Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OE0meM8wOt8RULrA2t8jQOuav-k.roa
File: OE0meM8wOt8RULrA2t8jQOuav-k.roa (raw, json)
Hash identifier: PcxInR/VIW1OnaUod4ZysoxpPRui3I82N87t00mt5Bc=
Subject key identifier: 38:4D:26:78:CF:30:3A:DF:11:50:BA:C0:DA:DF:23:40:EB:9A:BF:E9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B1DA8FC9B6CDB43E4F896287117F3EE7B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OE0meM8wOt8RULrA2t8jQOuav-k.roa
Signing time: Wed 11 Oct 2023 07:34:55 +0000
ROA not before: Wed 11 Oct 2023 07:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34577
IP address blocks: 93.123.40.0/21 maxlen: 21
87.120.178.0/23 maxlen: 23
87.120.180.0/22 maxlen: 22
87.120.184.0/22 maxlen: 22
93.123.67.0/24 maxlen: 24
212.73.149.0/24 maxlen: 24
93.123.66.0/24 maxlen: 24
87.120.190.0/23 maxlen: 23
87.121.88.0/23 maxlen: 23
87.120.45.119/32 maxlen: 32
94.156.112.0/20 maxlen: 20
37.60.141.0/24 maxlen: 24
87.121.48.0/22 maxlen: 22
87.120.0.0/22 maxlen: 22
93.123.96.0/22 maxlen: 22
87.120.12.0/24 maxlen: 24
87.120.14.0/23 maxlen: 23
87.120.44.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:a8:fc:9b:6c:db:43:e4:f8:96:28:71:17:f3:ee:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 11 07:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=384d2678cf303adf1150bac0dadf2340eb9abfe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f2:21:7d:cb:0e:92:f1:5c:bd:e9:1b:a4:f7:
e0:66:88:36:5f:6e:50:40:72:7d:2b:77:a2:9f:3b:
6e:32:31:03:84:1f:31:8e:f7:f8:6d:34:f6:e7:14:
06:12:e0:48:1e:5f:69:35:bb:6f:9b:55:16:62:5b:
e2:42:15:73:c7:b5:0d:21:90:49:96:62:31:13:c8:
b4:d9:87:a5:95:4c:3d:a8:e3:8e:9e:4b:7c:d2:72:
4a:00:0d:67:e4:f5:96:8f:b0:ae:1b:27:aa:c8:0f:
e3:f3:3f:19:b6:4a:6c:74:03:d8:71:06:dd:f2:16:
4b:97:e7:ef:fe:b7:7c:9a:05:5b:2d:8a:6f:a2:b4:
49:97:f9:9d:84:55:e3:58:b7:31:c1:70:32:d7:0c:
16:2a:31:87:fc:55:7e:ba:79:f8:b9:2d:cb:33:94:
f2:f1:ad:a3:ec:25:96:f0:5d:89:a8:97:d6:bf:41:
79:7a:7e:09:0b:58:0d:29:83:64:45:7d:ec:2f:13:
0c:a7:7f:b2:0b:ee:da:ea:28:fa:08:c5:a9:ae:5b:
1a:f9:1c:f3:18:08:05:ff:a2:60:77:d0:b8:11:2d:
5b:e5:8a:fe:41:2c:04:6c:97:7c:dd:8c:fc:3e:63:
d8:87:1c:b5:55:cc:9b:9e:f3:5b:b7:0f:b5:a3:b0:
19:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4D:26:78:CF:30:3A:DF:11:50:BA:C0:DA:DF:23:40:EB:9A:BF:E9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OE0meM8wOt8RULrA2t8jQOuav-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.141.0/24
87.120.0.0/22
87.120.12.0/24
87.120.14.0/23
87.120.44.0/23
