Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Gv9HJrXIJ2uUGJW-gicobGAj1Fg.roa
File: Gv9HJrXIJ2uUGJW-gicobGAj1Fg.roa (raw, json)
Hash identifier: P1JbIGn3qLT5q4BW5B5dPx7Ie58spaLYUv5W3aGy64s=
Subject key identifier: 1A:FF:47:26:B5:C8:27:6B:94:18:95:BE:82:27:28:6C:60:23:D4:58
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01902A38F79F4DC7F85558634A75C1915F8A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Gv9HJrXIJ2uUGJW-gicobGAj1Fg.roa
Signing time: Tue 18 Jun 2024 07:21:34 +0000
ROA not before: Tue 18 Jun 2024 07:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
185.252.162.0/24 maxlen: 24
185.252.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 09:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:38:f7:9f:4d:c7:f8:55:58:63:4a:75:c1:91:5f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 18 07:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1aff4726b5c8276b941895be8227286c6023d458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:18:67:8c:fa:9f:dd:02:a0:ba:e0:62:ee:99:
87:a7:63:60:50:10:d7:d9:1b:51:14:e6:d2:ed:f7:
bd:ea:ae:d7:bc:20:2a:ef:d6:c3:ab:2a:3e:68:08:
37:0b:c4:b8:1f:39:65:17:be:da:8f:17:0d:44:1a:
ec:43:e8:f5:d0:fe:66:12:39:b2:1a:89:75:54:d4:
cd:50:9c:07:49:c7:98:81:28:7c:33:57:90:b8:1d:
c1:f7:af:f2:a3:41:e4:e7:fc:a4:9f:d1:88:84:82:
f2:d6:cf:5c:c3:81:b6:f8:4c:f8:54:51:3e:18:9f:
a2:82:e1:4b:92:db:d3:02:5f:7c:af:de:a1:5f:b9:
1e:b8:80:36:2a:0d:ca:7e:99:42:f4:cc:36:69:1a:
8e:ba:05:3c:f5:a7:ca:3d:b7:f2:83:89:1d:93:08:
44:67:84:95:7d:f4:e4:3f:b3:8c:83:d4:61:82:e7:
49:c1:fe:c4:33:6a:50:48:84:c1:90:eb:d7:ba:7e:
c3:44:32:48:1b:97:34:5a:09:52:b2:20:ac:a7:a3:
02:5b:5a:8a:8d:51:51:ec:c0:83:ec:78:44:d5:1b:
20:52:44:71:dc:1b:29:06:64:46:37:d1:87:39:c2:
5f:21:fb:f0:66:93:3a:e6:a3:cd:35:c5:0e:c4:e2:
1f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FF:47:26:B5:C8:27:6B:94:18:95:BE:82:27:28:6C:60:23:D4:58
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Gv9HJrXIJ2uUGJW-gicobGAj1Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.119.0/24
185.252.160.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:c8:7a:eb:e1:d0:8f:2c:5a:29:d6:2a:07:6b:9b:66:61:db:
f7:d2:8f:63:9e:63:9a:b5:36:12:66:74:42:79:f4:93:c6:15:
e5:fd:f1:5a:d3:d2:9c:f4:6b:f3:33:4b:b2:a8:35:96:37:68:
ee:3d:95:d4:c4:bb:29:60:29:fa:ff:40:f9:54:c8:e3:03:0a:
03:45:9e:4a:7e:a5:e8:ed:10:9c:2e:e0:09:a4:b5:35:80:20:
27:59:cb:58:6d:68:fd:a5:af:5d:cb:8e:6b:79:8b:09:dc:f6:
d6:53:d1:b6:c7:ee:6a:d5:c1:26:e9:bc:cb:ec:61:9d:eb:b8:
78:98:eb:cd:9f:01:b3:b8:1d:24:b0:b7:86:8b:03:17:8a:1e:
17:c8:81:db:1c:8b:bf:9a:2c:70:03:67:e8:c5:ac:27:ce:f1:
55:0d:43:bc:d2:1c:b4:53:66:fb:69:34:a4:0d:85:7a:a0:3d:
53:72:c3:0d:7f:1c:94:b5:02:a5:76:fe:d3:73:73:26:ab:64:
8b:2c:8d:ea:3b:7a:04:8d:14:ad:c4:5b:d7:b8:b7:65:1b:f1:
ce:06:b6:bc:bd:84:66:1b:82:71:ab:b2:63:62:6d:ac:6c:0d:
83:c7:25:b4:a9:6d:ef:9c:fc:47:cd:b5:60:9b:aa:f5:ea:f5:
8f:21:fe:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAqOPefTcf4VVhjSnXBkV+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjE4MDcyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWZmNDcyNmI1YzgyNzZiOTQxODk1YmU4MjI3Mjg2YzYwMjNkNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hhnjPqf3QKguuBi7pmHp2NgUBDX
2RtRFObS7fe96q7XvCAq79bDqyo+aAg3C8S4HzllF77ajxcNRBrsQ+j10P5mEjmy
Gol1VNTNUJwHSceYgSh8M1eQuB3B96/yo0Hk5/ykn9GIhILy1s9cw4G2+Ez4VFE+
GJ+iguFLktvTAl98r96hX7keuIA2Kg3KfplC9Mw2aRqOugU89afKPbfyg4kdkwhE
Z4SVffTkP7OMg9RhgudJwf7EM2pQSITBkOvXun7DRDJIG5c0WglSsiCsp6MCW1qK
jVFR7MCD7HhE1RsgUkRx3BspBmRGN9GHOcJfIfvwZpM65qPNNcUOxOIfnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBr/Rya1yCdrlBiVvoInKGxgI9RYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvR3Y5SEpyWElKMnVVR0pXLWdpY29iR0FqMUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBV3hEAwQA
XXt3AwQCufygMA0GCSqGSIb3DQEBCwUAA4IBAQAOyHrr4dCPLFop1ioHa5tmYdv3
0o9jnmOatTYSZnRCefSTxhXl/fFa09Kc9GvzM0uyqDWWN2juPZXUxLspYCn6/0D5
VMjjAwoDRZ5KfqXo7RCcLuAJpLU1gCAnWctYbWj9pa9dy45reYsJ3PbWU9G2x+5q
1cEm6bzL7GGd67h4mOvNnwGzuB0ksLeGiwMXih4XyIHbHIu/mixwA2foxawnzvFV
DUO80hy0U2b7aTSkDYV6oD1TcsMNfxyUtQKldv7Tc3Mmq2SLLI3qO3oEjRStxFvX
uLdlG/HOBra8vYRmG4Jxq7JjYm2sbA2DxyW0qW3vnPxHzbVgm6r16vWPIf55
-----END CERTIFICATE-----
Generated at Tue Jun 18 13:14:06 2024 by rpki-client on console-fra.rpki-client.org