Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Sf2YhZsNzZuVyuCkWQckpBwzRK0.roa
File: Sf2YhZsNzZuVyuCkWQckpBwzRK0.roa (raw, json)
Hash identifier: 4WicpTQNfBcrEyrSRZ9okFzCz3qTL1z6kyR7BNo8s7k=
Subject key identifier: 49:FD:98:85:9B:0D:CD:9B:95:CA:E0:A4:59:07:24:A4:1C:33:44:AD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F9198D8B2461D61D0180A26C6DCECE878
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Sf2YhZsNzZuVyuCkWQckpBwzRK0.roa
Signing time: Sun 19 May 2024 16:04:24 +0000
ROA not before: Sun 19 May 2024 16:04:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 15:43:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:91:98:d8:b2:46:1d:61:d0:18:0a:26:c6:dc:ec:e8:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 19 16:04:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49fd98859b0dcd9b95cae0a4590724a41c3344ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:53:29:b6:10:57:b6:26:54:0e:eb:cd:f3:f6:
0f:3e:76:5d:93:2e:27:39:0d:0c:7a:d4:aa:bc:ed:
32:03:08:50:20:a6:9e:77:a7:30:a5:13:7d:d0:9d:
c3:17:78:3e:b3:b0:e8:b7:63:1e:c7:15:0f:37:66:
7f:63:a8:57:78:35:cc:10:a8:4d:7c:dc:ef:02:8f:
e9:0a:49:08:93:f4:49:6a:6f:c0:93:b6:ef:09:85:
f9:cc:c0:5b:37:67:2c:c0:9a:e4:07:52:60:ca:16:
73:a1:5e:fc:fc:c4:3a:30:c5:4b:81:33:24:e0:f3:
4d:ba:df:f7:b3:44:e9:e8:f1:55:2d:3f:bb:19:a7:
ac:a5:6a:3c:e4:86:42:25:ef:ac:4a:8b:f4:43:34:
6b:44:6a:78:e5:f1:ff:c0:d6:d6:5f:54:63:62:8d:
f3:b3:e1:37:4b:ab:72:1b:ee:a2:e7:7d:d4:6c:65:
59:80:24:25:02:03:6e:f1:ba:a8:30:f2:5d:18:2f:
ca:9b:4d:3a:9e:1a:a8:52:f2:b7:b2:6b:28:d3:b7:
df:6d:6d:06:58:24:59:af:33:35:27:f6:b0:83:36:
5e:8a:8a:74:ca:cf:99:28:79:0c:fa:8c:29:65:f0:
62:35:ba:1c:44:8b:fc:d9:08:dc:1c:6c:a4:c7:23:
d7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FD:98:85:9B:0D:CD:9B:95:CA:E0:A4:59:07:24:A4:1C:33:44:AD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Sf2YhZsNzZuVyuCkWQckpBwzRK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
185.252.160.0/23
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:0f:ae:ec:50:0d:ae:d9:dd:7e:1c:70:9e:10:f0:2e:3b:ec:
c0:fc:3e:02:54:dd:5f:1a:25:eb:f6:ff:ed:b6:44:2b:3d:ca:
8a:e9:90:10:77:8c:a1:79:ed:11:1d:50:d8:15:9a:bc:ab:fa:
45:97:5a:1b:0f:4a:aa:08:cd:87:03:55:08:df:b3:8c:39:5e:
e5:05:78:9f:03:90:70:49:6f:13:58:ca:3c:d4:32:05:3d:05:
fc:a4:5d:27:d4:01:ad:60:32:39:6c:0b:64:07:5c:73:77:5c:
fe:06:f3:c1:d4:68:1f:a3:d3:ff:9a:53:70:b2:f5:fb:f7:ec:
bf:59:07:66:93:83:27:e4:82:63:0c:75:01:63:13:05:62:d0:
de:f4:58:ec:72:62:bb:53:e9:8d:fb:aa:a0:71:29:45:ea:19:
48:40:f3:be:0d:48:c6:72:6f:d3:31:a8:87:21:e2:78:a8:d1:
f7:e6:8d:e4:4c:12:46:a4:17:8d:7c:5d:4e:63:f0:d2:75:4b:
7a:3d:ae:6a:f9:c5:74:39:c3:d4:72:f7:9b:c8:ca:f6:18:b6:
b4:66:87:f2:15:ce:b2:f0:65:94:d7:96:c1:4f:ec:46:4a:36:
84:33:83:73:95:98:76:c6:ea:4e:e7:b8:2e:a0:1b:92:60:5c:
f3:21:58:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+RmNiyRh1h0BgKJsbc7Oh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTE5MTYwNDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZkOTg4NTliMGRjZDliOTVjYWUwYTQ1OTA3MjRhNDFjMzM0NGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11MpthBXtiZUDuvN8/YPPnZdky4n
OQ0MetSqvO0yAwhQIKaed6cwpRN90J3DF3g+s7Dot2MexxUPN2Z/Y6hXeDXMEKhN
fNzvAo/pCkkIk/RJam/Ak7bvCYX5zMBbN2cswJrkB1JgyhZzoV78/MQ6MMVLgTMk
4PNNut/3s0Tp6PFVLT+7GaespWo85IZCJe+sSov0QzRrRGp45fH/wNbWX1RjYo3z
s+E3S6tyG+6i533UbGVZgCQlAgNu8bqoMPJdGC/Km006nhqoUvK3smso07ffbW0G
WCRZrzM1J/awgzZeiop0ys+ZKHkM+owpZfBiNbocRIv82QjcHGykxyPXdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEn9mIWbDc2blcrgpFkHJKQcM0StMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvU2YyWWhac056WnVWeXVDa1dRY2twQnd6UkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBV3hEAwQB
ufygAwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQA+D67sUA2u2d1+HHCeEPAuO+zA
/D4CVN1fGiXr9v/ttkQrPcqK6ZAQd4yhee0RHVDYFZq8q/pFl1obD0qqCM2HA1UI
37OMOV7lBXifA5BwSW8TWMo81DIFPQX8pF0n1AGtYDI5bAtkB1xzd1z+BvPB1Ggf
o9P/mlNwsvX79+y/WQdmk4Mn5IJjDHUBYxMFYtDe9FjscmK7U+mN+6qgcSlF6hlI
QPO+DUjGcm/TMaiHIeJ4qNH35o3kTBJGpBeNfF1OY/DSdUt6Pa5q+cV0OcPUcveb
yMr2GLa0ZofyFc6y8GWU15bBT+xGSjaEM4NzlZh2xupO57guoBuSYFzzIVj7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:33 2024 by rpki-client on console-ams.rpki-client.org