Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kg_ug0ayDPDkQjpo_IcT1UneuyE.roa
File: Kg_ug0ayDPDkQjpo_IcT1UneuyE.roa (raw, json)
Hash identifier: WsAAjjKdY96LfQJx5JTFdsOKmGlyn5nkhhFd8RfADtU=
Subject key identifier: 2A:0F:EE:83:46:B2:0C:F0:E4:42:3A:68:FC:87:13:D5:49:DE:BB:21
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01919C9FC9431DF0066AAAE5E87C7CD9094B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kg_ug0ayDPDkQjpo_IcT1UneuyE.roa
Signing time: Thu 29 Aug 2024 05:33:22 +0000
ROA not before: Thu 29 Aug 2024 05:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
87.121.86.0/24 maxlen: 24
93.123.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 10:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9c:9f:c9:43:1d:f0:06:6a:aa:e5:e8:7c:7c:d9:09:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 29 05:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a0fee8346b20cf0e4423a68fc8713d549debb21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4a:d4:9d:52:b3:a3:b3:ef:12:da:82:3c:23:
eb:f5:f1:35:01:91:76:a8:a9:98:95:4a:94:c7:f6:
31:f1:55:2b:93:ea:dd:bb:ca:d1:b8:e5:ac:56:5b:
4d:94:47:8f:f5:62:ba:86:b2:fa:6b:d3:a5:e9:eb:
27:84:50:ac:9a:34:54:64:c6:d9:e2:89:9d:00:4c:
d2:09:39:a8:33:1d:8b:41:5d:cf:01:81:e8:d0:0b:
19:7a:eb:8b:b3:98:0e:4a:17:cc:f7:25:69:26:43:
b4:f0:9f:41:ba:ba:51:f9:98:d2:66:9b:d1:08:fc:
5d:8d:b1:1b:07:09:57:c8:d9:19:d5:8e:46:80:4e:
46:10:61:d2:c7:1f:f2:4e:48:d1:6d:ed:e8:c9:2c:
b6:da:86:51:3b:4f:9a:ea:b3:32:d7:3e:94:58:c5:
8c:70:24:78:43:19:0a:0e:f1:c2:07:f3:94:1c:57:
3e:13:59:5b:41:77:c0:45:7c:e5:b0:f3:f4:9e:3f:
26:13:fb:52:fc:b9:04:08:83:17:08:d3:bf:7d:6f:
b4:d4:34:12:5c:16:7d:7c:a6:c1:f9:be:83:ae:c4:
d8:b9:24:fc:e2:2e:c4:3c:4f:e3:af:b7:0f:9e:35:
e9:c4:7c:9e:7b:a1:03:9d:c6:9e:60:14:3a:17:94:
ba:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0F:EE:83:46:B2:0C:F0:E4:42:3A:68:FC:87:13:D5:49:DE:BB:21
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kg_ug0ayDPDkQjpo_IcT1UneuyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
87.121.86.0/24
93.123.74.0/23
178.215.227.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:32:55:35:3d:b4:1d:a0:af:d5:7d:12:3f:5c:93:ba:85:e0:
bd:f4:a3:ff:95:b9:83:14:d1:6b:b6:0f:57:9b:40:10:15:9c:
d9:f0:93:27:f5:41:4b:60:49:22:ec:46:79:c2:88:ad:1b:70:
f2:aa:d8:0f:3a:e3:ef:35:74:6a:de:c4:66:58:8d:b4:1a:58:
5e:07:dc:33:c9:02:3a:a3:55:92:8c:df:3c:7a:e3:91:cf:cd:
1a:35:c6:3b:d6:aa:fa:94:f5:4f:47:c4:26:30:00:44:2b:d1:
45:ff:84:d1:74:33:6f:f8:c5:26:02:da:f8:38:65:9a:d0:65:
6c:da:ce:92:b3:1f:a9:0a:da:f8:25:8a:6f:56:eb:5c:0a:37:
f6:e4:74:4d:f2:0d:04:e6:e6:08:24:bd:38:09:44:a3:dc:04:
e6:ec:6e:7f:b1:75:57:e0:0c:a0:1b:7e:be:e5:5b:8c:82:22:
12:f7:13:f1:04:03:e4:31:04:50:14:bb:75:80:db:01:88:d4:
00:02:e8:d3:47:54:80:ea:9d:b6:54:c4:79:43:0a:2c:5d:95:
fd:fb:67:3a:85:74:ac:f9:87:ad:15:ef:70:75:99:48:59:c1:
ae:a2:24:e8:a5:73:56:c7:d1:06:35:a8:cf:8b:51:db:89:30:
95:89:21:54
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZGcn8lDHfAGaqrl6Hx82QlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODI5MDUzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBmZWU4MzQ2YjIwY2YwZTQ0MjNhNjhmYzg3MTNkNTQ5ZGViYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsErUnVKzo7PvEtqCPCPr9fE1AZF2
qKmYlUqUx/Yx8VUrk+rdu8rRuOWsVltNlEeP9WK6hrL6a9Ol6esnhFCsmjRUZMbZ
4omdAEzSCTmoMx2LQV3PAYHo0AsZeuuLs5gOShfM9yVpJkO08J9BurpR+ZjSZpvR
CPxdjbEbBwlXyNkZ1Y5GgE5GEGHSxx/yTkjRbe3oySy22oZRO0+a6rMy1z6UWMWM
cCR4QxkKDvHCB/OUHFc+E1lbQXfARXzlsPP0nj8mE/tS/LkECIMXCNO/fW+01DQS
XBZ9fKbB+b6DrsTYuST84i7EPE/jr7cPnjXpxHyee6EDncaeYBQ6F5S67QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCoP7oNGsgzw5EI6aPyHE9VJ3rshMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS2dfdWcwYXlEUERrUWpwb19JY1QxVW5ldXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBV3hEAwQA
V3lWAwQBXXtKAwQAstfjAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQBcMlU1PbQd
oK/VfRI/XJO6heC99KP/lbmDFNFrtg9Xm0AQFZzZ8JMn9UFLYEki7EZ5woitG3Dy
qtgPOuPvNXRq3sRmWI20GlheB9wzyQI6o1WSjN88euORz80aNcY71qr6lPVPR8Qm
MABEK9FF/4TRdDNv+MUmAtr4OGWa0GVs2s6Ssx+pCtr4JYpvVutcCjf25HRN8g0E
5uYIJL04CUSj3ATm7G5/sXVX4AygG36+5VuMgiIS9xPxBAPkMQRQFLt1gNsBiNQA
AujTR1SA6p22VMR5QwosXZX9+2c6hXSs+YetFe9wdZlIWcGuoiTopXNWx9EGNajP
i1HbiTCViSFU
-----END CERTIFICATE-----
Generated at Thu Sep 12 12:52:45 2024 by rpki-client on console-fra.rpki-client.org