6g0CioVuzuXKat40.roa
Signing time: Wed 23 Aug 2023 01:58:00 +0000
ROA not before: Wed 23 Aug 2023 01:58:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
45.14.167.0/24 maxlen: 24
93.123.75.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:20:1c:e9:72:48:0a:35:08:63:23:b5:bc:a7:1e:d7:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 23 01:58:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a46ec666fc4d0193a8340a2a15bb3b9729ab78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:93:41:72:be:9b:1b:8b:6d:f9:52:f9:09:a7:
1a:19:fd:c5:38:1a:d7:f1:f8:f1:30:34:8e:e9:29:
a1:d9:11:6c:2f:75:a9:38:0e:78:8b:94:b9:9b:ef:
63:95:c8:a8:46:11:0d:22:1b:f7:b4:a1:6c:f7:09:
7f:62:d9:66:43:e7:11:cc:8b:f3:1c:41:fe:b1:70:
d1:84:ea:73:b5:db:61:d3:a4:7b:c7:54:f9:d5:c0:
da:f7:ed:82:d5:41:0e:c5:2e:87:03:ae:6b:0f:e2:
e8:68:35:dd:31:d8:ba:b3:97:a0:2c:06:0b:03:0a:
dc:fd:92:47:8a:71:6a:74:7c:53:da:da:8f:fb:65:
ae:96:e4:4b:85:fb:e2:95:c3:28:95:79:e0:ba:33:
db:7e:9f:61:47:88:44:16:9e:0d:0c:c5:f0:57:8f:
f0:30:48:d3:61:58:b2:3b:b4:a9:a6:f9:f9:3b:0c:
5d:54:00:b8:7e:49:c4:1d:07:6f:47:bf:97:cb:8e:
08:a5:8a:ed:c1:45:7d:d3:7b:9b:37:97:cd:12:f5:
da:21:96:1d:12:b5:7a:4b:cc:88:5a:17:e0:12:0e:
d1:a2:f7:2d:a8:ad:fa:ea:25:46:26:8a:5b:65:ec:
25:cc:14:ce:97:e2:72:30:5e:f4:f4:20:64:36:09:
fe:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:46:EC:66:6F:C4:D0:19:3A:83:40:A2:A1:5B:B3:B9:72:9A:B7:8D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CkbsZm_E0Bk6g0CioVuzuXKat40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.94.0/24
45.14.167.0/24
83.219.99.0/24
87.120.68.0/23
93.123.75.0/24
Signature Algorithm: sha256WithRSAEncryption
35:3d:84:3d:15:46:48:d7:d3:dd:80:f0:e7:8d:95:4b:0c:31:
ef:cc:0b:0d:e9:05:d4:1a:bf:bf:53:ba:cd:be:f5:a8:44:21:
c4:61:d4:39:83:46:5b:b5:83:6d:b3:fc:d4:dd:fb:eb:ba:d7:
a6:02:c5:98:e6:ae:eb:48:ce:e9:b2:1d:c9:47:db:f8:b0:95:
66:0d:f8:0b:1b:52:44:6e:83:ed:07:91:79:69:3f:10:05:02:
50:82:cb:68:9f:46:3e:15:95:3b:6e:ec:b6:93:48:d3:c8:39:
1c:90:0b:a5:b9:68:b9:c0:f8:5b:97:ff:a3:f8:0a:f7:81:09:
9a:16:a9:21:ba:b6:13:14:cc:fb:65:b5:8d:4f:b8:60:a8:ca:
bd:37:f7:bf:9b:a5:5b:f0:60:4f:87:a5:34:72:5f:32:2a:b6:
f6:36:1a:3b:cf:91:ae:08:56:7a:e7:bc:12:ae:9e:3d:61:48:
ba:ba:a7:7e:3b:1a:49:8d:12:99:18:ff:dd:95:6d:af:ab:1c:
fd:43:5f:04:fe:af:cc:f2:da:65:f9:20:1c:1e:95:f3:c6:2c:
71:37:7a:79:a8:92:15:2c:01:21:64:78:a1:95:93:b8:33:02:
35:45:7d:38:b3:5d:de:9b:bf:b2:ee:4a:73:0e:68:21:8f:cf:
33:6f:98:a2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYogHOlySAo1CGMjtbynHtcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODIzMDE1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQ2ZWM2NjZmYzRkMDE5M2E4MzQwYTJhMTViYjNiOTcyOWFiNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5NBcr6bG4tt+VL5CacaGf3FOBrX
8fjxMDSO6Smh2RFsL3WpOA54i5S5m+9jlcioRhENIhv3tKFs9wl/YtlmQ+cRzIvz
HEH+sXDRhOpztdth06R7x1T51cDa9+2C1UEOxS6HA65rD+LoaDXdMdi6s5egLAYL
Awrc/ZJHinFqdHxT2tqP+2WuluRLhfvilcMolXngujPbfp9hR4hEFp4NDMXwV4/w
MEjTYViyO7Sppvn5OwxdVAC4fknEHQdvR7+Xy44IpYrtwUV903ubN5fNEvXaIZYd
ErV6S8yIWhfgEg7RovctqK366iVGJopbZewlzBTOl+JyMF709CBkNgn+DQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFApG7GZvxNAZOoNAoqFbs7lymreNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ2tic1ptX0UwQms2ZzBDaW9WdXp1WEthdDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQheAwQA
LQ6nAwQAU9tjAwQBV3hEAwQAXXtLMA0GCSqGSIb3DQEBCwUAA4IBAQA1PYQ9FUZI
19PdgPDnjZVLDDHvzAsN6QXUGr+/U7rNvvWoRCHEYdQ5g0ZbtYNts/zU3fvrutem
AsWY5q7rSM7psh3JR9v4sJVmDfgLG1JEboPtB5F5aT8QBQJQgston0Y+FZU7buy2
k0jTyDkckAuluWi5wPhbl/+j+Ar3gQmaFqkhurYTFMz7ZbWNT7hgqMq9N/e/m6Vb
8GBPh6U0cl8yKrb2Nho7z5GuCFZ657wSrp49YUi6uqd+OxpJjRKZGP/dlW2vqxz9
Q18E/q/M8tpl+SAcHpXzxixxN3p5qJIVLAEhZHihlZO4MwI1RX04s13em7+y7kpz
Dmghj88zb5ii
-----END CERTIFICATE-----
Generated at Wed Aug 23 11:00:58 2023 by rpki-client on console-ams.rpki-client.org