Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DC_mP0Pfq1IVHtj5uBOXTAfq5wo.roa
File: DC_mP0Pfq1IVHtj5uBOXTAfq5wo.roa (raw, json)
Hash identifier: S8nwjZBwTl3JyzxnTvkjJ8EuIcIDECAuqL40OkDoiE0=
Subject key identifier: 0C:2F:E6:3F:43:DF:AB:52:15:1E:D8:F9:B8:13:97:4C:07:EA:E7:0A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ECFA120C528E5E8842BBC2510AF2DD1BC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DC_mP0Pfq1IVHtj5uBOXTAfq5wo.roa
Signing time: Fri 12 Apr 2024 00:07:07 +0000
ROA not before: Fri 12 Apr 2024 00:07:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.74.0/24 maxlen: 24
93.123.75.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
193.148.253.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 05:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cf:a1:20:c5:28:e5:e8:84:2b:bc:25:10:af:2d:d1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 12 00:07:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c2fe63f43dfab52151ed8f9b813974c07eae70a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:76:20:b0:d7:33:c9:e2:68:5d:41:15:48:43:
c5:59:8f:08:be:40:d8:81:3c:fa:aa:20:4a:bc:ed:
b1:f5:29:83:ad:f2:49:3a:df:67:18:9b:4b:12:28:
d1:32:c2:45:de:10:d4:ef:27:75:8c:67:2c:cc:1f:
05:8b:de:2c:ac:8f:1c:6c:71:47:3c:30:1e:cf:ce:
ef:8a:09:8c:2c:70:b2:59:fd:19:51:01:fb:1b:bb:
0a:51:04:77:eb:df:5c:09:ac:e3:63:fe:ff:99:2a:
07:dc:9d:f2:11:ac:cb:a8:f3:c5:49:11:4b:67:9a:
a4:05:10:59:8e:5e:4e:ff:a7:79:8d:8e:90:3f:b3:
fe:e8:56:a6:9a:4d:02:51:79:0b:c4:b3:79:a2:9f:
80:b5:85:92:80:f3:36:4b:ae:14:d8:c8:91:dc:b6:
3f:a6:85:3d:0e:53:e8:3f:94:fc:5f:4e:f4:f4:80:
47:15:e3:9b:7d:24:d4:26:66:10:cb:fa:93:a3:f5:
7f:de:69:88:60:ae:95:23:cd:61:df:23:99:f7:34:
6d:16:84:9e:28:ca:8b:8a:78:55:bc:eb:bb:af:dd:
f6:c0:a6:63:bd:56:dd:0d:4b:2e:4d:7d:2d:53:dd:
5d:b5:aa:8f:1c:19:1c:46:a1:57:65:be:ed:d0:89:
51:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2F:E6:3F:43:DF:AB:52:15:1E:D8:F9:B8:13:97:4C:07:EA:E7:0A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DC_mP0Pfq1IVHtj5uBOXTAfq5wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
87.121.60.0/24
93.123.74.0/23
185.252.160.0/23
193.148.253.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:d7:d6:7b:c5:da:e9:25:96:c1:fe:d2:70:15:8e:2a:aa:ed:
3e:f4:52:69:a5:70:db:5e:e8:ad:c5:8d:16:d7:9b:7f:3a:e0:
13:cb:c6:26:f4:c2:c2:d1:86:76:11:30:ce:ce:8a:e4:2d:a4:
42:31:ba:0b:f0:54:d4:5e:b1:45:f1:cc:4d:08:09:45:49:50:
7b:2d:42:42:7e:fb:8f:70:89:47:90:3b:55:b8:b4:43:c0:37:
36:74:e9:90:bc:21:dc:79:b9:11:4f:f6:d5:f2:7a:fd:ec:b8:
ab:ef:6e:03:7a:9e:51:e6:04:6d:4a:5f:c8:d8:c0:ed:3e:1c:
67:c9:7d:a9:5c:6c:6d:da:ff:bb:3c:af:cc:2c:6c:ab:5c:9c:
f1:3d:db:e6:ba:49:73:d1:f4:8b:87:3b:6d:c0:ff:d3:39:bd:
00:f1:96:f5:ad:de:fb:fe:c0:45:ea:13:d7:bf:ac:3f:b6:80:
37:ed:f6:d0:a9:f3:46:06:6c:b7:86:b3:fd:35:9b:df:f4:a8:
d0:ce:3c:25:56:79:5b:e8:3b:2d:51:43:45:07:5f:74:7f:59:
70:d3:13:15:2f:2d:52:eb:da:bf:35:72:91:92:94:b1:64:c4:
21:3d:7e:e0:6c:b5:65:83:f9:bc:23:39:59:92:6b:c3:3e:d0:
7e:29:f1:d4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY7PoSDFKOXohCu8JRCvLdG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDEyMDAwNzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJmZTYzZjQzZGZhYjUyMTUxZWQ4ZjliODEzOTc0YzA3ZWFlNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnYgsNczyeJoXUEVSEPFWY8IvkDY
gTz6qiBKvO2x9SmDrfJJOt9nGJtLEijRMsJF3hDU7yd1jGcszB8Fi94srI8cbHFH
PDAez87vigmMLHCyWf0ZUQH7G7sKUQR3699cCazjY/7/mSoH3J3yEazLqPPFSRFL
Z5qkBRBZjl5O/6d5jY6QP7P+6Fammk0CUXkLxLN5op+AtYWSgPM2S64U2MiR3LY/
poU9DlPoP5T8X0709IBHFeObfSTUJmYQy/qTo/V/3mmIYK6VI81h3yOZ9zRtFoSe
KMqLinhVvOu7r932wKZjvVbdDUsuTX0tU91dtaqPHBkcRqFXZb7t0IlR1QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAwv5j9D36tSFR7Y+bgTl0wH6ucKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRENfbVAwUGZxMUlWSHRqNXVCT1hUQWZxNXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBV3hEAwQA
V3k8AwQBXXtKAwQBufygAwQAwZT9AwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQAe
19Z7xdrpJZbB/tJwFY4qqu0+9FJppXDbXuitxY0W15t/OuATy8Ym9MLC0YZ2ETDO
zorkLaRCMboL8FTUXrFF8cxNCAlFSVB7LUJCfvuPcIlHkDtVuLRDwDc2dOmQvCHc
ebkRT/bV8nr97Lir724Dep5R5gRtSl/I2MDtPhxnyX2pXGxt2v+7PK/MLGyrXJzx
Pdvmuklz0fSLhzttwP/TOb0A8Zb1rd77/sBF6hPXv6w/toA37fbQqfNGBmy3hrP9
NZvf9KjQzjwlVnlb6DstUUNFB190f1lw0xMVLy1S69q/NXKRkpSxZMQhPX7gbLVl
g/m8IzlZkmvDPtB+KfHU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:27 2024 by rpki-client on console-ams.rpki-client.org