Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/P9cIEBoYMkeUfoZv4LHGP-TKo28.roa
File: P9cIEBoYMkeUfoZv4LHGP-TKo28.roa (raw, json)
Hash identifier: jnHdvXQycuIOX1Pnk/h6n4ZQOykTrlbb65t3Dm9DLcQ=
Subject key identifier: 3F:D7:08:10:1A:18:32:47:94:7E:86:6F:E0:B1:C6:3F:E4:CA:A3:6F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01924A8DF1125A73BDFDBF8422C772B469C8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/P9cIEBoYMkeUfoZv4LHGP-TKo28.roa
Signing time: Wed 02 Oct 2024 00:07:49 +0000
ROA not before: Wed 02 Oct 2024 00:07:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.219.98.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
94.156.253.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 10:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4a:8d:f1:12:5a:73:bd:fd:bf:84:22:c7:72:b4:69:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 2 00:07:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fd708101a183247947e866fe0b1c63fe4caa36f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:dc:23:9f:06:ac:e6:93:ec:63:a2:82:b9:
2a:9e:70:ca:8d:37:d6:1d:db:1c:d6:c4:2d:7d:54:
cd:25:03:1c:5b:3f:12:1d:64:43:ae:54:e0:bd:7b:
1f:61:fa:e1:08:a4:a9:20:d9:75:ae:dc:60:01:df:
c2:c5:ec:50:05:9b:b6:f7:05:80:f5:48:0a:e9:03:
9b:04:7a:48:5b:81:6b:87:fd:81:88:87:ec:b6:2e:
f5:5f:c8:0e:6a:c3:e9:25:6e:a0:cf:a4:54:17:c2:
26:af:34:8a:e9:ee:09:b8:ad:28:e7:89:c3:2f:b2:
9b:e4:78:8f:b7:19:df:1e:4a:fc:63:8b:fa:2d:69:
46:93:88:17:c4:a5:d1:d2:41:af:3d:17:db:17:51:
cd:43:c6:9b:0d:f7:22:5f:05:c1:61:50:23:14:af:
17:28:5d:04:4e:e1:e3:a9:1e:4a:d6:59:52:41:32:
1d:24:5f:2f:2c:5f:e2:49:b8:46:be:10:5f:90:ca:
a0:b2:02:88:80:49:0b:41:75:df:99:9b:10:96:d1:
1b:91:8d:51:67:a8:8f:75:bf:27:14:d2:68:50:fb:
22:6f:94:ed:54:99:08:46:7d:23:2e:43:40:f4:8b:
a4:16:25:72:35:32:5d:0c:b5:e0:5c:d2:47:a0:3e:
d5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D7:08:10:1A:18:32:47:94:7E:86:6F:E0:B1:C6:3F:E4:CA:A3:6F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/P9cIEBoYMkeUfoZv4LHGP-TKo28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.219.98.0/24
87.120.68.0/23
93.123.74.0/23
94.156.253.0/24
178.215.227.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
83:80:86:9d:0c:77:95:f2:e0:0a:87:4e:c5:88:da:eb:9f:cf:
8a:20:c1:32:33:7b:29:bb:0d:a0:15:c4:15:62:2d:ba:36:9d:
36:e8:01:ca:1a:eb:c4:27:2d:f8:78:03:2f:ee:06:20:5d:3a:
12:cc:54:49:c2:12:4d:b0:2a:61:26:c0:ad:39:8f:41:28:c3:
2e:52:b6:fc:73:6f:ae:0a:7e:30:7d:57:de:c0:57:ee:b8:61:
df:cd:cf:a1:8a:a3:aa:fe:7d:3b:5c:91:37:5d:58:03:b7:fe:
32:aa:e1:43:5e:9c:8f:13:ee:8a:34:b7:79:6e:c3:41:bd:70:
4e:6b:5e:d1:27:71:d8:83:d6:b1:b6:45:45:00:2b:6d:5b:28:
5a:e3:7f:60:b4:74:1a:e4:88:48:7e:78:d9:9c:54:6e:10:31:
44:09:ab:84:23:ce:9d:02:7d:22:43:ad:cc:00:e4:11:dd:f1:
42:06:27:30:7d:31:98:2d:a2:a5:3b:78:c9:21:ee:81:34:80:
a0:c7:c1:40:cf:98:a2:e3:b8:2d:b1:b5:1c:78:67:fe:bf:14:
60:07:f9:da:60:6a:4d:8a:17:cc:86:ae:92:98:88:d5:22:04:
2e:42:ca:e3:5a:d3:45:70:29:9d:50:0c:d5:1c:3c:2c:13:ae:
9e:66:5e:17
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZJKjfESWnO9/b+EIsdytGnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDAyMDAwNzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmQ3MDgxMDFhMTgzMjQ3OTQ3ZTg2NmZlMGIxYzYzZmU0Y2FhMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfHcI58GrOaT7GOigrkqnnDKjTfW
Hdsc1sQtfVTNJQMcWz8SHWRDrlTgvXsfYfrhCKSpINl1rtxgAd/CxexQBZu29wWA
9UgK6QObBHpIW4Frh/2BiIfsti71X8gOasPpJW6gz6RUF8ImrzSK6e4JuK0o54nD
L7Kb5HiPtxnfHkr8Y4v6LWlGk4gXxKXR0kGvPRfbF1HNQ8abDfciXwXBYVAjFK8X
KF0ETuHjqR5K1llSQTIdJF8vLF/iSbhGvhBfkMqgsgKIgEkLQXXfmZsQltEbkY1R
Z6iPdb8nFNJoUPsib5TtVJkIRn0jLkNA9IukFiVyNTJdDLXgXNJHoD7VKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD/XCBAaGDJHlH6Gb+Cxxj/kyqNvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUDljSUVCb1lNa2VVZm9adjRMSEdQLVRLbzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAU9tiAwQB
V3hEAwQBXXtKAwQAXpz9AwQAstfjAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQCD
gIadDHeV8uAKh07FiNrrn8+KIMEyM3spuw2gFcQVYi26Np026AHKGuvEJy34eAMv
7gYgXToSzFRJwhJNsCphJsCtOY9BKMMuUrb8c2+uCn4wfVfewFfuuGHfzc+hiqOq
/n07XJE3XVgDt/4yquFDXpyPE+6KNLd5bsNBvXBOa17RJ3HYg9axtkVFACttWyha
439gtHQa5IhIfnjZnFRuEDFECauEI86dAn0iQ63MAOQR3fFCBicwfTGYLaKlO3jJ
Ie6BNICgx8FAz5ii47gtsbUceGf+vxRgB/naYGpNihfMhq6SmIjVIgQuQsrjWtNF
cCmdUAzVHDwsE66eZl4X
-----END CERTIFICATE-----
Generated at Thu Oct 3 13:08:42 2024 by rpki-client on console-fra.rpki-client.org