Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/McX0fnfg6pT-YfT7KeU-0utyZtk.roa
File: McX0fnfg6pT-YfT7KeU-0utyZtk.roa (raw, json)
Hash identifier: WMySsh/E+1Wx7HffmINM2XnSPOrUAR2hKEho/QNq/XE=
Subject key identifier: 31:C5:F4:7E:77:E0:EA:94:FE:61:F4:FB:29:E5:3E:D2:EB:72:66:D9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81E65833ADBA8F71CFB9E2DB3905F9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/McX0fnfg6pT-YfT7KeU-0utyZtk.roa
Signing time: Sun 01 Jan 2023 13:25:07 +0000
ROA not before: Sun 01 Jan 2023 13:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41624
IP address blocks: 212.73.158.0/23 maxlen: 23
87.120.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:e6:58:33:ad:ba:8f:71:cf:b9:e2:db:39:05:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31c5f47e77e0ea94fe61f4fb29e53ed2eb7266d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a6:47:98:a0:85:14:28:d4:85:05:29:76:93:
9f:2e:15:5e:18:bf:0e:c8:60:43:83:bf:c8:11:2b:
83:1d:e0:40:86:d5:ee:27:8e:05:db:54:95:b6:a2:
29:6c:62:d5:7f:25:fe:61:bd:ec:18:bd:07:92:53:
ce:ff:45:ca:bd:80:a0:a7:9f:dd:bb:55:1d:b1:37:
c5:f1:79:46:49:e7:16:b6:96:c7:56:dc:f4:5f:5d:
b0:f1:64:7c:93:29:41:af:92:bd:23:e5:f8:ad:9d:
d7:2d:9f:b8:2a:e3:1a:a7:50:e9:c9:b9:48:10:dd:
83:a5:af:c7:2f:88:30:35:36:da:29:8b:74:1b:19:
30:c8:27:8b:82:b8:0c:23:26:d0:13:09:aa:a6:00:
21:e9:71:b4:ca:08:21:c5:4e:25:11:df:43:c4:f9:
82:ba:9c:b2:2b:84:30:43:81:3d:1a:8e:be:3a:fe:
51:9a:de:c6:c1:c3:20:ff:67:0e:ba:fa:1c:24:60:
df:cb:72:d2:44:06:1e:b0:27:39:4b:dc:95:21:68:
7b:90:fc:c8:b1:51:c0:b6:af:cc:00:9b:33:f1:1e:
ac:7c:6a:ad:29:3d:b1:a9:f1:72:6b:43:32:0d:9d:
22:db:dc:17:99:75:6f:ce:81:da:f5:d0:cb:e5:fd:
8c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C5:F4:7E:77:E0:EA:94:FE:61:F4:FB:29:E5:3E:D2:EB:72:66:D9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/McX0fnfg6pT-YfT7KeU-0utyZtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.152.0/22
212.73.158.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:6b:4d:4e:9a:72:a9:ff:23:31:b8:06:35:6c:49:c4:50:f6:
b4:bf:51:83:53:6c:48:93:c1:45:7c:26:60:fc:81:d2:55:01:
83:96:76:1b:fe:2b:cc:95:6b:91:02:73:cc:5b:be:91:37:ab:
a5:03:bf:f8:c8:b4:9d:95:94:5e:3b:61:89:7c:d2:e1:cf:28:
0d:bd:f7:e4:7a:31:83:5f:46:7f:6c:5f:cc:17:32:86:76:40:
ed:88:6e:37:80:06:82:9b:ef:9e:6e:f5:5b:51:b1:00:8c:8c:
20:81:0d:41:8a:e8:1a:05:13:36:40:aa:4d:65:fc:53:48:8a:
72:b6:69:64:6f:52:05:ff:9c:30:66:30:bd:a7:c8:1f:68:f9:
60:58:e2:2c:8d:c8:32:f4:94:d8:c6:ac:49:a4:6b:8c:fd:8d:
e9:ec:cf:4c:a0:17:65:91:a9:d7:8d:66:c5:00:01:f7:7b:cd:
d5:02:3e:e2:9e:f3:d7:d3:2a:e2:da:d6:cb:02:b0:53:30:23:
66:e2:66:7f:72:85:d7:b9:0d:db:59:e8:cb:1a:2b:76:f5:ef:
e0:5c:fb:91:cc:fa:c7:8c:a5:b8:88:11:17:ed:8e:54:28:2d:
bb:71:fc:49:aa:01:5f:f2:53:82:d4:10:4d:e3:d0:1c:cc:90:
ca:21:f5:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtgeZYM626j3HPueLbOQX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWM1ZjQ3ZTc3ZTBlYTk0ZmU2MWY0ZmIyOWU1M2VkMmViNzI2NmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqZHmKCFFCjUhQUpdpOfLhVeGL8O
yGBDg7/IESuDHeBAhtXuJ44F21SVtqIpbGLVfyX+Yb3sGL0HklPO/0XKvYCgp5/d
u1UdsTfF8XlGSecWtpbHVtz0X12w8WR8kylBr5K9I+X4rZ3XLZ+4KuMap1DpyblI
EN2Dpa/HL4gwNTbaKYt0GxkwyCeLgrgMIybQEwmqpgAh6XG0ygghxU4lEd9DxPmC
upyyK4QwQ4E9Go6+Ov5Rmt7GwcMg/2cOuvocJGDfy3LSRAYesCc5S9yVIWh7kPzI
sVHAtq/MAJsz8R6sfGqtKT2xqfFya0MyDZ0i29wXmXVvzoHa9dDL5f2M0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDHF9H534OqU/mH0+ynlPtLrcmbZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTWNYMGZuZmc2cFQtWWZUN0tlVS0wdXR5WnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCV3iYAwQB
1EmeMA0GCSqGSIb3DQEBCwUAA4IBAQBua01OmnKp/yMxuAY1bEnEUPa0v1GDU2xI
k8FFfCZg/IHSVQGDlnYb/ivMlWuRAnPMW76RN6ulA7/4yLSdlZReO2GJfNLhzygN
vffkejGDX0Z/bF/MFzKGdkDtiG43gAaCm++ebvVbUbEAjIwggQ1BiugaBRM2QKpN
ZfxTSIpytmlkb1IF/5wwZjC9p8gfaPlgWOIsjcgy9JTYxqxJpGuM/Y3p7M9MoBdl
kanXjWbFAAH3e83VAj7invPX0yri2tbLArBTMCNm4mZ/coXXuQ3bWejLGit29e/g
XPuRzPrHjKW4iBEX7Y5UKC27cfxJqgFf8lOC1BBN49AczJDKIfUa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:05 2024 by rpki-client on console-fra.rpki-client.org