Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S9JT1Emf6xisp1ZMQyugwZINCfA.roa
File: S9JT1Emf6xisp1ZMQyugwZINCfA.roa (raw, json)
Hash identifier: 8sRVIxzms7VDOxifds99l7kJtWV6OfpPUu6Geq3R2zI=
Subject key identifier: 4B:D2:53:D4:49:9F:EB:18:AC:A7:56:4C:43:2B:A0:C1:92:0D:09:F0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193D450C443E4D7A0B24DB3E3ED483B2EB0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S9JT1Emf6xisp1ZMQyugwZINCfA.roa
Signing time: Tue 17 Dec 2024 11:11:23 +0000
ROA not before: Tue 17 Dec 2024 11:11:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61071
IP address blocks: 85.217.164.0/23 maxlen: 32
87.120.246.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:50:c4:43:e4:d7:a0:b2:4d:b3:e3:ed:48:3b:2e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 17 11:11:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bd253d4499feb18aca7564c432ba0c1920d09f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:02:03:6a:b2:59:08:f4:16:b1:1b:21:61:e4:
57:7b:d9:f9:8b:9f:75:4e:89:56:5d:73:91:b0:b5:
a6:12:9c:07:72:d8:36:6a:9b:0b:63:8f:c9:cc:e8:
93:70:0e:75:17:8c:be:fd:fa:d2:05:0d:4f:c9:ec:
46:4f:a3:ca:db:27:23:c5:20:c3:23:09:7d:e1:ea:
b8:b7:b2:50:57:c5:d9:8f:54:ac:71:e0:72:59:1e:
89:21:f4:18:84:27:4f:37:c0:a0:85:26:91:27:56:
da:c8:8a:af:50:37:dd:fd:45:2f:dd:23:d4:8d:b6:
70:1d:b1:74:26:64:aa:71:e7:85:76:98:fd:62:50:
6c:cf:f0:6a:b7:2e:c1:ad:47:ad:40:cd:5c:67:9b:
7a:d1:5c:40:0f:eb:1d:f2:f2:d3:fa:54:3d:18:a4:
e1:f6:3f:c9:6b:3c:dc:13:ab:e3:61:07:10:c3:8d:
f7:07:f2:e5:69:2d:56:01:9d:3c:15:9d:7f:1f:3d:
11:f2:84:88:22:f4:17:e5:52:06:2b:91:36:71:87:
36:d0:81:6e:06:ec:64:33:2f:75:a7:6c:61:ac:c4:
d0:d2:ab:93:ea:e5:d8:48:8d:6b:44:91:7f:a0:c9:
79:69:2e:ec:35:26:55:41:47:dc:36:f5:c0:6e:2e:
5f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D2:53:D4:49:9F:EB:18:AC:A7:56:4C:43:2B:A0:C1:92:0D:09:F0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S9JT1Emf6xisp1ZMQyugwZINCfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.164.0/23
87.120.246.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:e1:da:79:89:f3:1d:ca:30:dc:d2:4d:f1:f8:6a:0f:ec:59:
8c:bf:cf:a9:30:ea:ee:d3:af:e3:8b:77:cb:31:fc:8a:cb:c9:
2f:f9:be:1a:00:73:d2:07:b1:96:6d:57:b7:da:ef:e4:96:35:
0d:53:87:5d:11:4c:97:54:4d:3b:99:76:a1:0e:3a:65:6e:9e:
f9:cd:a7:a6:4e:42:c8:af:75:78:05:c1:9e:3d:bc:72:45:bc:
ef:5a:f5:16:db:f0:9a:4e:ae:40:bf:24:d0:3d:f2:09:c1:15:
87:7b:3e:88:d5:68:8e:f8:fa:75:17:e1:51:63:0b:40:06:39:
79:be:0d:7d:49:c6:35:20:fe:f6:d6:fe:bf:16:3e:80:7f:e4:
11:e8:2c:9d:8e:37:f2:a4:d5:61:90:3c:38:69:ac:ca:2c:f6:
1e:f7:88:6f:78:2c:37:3f:81:00:77:d9:a3:05:6f:77:35:55:
f5:6f:08:2f:67:ee:ca:aa:3e:4d:e4:7d:0d:79:e4:b7:52:35:
25:22:48:08:52:eb:93:95:06:cd:c1:cc:64:3e:dd:18:b5:e0:
68:af:ef:27:3a:bd:d6:d7:ec:11:7b:f2:a8:fe:55:a3:6a:5e:
76:40:32:a2:7a:9f:3f:87:f4:43:de:81:a0:76:af:25:30:3d:
e2:df:ce:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPUUMRD5Negsk2z4+1IOy6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjE3MTExMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmQyNTNkNDQ5OWZlYjE4YWNhNzU2NGM0MzJiYTBjMTkyMGQwOWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQIDarJZCPQWsRshYeRXe9n5i591
TolWXXORsLWmEpwHctg2apsLY4/JzOiTcA51F4y+/frSBQ1PyexGT6PK2ycjxSDD
Iwl94eq4t7JQV8XZj1SsceByWR6JIfQYhCdPN8CghSaRJ1bayIqvUDfd/UUv3SPU
jbZwHbF0JmSqceeFdpj9YlBsz/Bqty7BrUetQM1cZ5t60VxAD+sd8vLT+lQ9GKTh
9j/JazzcE6vjYQcQw433B/LlaS1WAZ08FZ1/Hz0R8oSIIvQX5VIGK5E2cYc20IFu
BuxkMy91p2xhrMTQ0quT6uXYSI1rRJF/oMl5aS7sNSZVQUfcNvXAbi5fAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEvSU9RJn+sYrKdWTEMroMGSDQnwMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUzlKVDFFbWY2eGlzcDFaTVF5dWd3WklOQ2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVdmkAwQA
V3j2MA0GCSqGSIb3DQEBCwUAA4IBAQCL4dp5ifMdyjDc0k3x+GoP7FmMv8+pMOru
06/ji3fLMfyKy8kv+b4aAHPSB7GWbVe32u/kljUNU4ddEUyXVE07mXahDjplbp75
zaemTkLIr3V4BcGePbxyRbzvWvUW2/CaTq5AvyTQPfIJwRWHez6I1WiO+Pp1F+FR
YwtABjl5vg19ScY1IP721v6/Fj6Af+QR6CydjjfypNVhkDw4aazKLPYe94hveCw3
P4EAd9mjBW93NVX1bwgvZ+7Kqj5N5H0NeeS3UjUlIkgIUuuTlQbNwcxkPt0YteBo
r+8nOr3W1+wRe/Ko/lWjal52QDKiep8/h/RD3oGgdq8lMD3i385Y
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:11:12 2025 by rpki-client