87.120.178.0-87.120.187.255
87.120.190.0/23
87.121.48.0/22
87.121.88.0/23
93.123.40.0/21
93.123.66.0/23
93.123.96.0/22
94.156.112.0/20
212.73.149.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:70:5e:73:a9:3c:54:27:bc:aa:79:09:90:21:18:be:1d:9a:
2a:93:de:4a:bb:c5:d5:01:e9:cc:a8:19:00:7a:44:51:d1:51:
23:41:fe:f2:2c:4f:fd:36:60:1d:b6:b2:2f:87:de:43:cc:f2:
34:4d:de:9c:f6:bc:bc:26:72:30:69:8c:8a:b9:53:08:4e:e8:
6c:54:28:40:34:7a:0f:31:b0:11:a5:98:93:3b:97:d2:88:bf:
fe:bc:24:c7:70:91:b9:06:2f:d6:67:75:e2:8c:d1:26:dd:f3:
13:1a:0c:28:5d:0d:e0:c0:45:e8:ef:d7:80:2e:81:a2:80:8d:
bf:aa:84:e9:04:11:46:22:2f:4d:8a:06:84:22:bc:3b:d3:17:
e1:6a:9a:09:5e:ed:b5:18:0c:ce:29:59:d3:c0:91:bc:c0:09:
ba:c8:c6:ad:fc:09:48:b1:a9:f9:6e:d4:1f:60:bc:b3:0b:6e:
61:52:8b:4b:86:7b:3e:6e:65:02:7b:b3:c7:43:e3:7c:4c:03:
cd:5a:18:8e:3c:59:a3:8c:ba:51:e8:ec:9d:55:1c:2b:82:ec:
ea:78:28:4c:a3:ab:50:d9:f6:03:e3:02:8b:fd:0f:4d:b7:f6:
92:23:cf:50:01:70:3d:eb:b9:98:0b:ca:a7:22:f8:0d:7c:86:
71:83:bc:d4
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYsdqPybbNtD5PiWKHEX8+57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDExMDczNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODRkMjY3OGNmMzAzYWRmMTE1MGJhYzBkYWRmMjM0MGViOWFiZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/IhfcsOkvFcvekbpPfgZog2X25Q
QHJ9K3einztuMjEDhB8xjvf4bTT25xQGEuBIHl9pNbtvm1UWYlviQhVzx7UNIZBJ
lmIxE8i02YellUw9qOOOnkt80nJKAA1n5PWWj7CuGyeqyA/j8z8ZtkpsdAPYcQbd
8hZLl+fv/rd8mgVbLYpvorRJl/mdhFXjWLcxwXAy1wwWKjGH/FV+unn4uS3LM5Ty
8a2j7CWW8F2JqJfWv0F5en4JC1gNKYNkRX3sLxMMp3+yC+7a6ij6CMWprlsa+Rzz
GAgF/6Jgd9C4ES1b5Yr+QSwEbJd83Yz8PmPYhxy1VcybnvNbtw+1o7AZuwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFDhNJnjPMDrfEVC6wNrfI0Drmr/pMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT0UwbWVNOHdPdDhSVUxyQTJ0OGpRT3Vhdi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAJTyNAwQC
V3gAAwQAV3gMAwQBV3gOAwQBV3gsMAwDBAFXeLIDBAJXeLgDBAFXeL4DBAJXeTAD
BAFXeVgDBANdeygDBAFde0IDBAJde2ADBARenHADBADUSZUwDQYJKoZIhvcNAQEL
BQADggEBAKtwXnOpPFQnvKp5CZAhGL4dmiqT3kq7xdUB6cyoGQB6RFHRUSNB/vIs
T/02YB22si+H3kPM8jRN3pz2vLwmcjBpjIq5UwhO6GxUKEA0eg8xsBGlmJM7l9KI
v/68JMdwkbkGL9ZndeKM0Sbd8xMaDChdDeDARejv14AugaKAjb+qhOkEEUYiL02K
BoQivDvTF+Fqmgle7bUYDM4pWdPAkbzACbrIxq38CUixqflu1B9gvLMLbmFSi0uG
ez5uZQJ7s8dD43xMA81aGI48WaOMulHo7J1VHCuC7Op4KEyjq1DZ9gPjAov9D023
9pIjz1ABcD3ruZgLyqci+A18hnGDvNQ=
-----END CERTIFICATE-----
Generated at Wed Nov 29 08:20:58 2023 by rpki-client on console-ams.rpki-client.org