Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CyMXqyZtio5J90waWNnEH_Z9cRk.roa
File: CyMXqyZtio5J90waWNnEH_Z9cRk.roa (raw, json)
Hash identifier: dXB+ZZcpsypcuwEEntfznHtVcrigx12MiYPwCKhQW9s=
Subject key identifier: 0B:23:17:AB:26:6D:8A:8E:49:F7:4C:1A:58:D9:C4:1F:F6:7D:71:19
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188B4EC8EF43BDB464A3AD96F1202B339B9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CyMXqyZtio5J90waWNnEH_Z9cRk.roa
Signing time: Tue 13 Jun 2023 13:23:01 +0000
ROA not before: Tue 13 Jun 2023 13:23:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43072
IP address blocks: 94.156.6.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
87.121.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Jun 2023 15:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b4:ec:8e:f4:3b:db:46:4a:3a:d9:6f:12:02:b3:39:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 13 13:23:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b2317ab266d8a8e49f74c1a58d9c41ff67d7119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f3:29:08:25:dc:40:18:54:57:a3:e6:98:c8:
20:bf:c5:6f:dd:af:a8:2b:10:96:40:f2:12:74:91:
df:a5:c8:ae:cb:d8:e9:5b:a6:2a:53:33:18:f3:34:
11:40:6b:14:a9:1e:96:53:78:3f:43:12:de:63:4c:
ca:ed:29:bb:c7:82:51:88:e5:c4:86:68:42:71:b3:
82:31:01:25:12:52:f9:c9:05:de:08:af:56:94:4f:
95:e2:83:e3:09:20:a5:04:45:e0:00:ab:34:75:ed:
96:bf:f8:a8:7f:0a:94:0d:72:66:1a:02:16:7c:65:
a2:82:81:19:7b:e1:8b:53:61:5c:eb:3d:b4:0c:6d:
b7:e6:6b:fa:ab:49:a2:90:7b:e2:c4:fa:38:79:b8:
ab:f7:43:b1:b1:da:e2:9b:c9:bb:52:f1:82:75:39:
a0:09:ac:62:3c:a2:03:b3:f3:dd:6d:28:96:31:36:
c7:73:6c:9e:fd:c4:45:cf:35:cf:6d:b2:40:22:38:
7f:d5:e0:e3:fd:9d:6f:ae:5b:f1:a7:52:65:f2:1e:
e2:12:3d:a0:8c:ae:a0:ca:88:f6:ce:ce:21:0d:4d:
f1:35:9b:4a:cc:28:6a:7f:39:8f:14:21:52:9c:09:
a0:12:3b:4e:fa:90:eb:bb:55:a3:bc:37:ff:51:4f:
8c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:23:17:AB:26:6D:8A:8E:49:F7:4C:1A:58:D9:C4:1F:F6:7D:71:19
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CyMXqyZtio5J90waWNnEH_Z9cRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.48.0/24
87.121.3.0/24
94.156.6.0/24
Signature Algorithm: sha256WithRSAEncryption
12:11:a1:d6:42:a5:98:fa:2a:5a:1b:2e:b4:c5:da:41:d6:37:
f1:8c:d9:08:a2:d9:6b:e1:10:a1:60:04:1e:4b:3e:8f:16:b1:
42:71:97:0d:e0:13:88:82:37:73:f2:b3:b2:c3:1d:60:42:b1:
41:51:d3:5c:29:bd:d0:40:58:14:6a:53:51:7c:cf:b7:2b:b2:
cb:3f:a7:03:30:9f:e1:1a:f8:7a:63:20:8b:11:1b:8f:4f:d1:
4f:17:97:39:f4:45:20:50:61:36:91:48:16:35:c5:a0:97:6f:
d2:c0:67:86:fc:9f:05:40:51:91:a6:91:9f:97:35:56:3e:83:
e9:b7:c6:53:6e:7c:bf:14:be:53:0c:ea:6a:38:f4:2d:e7:cf:
8c:b8:c9:54:51:95:7e:3a:01:14:3c:5e:24:87:1e:21:7a:7c:
23:40:ad:3d:0a:85:61:82:aa:ec:68:2f:ed:48:96:2a:d4:7c:
df:64:ff:9a:1f:64:b0:ab:16:55:9c:d1:02:d7:68:5b:59:c3:
f0:2e:b9:7a:6c:0e:97:86:ec:9c:6c:89:49:99:08:48:a0:0c:
cf:61:15:e8:e4:02:61:51:cc:87:aa:47:9b:c0:12:ec:bd:e7:
8e:95:06:00:72:fc:a8:b7:0c:80:49:62:a1:dd:76:09:e4:ad:
07:cb:46:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYi07I70O9tGSjrZbxICszm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjEzMTMyMzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjIzMTdhYjI2NmQ4YThlNDlmNzRjMWE1OGQ5YzQxZmY2N2Q3MTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/MpCCXcQBhUV6PmmMggv8Vv3a+o
KxCWQPISdJHfpciuy9jpW6YqUzMY8zQRQGsUqR6WU3g/QxLeY0zK7Sm7x4JRiOXE
hmhCcbOCMQElElL5yQXeCK9WlE+V4oPjCSClBEXgAKs0de2Wv/iofwqUDXJmGgIW
fGWigoEZe+GLU2Fc6z20DG235mv6q0mikHvixPo4ebir90Oxsdrim8m7UvGCdTmg
CaxiPKIDs/PdbSiWMTbHc2ye/cRFzzXPbbJAIjh/1eDj/Z1vrlvxp1Jl8h7iEj2g
jK6gyoj2zs4hDU3xNZtKzChqfzmPFCFSnAmgEjtO+pDru1WjvDf/UU+MGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAsjF6smbYqOSfdMGljZxB/2fXEZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ3lNWHF5WnRpbzVKOTB3YVdObkVIX1o5Y1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT24wAwQA
V3kDAwQAXpwGMA0GCSqGSIb3DQEBCwUAA4IBAQASEaHWQqWY+ipaGy60xdpB1jfx
jNkIotlr4RChYAQeSz6PFrFCcZcN4BOIgjdz8rOywx1gQrFBUdNcKb3QQFgUalNR
fM+3K7LLP6cDMJ/hGvh6YyCLERuPT9FPF5c59EUgUGE2kUgWNcWgl2/SwGeG/J8F
QFGRppGflzVWPoPpt8ZTbny/FL5TDOpqOPQt58+MuMlUUZV+OgEUPF4khx4henwj
QK09CoVhgqrsaC/tSJYq1HzfZP+aH2SwqxZVnNEC12hbWcPwLrl6bA6XhuycbIlJ
mQhIoAzPYRXo5AJhUcyHqkebwBLsveeOlQYAcvyotwyASWKh3XYJ5K0Hy0ao
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:01 2024 by rpki-client on console-fra.rpki-client.org