Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D-wkxQygB9yRv1mf3irhUBR9KNg.roa
File: D-wkxQygB9yRv1mf3irhUBR9KNg.roa (raw, json)
Hash identifier: lqKQ6TcIP4irEDqxOMzt2OcWDIO2nuf+TyYcla5Ag/c=
Subject key identifier: 0F:EC:24:C5:0C:A0:07:DC:91:BF:59:9F:DE:2A:E1:50:14:7D:28:D8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DA01364F7CCCADD17AA3F535BBDB7ED52
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D-wkxQygB9yRv1mf3irhUBR9KNg.roa
Signing time: Tue 13 Feb 2024 01:27:22 +0000
ROA not before: Tue 13 Feb 2024 01:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.13.211.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.192.0/23 maxlen: 24
87.121.147.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.100.0/24 maxlen: 24
93.123.101.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 03:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a0:13:64:f7:cc:ca:dd:17:aa:3f:53:5b:bd:b7:ed:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 13 01:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fec24c50ca007dc91bf599fde2ae150147d28d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3e:4f:03:88:75:58:f4:83:f9:c4:38:a2:b3:
a4:6a:70:74:7f:af:61:32:e1:9a:a5:fd:60:fe:13:
56:b3:96:95:3c:9c:1f:99:c5:fe:f1:08:61:7a:ea:
fc:e4:51:43:bc:01:42:16:c7:87:20:40:9c:fb:a3:
2b:85:fb:7f:20:d7:34:35:af:14:6e:f6:31:f3:70:
2b:0e:0c:98:90:36:0a:45:09:f0:a7:de:12:c5:02:
89:c4:ec:2d:d8:a1:54:8d:31:e9:02:27:bc:2f:5f:
c4:85:b8:39:c5:a4:ce:1f:dc:cb:49:87:c8:46:b4:
57:de:8d:46:c0:4e:33:f0:2a:3e:90:dc:3c:39:0e:
94:19:aa:28:b1:76:aa:2e:2b:3e:70:6b:40:ff:5c:
24:69:e0:36:1f:04:b4:74:6c:0d:91:c2:a5:49:1c:
a4:62:5c:30:e5:c8:d8:c6:fa:54:43:59:79:b4:70:
cb:3d:43:87:6f:d2:75:bc:86:c0:70:72:5c:55:a9:
ec:73:fb:c1:ee:69:d5:43:bc:73:06:25:79:60:18:
bd:13:e2:1f:ff:7b:ba:33:c4:21:30:18:0f:43:ac:
2f:e8:75:65:f1:76:82:25:dc:11:ad:51:a5:93:ed:
ae:ab:e1:fa:4e:19:b4:0e:ae:c3:55:31:f8:6e:82:
b8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EC:24:C5:0C:A0:07:DC:91:BF:59:9F:DE:2A:E1:50:14:7D:28:D8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D-wkxQygB9yRv1mf3irhUBR9KNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.211.0/24
45.8.94.0/24
87.120.68.0/23
87.120.192.0/23
87.121.147.0/24
91.92.26.0/24
93.123.74.0/23
93.123.100.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
46:06:fa:5e:ab:ea:bf:c8:7b:c6:e9:ec:7c:5a:f1:e9:3f:8b:
fa:17:b4:08:86:f7:b8:50:e6:1b:3a:d3:e9:f2:af:4b:24:b6:
40:22:81:e3:40:b4:8e:37:c5:c1:4e:fe:99:1b:fd:62:8f:b9:
7b:da:d4:cb:a6:7c:03:cf:49:c0:df:2e:08:1b:c5:53:b2:73:
df:80:61:1f:ba:8c:92:b7:f6:a0:52:92:b0:45:5f:21:98:ee:
e8:e5:89:04:dc:15:a3:91:a0:a8:37:7f:4e:42:a5:f6:c4:a9:
f7:72:ed:96:38:e6:91:8d:e2:61:eb:b5:a8:bc:ab:cc:dd:25:
47:a6:8d:9e:56:20:e8:b2:eb:2a:e7:a5:e5:ce:b8:8d:b2:d3:
2c:8b:94:43:24:1e:b0:81:0d:43:e9:d9:ee:1e:0d:f2:4b:52:
e1:f5:b9:90:23:4f:13:1a:ae:cb:d2:1d:70:c7:b9:22:a7:a0:
0f:86:6e:9d:57:9f:c5:96:9c:13:3e:d3:a5:31:0e:97:0e:0c:
be:96:ba:9d:c9:22:8b:e9:2d:18:57:ba:05:a9:b4:0a:89:a8:
89:b7:e1:fc:41:69:ee:4c:bf:3a:40:e3:3a:e6:7a:5f:0b:87:
65:3f:f5:90:c9:2d:2d:7a:8f:a0:c6:bf:50:e8:3f:ca:1e:62:
6b:35:68:5f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY2gE2T3zMrdF6o/U1u9t+1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjEzMDEyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmVjMjRjNTBjYTAwN2RjOTFiZjU5OWZkZTJhZTE1MDE0N2QyOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD5PA4h1WPSD+cQ4orOkanB0f69h
MuGapf1g/hNWs5aVPJwfmcX+8Qhheur85FFDvAFCFseHIECc+6Mrhft/INc0Na8U
bvYx83ArDgyYkDYKRQnwp94SxQKJxOwt2KFUjTHpAie8L1/Ehbg5xaTOH9zLSYfI
RrRX3o1GwE4z8Co+kNw8OQ6UGaoosXaqLis+cGtA/1wkaeA2HwS0dGwNkcKlSRyk
Ylww5cjYxvpUQ1l5tHDLPUOHb9J1vIbAcHJcVansc/vB7mnVQ7xzBiV5YBi9E+If
/3u6M8QhMBgPQ6wv6HVl8XaCJdwRrVGlk+2uq+H6Thm0Dq7DVTH4boK4XwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFA/sJMUMoAfckb9Zn94q4VAUfSjYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRC13a3hReWdCOXlSdjFtZjNpcmhVQlI5S05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAHw3TAwQA
LQheAwQBV3hEAwQBV3jAAwQAV3mTAwQAW1waAwQBXXtKAwQBXXtkAwQBufygMA0G
CSqGSIb3DQEBCwUAA4IBAQBGBvpeq+q/yHvG6ex8WvHpP4v6F7QIhve4UOYbOtPp
8q9LJLZAIoHjQLSON8XBTv6ZG/1ij7l72tTLpnwDz0nA3y4IG8VTsnPfgGEfuoyS
t/agUpKwRV8hmO7o5YkE3BWjkaCoN39OQqX2xKn3cu2WOOaRjeJh67WovKvM3SVH
po2eViDosusq56XlzriNstMsi5RDJB6wgQ1D6dnuHg3yS1Lh9bmQI08TGq7L0h1w
x7kip6APhm6dV5/FlpwTPtOlMQ6XDgy+lrqdySKL6S0YV7oFqbQKiaiJt+H8QWnu
TL86QOM65npfC4dlP/WQyS0teo+gxr9Q6D/KHmJrNWhf
-----END CERTIFICATE-----
Generated at Thu Feb 15 07:22:59 2024 by rpki-client on console-ams.rpki-client.org