Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Keb7RFhrZ8tH0MmHt-qdjmWKYUk.roa
File: Keb7RFhrZ8tH0MmHt-qdjmWKYUk.roa (raw, json)
Hash identifier: KWgAiD3ueW0Uq0ZZxkfNgBuG5ixfKgyh2za5gC363C0=
Subject key identifier: 29:E6:FB:44:58:6B:67:CB:47:D0:C9:87:B7:EA:9D:8E:65:8A:61:49
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01902AA32B126958068531F39F8A1FE064CC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Keb7RFhrZ8tH0MmHt-qdjmWKYUk.roa
Signing time: Tue 18 Jun 2024 09:17:34 +0000
ROA not before: Tue 18 Jun 2024 09:17:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 00:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:a3:2b:12:69:58:06:85:31:f3:9f:8a:1f:e0:64:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 18 09:17:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29e6fb44586b67cb47d0c987b7ea9d8e658a6149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a3:a6:1c:89:2f:dc:d0:43:e1:4d:fb:fc:21:
f1:52:a3:00:0e:6e:15:a4:dc:28:fa:28:72:ee:45:
fa:ec:fb:08:50:ce:e4:3d:82:2a:7e:cf:fe:2c:a9:
a4:e9:ae:37:cf:73:ba:0a:9b:83:c5:bf:62:eb:dd:
8c:35:80:2b:9e:a4:d4:31:5a:02:5a:82:0e:c9:2b:
d5:b9:a6:bd:1b:e9:7b:53:40:81:8c:9f:72:3e:3d:
2b:37:12:2d:0b:02:a9:78:17:ca:24:4d:52:70:af:
23:4a:52:09:37:6a:41:ff:f5:23:6f:d4:09:0a:78:
4e:0f:63:ce:a7:57:d3:9b:cc:d4:66:97:cf:25:5a:
43:0b:dd:6e:ce:b2:5c:d7:d1:7d:13:34:7a:a8:0c:
82:f9:9f:c8:0d:db:bb:ec:0e:c3:2e:df:ce:26:3b:
ee:c2:76:bf:d1:49:bb:03:a4:27:d0:12:65:69:a2:
1a:cc:7d:04:46:50:8c:66:11:ec:cb:00:94:42:0c:
fb:a7:cd:45:f8:26:7c:6b:fb:43:78:fa:a9:6a:71:
08:45:5b:46:84:81:6c:4d:8f:13:c2:ca:fc:f0:4c:
86:25:63:86:fa:fb:ad:c6:8d:10:2f:ad:00:af:e7:
f3:86:4f:25:30:bb:fa:5f:ab:8d:a2:2c:db:f2:c2:
22:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E6:FB:44:58:6B:67:CB:47:D0:C9:87:B7:EA:9D:8E:65:8A:61:49
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Keb7RFhrZ8tH0MmHt-qdjmWKYUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.119.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
53:57:e2:fe:f2:f6:a8:21:5e:36:a1:e3:35:45:15:82:e3:93:
de:a6:1b:d5:57:7a:fd:6d:c4:26:1c:08:08:23:b8:3f:a6:11:
5c:84:53:78:b2:c0:63:34:ed:33:9b:fd:aa:a3:11:3f:43:a7:
96:ca:4c:8f:49:56:be:03:be:77:fe:5d:3c:8b:82:17:84:5a:
e7:df:b8:15:5d:a7:c4:5e:5c:70:77:4b:8e:39:6d:b1:1a:47:
b6:03:68:a3:e6:33:26:28:44:c8:01:0c:07:c6:34:6c:5b:10:
71:c2:af:68:37:a7:6e:99:e1:26:55:d8:63:30:99:7b:1e:2a:
c1:fd:cd:c8:51:1a:c2:20:b7:51:7d:c8:f5:b2:cc:34:f4:66:
81:e0:48:d7:a8:74:c1:0a:56:23:84:4c:30:8f:55:00:dc:34:
a0:df:67:c2:74:0d:dc:e0:5c:6c:c7:09:f1:67:45:52:e2:ac:
0b:8d:e8:49:42:25:9e:04:a0:06:12:44:10:90:59:48:7b:11:
68:ce:93:4f:d8:b9:25:19:66:9d:4d:3d:94:1e:f3:32:33:5b:
e1:70:bc:84:a2:03:07:17:05:28:cb:85:e5:f5:59:2b:94:ed:
29:46:65:5d:e6:d1:c8:31:d7:d8:0d:c0:d2:8f:d5:c8:89:21:
c4:54:91:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAqoysSaVgGhTHzn4of4GTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjE4MDkxNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWU2ZmI0NDU4NmI2N2NiNDdkMGM5ODdiN2VhOWQ4ZTY1OGE2MTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqOmHIkv3NBD4U37/CHxUqMADm4V
pNwo+ihy7kX67PsIUM7kPYIqfs/+LKmk6a43z3O6CpuDxb9i692MNYArnqTUMVoC
WoIOySvVuaa9G+l7U0CBjJ9yPj0rNxItCwKpeBfKJE1ScK8jSlIJN2pB//Ujb9QJ
CnhOD2POp1fTm8zUZpfPJVpDC91uzrJc19F9EzR6qAyC+Z/IDdu77A7DLt/OJjvu
wna/0Um7A6Qn0BJlaaIazH0ERlCMZhHsywCUQgz7p81F+CZ8a/tDePqpanEIRVtG
hIFsTY8Twsr88EyGJWOG+vutxo0QL60Ar+fzhk8lMLv6X6uNoizb8sIiWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCnm+0RYa2fLR9DJh7fqnY5limFJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS2ViN1JGaHJaOHRIME1tSHQtcWRqbVdLWVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBV3hEAwQA
XXt3AwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQBTV+L+8vaoIV42oeM1RRWC45Pe
phvVV3r9bcQmHAgII7g/phFchFN4ssBjNO0zm/2qoxE/Q6eWykyPSVa+A753/l08
i4IXhFrn37gVXafEXlxwd0uOOW2xGke2A2ij5jMmKETIAQwHxjRsWxBxwq9oN6du
meEmVdhjMJl7HirB/c3IURrCILdRfcj1ssw09GaB4EjXqHTBClYjhEwwj1UA3DSg
32fCdA3c4FxsxwnxZ0VS4qwLjehJQiWeBKAGEkQQkFlIexFozpNP2LklGWadTT2U
HvMyM1vhcLyEogMHFwUoy4Xl9VkrlO0pRmVd5tHIMdfYDcDSj9XIiSHEVJE/
-----END CERTIFICATE-----
Generated at Sat Jun 22 02:35:36 2024 by rpki-client on console-fra.rpki-client.org