Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PqNVM6qv1P9oCgxl-IXEHsiyd5c.roa
File: PqNVM6qv1P9oCgxl-IXEHsiyd5c.roa (raw, json)
Hash identifier: wXIVo4E/eCHG4MM3xUuY9cCiphRoZ7nci2y2YCgj0TU=
Subject key identifier: 3E:A3:55:33:AA:AF:D4:FF:68:0A:0C:65:F8:85:C4:1E:C8:B2:77:97
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D62008060BD56C3B893A9BA698179B409
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PqNVM6qv1P9oCgxl-IXEHsiyd5c.roa
Signing time: Thu 01 Feb 2024 00:10:16 +0000
ROA not before: Thu 01 Feb 2024 00:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.13.211.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.146.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 02 Feb 2024 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:62:00:80:60:bd:56:c3:b8:93:a9:ba:69:81:79:b4:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 1 00:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ea35533aaafd4ff680a0c65f885c41ec8b27797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a3:22:39:25:36:3e:e0:9b:7e:aa:12:46:fd:
5d:37:a5:90:6f:d7:ac:ce:b5:82:95:8b:e8:04:94:
b1:b6:48:bc:98:9a:d2:7c:9e:91:92:61:12:15:7d:
e3:26:ba:f5:a7:be:24:59:4e:e1:1d:3c:20:27:7a:
15:07:b5:22:48:92:6a:99:65:10:5c:6e:70:8f:15:
e7:dd:80:ce:b0:69:57:02:43:fb:9e:f5:cb:86:af:
5c:11:02:15:e2:5c:f5:20:8c:72:18:8e:a6:0d:60:
24:d6:9f:85:ea:26:61:b0:2b:a4:51:38:03:00:46:
f2:b3:df:c7:47:43:09:94:3f:c1:ad:0c:c3:bc:06:
92:c1:0c:4c:a0:e2:f9:66:41:f1:34:f9:5c:53:9e:
70:3d:08:06:ae:d1:a3:c5:44:a8:3d:0d:a0:ce:54:
c2:94:e9:ee:c4:bf:29:d6:df:59:97:b9:b3:98:36:
a4:06:2d:c3:f0:de:b3:68:f0:f3:f9:98:29:55:3a:
0f:17:bf:30:e9:f9:a4:4f:01:21:7c:5e:77:96:2b:
8a:35:b7:b4:11:a8:f1:f6:bd:31:04:43:18:d1:52:
83:59:b5:09:1f:ed:29:7a:51:9b:8f:76:10:22:33:
31:50:22:f2:c4:33:9d:b4:66:b4:9e:83:13:cd:aa:
c5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A3:55:33:AA:AF:D4:FF:68:0A:0C:65:F8:85:C4:1E:C8:B2:77:97
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PqNVM6qv1P9oCgxl-IXEHsiyd5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.211.0/24
87.120.68.0/23
87.121.146.0/24
93.123.74.0/23
Signature Algorithm: sha256WithRSAEncryption
49:1b:94:fa:61:9b:3b:8e:75:d2:e9:0f:44:b0:81:73:77:43:
06:c5:06:36:23:b1:ac:74:4b:28:c2:8c:f3:a4:50:7d:53:07:
4e:91:bd:a1:99:b4:ce:a5:8c:14:c7:24:97:bc:9c:b3:5a:b5:
78:52:d6:bf:7c:5d:10:11:30:46:c4:4b:5b:5a:e2:31:4d:b5:
88:61:f7:27:c1:31:51:99:7d:d1:0e:fc:99:a0:c9:f9:ce:0f:
2c:25:73:00:5e:5e:99:9c:7d:2a:78:f1:9c:6d:fd:9e:13:0b:
5e:1d:79:af:13:80:5f:93:ed:d5:4c:3a:8d:ec:66:7d:46:f2:
3f:0e:fa:c6:c7:9a:99:30:37:dc:c2:18:b0:45:43:e3:90:0c:
05:c4:c4:03:6f:df:9b:7b:d1:a0:30:de:72:68:fb:8d:5b:28:
ad:85:99:60:68:ba:d1:50:22:f4:42:39:03:f6:c0:12:7e:a6:
09:c7:98:df:e0:77:93:31:aa:cc:4b:fd:ad:e6:94:45:1e:8c:
46:24:f4:2a:3b:d2:7b:65:d4:e0:b0:74:c8:df:68:88:33:e0:
2e:2b:78:04:b9:cf:9a:b1:1e:d4:06:93:64:4b:ae:8d:95:14:
14:b6:24:48:a9:2c:3a:c4:8a:97:ce:b6:03:52:10:33:65:fd:
78:31:76:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1iAIBgvVbDuJOpummBebQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjAxMDAxMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWEzNTUzM2FhYWZkNGZmNjgwYTBjNjVmODg1YzQxZWM4YjI3Nzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKMiOSU2PuCbfqoSRv1dN6WQb9es
zrWClYvoBJSxtki8mJrSfJ6RkmESFX3jJrr1p74kWU7hHTwgJ3oVB7UiSJJqmWUQ
XG5wjxXn3YDOsGlXAkP7nvXLhq9cEQIV4lz1IIxyGI6mDWAk1p+F6iZhsCukUTgD
AEbys9/HR0MJlD/BrQzDvAaSwQxMoOL5ZkHxNPlcU55wPQgGrtGjxUSoPQ2gzlTC
lOnuxL8p1t9Zl7mzmDakBi3D8N6zaPDz+ZgpVToPF78w6fmkTwEhfF53liuKNbe0
Eajx9r0xBEMY0VKDWbUJH+0pelGbj3YQIjMxUCLyxDOdtGa0noMTzarF6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD6jVTOqr9T/aAoMZfiFxB7IsneXMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUHFOVk02cXYxUDlvQ2d4bC1JWEVIc2l5ZDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHw3TAwQB
V3hEAwQAV3mSAwQBXXtKMA0GCSqGSIb3DQEBCwUAA4IBAQBJG5T6YZs7jnXS6Q9E
sIFzd0MGxQY2I7GsdEsowozzpFB9UwdOkb2hmbTOpYwUxySXvJyzWrV4Uta/fF0Q
ETBGxEtbWuIxTbWIYfcnwTFRmX3RDvyZoMn5zg8sJXMAXl6ZnH0qePGcbf2eEwte
HXmvE4Bfk+3VTDqN7GZ9RvI/DvrGx5qZMDfcwhiwRUPjkAwFxMQDb9+be9GgMN5y
aPuNWyithZlgaLrRUCL0QjkD9sASfqYJx5jf4HeTMarMS/2t5pRFHoxGJPQqO9J7
ZdTgsHTI32iIM+AuK3gEuc+asR7UBpNkS66NlRQUtiRIqSw6xIqXzrYDUhAzZf14
MXZx
-----END CERTIFICATE-----
Generated at Fri Feb 2 01:59:35 2024 by rpki-client on console-ams.rpki-client.org