Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UzkGuRazHyKlkNWUGzsbu-qdBgo.roa
File: UzkGuRazHyKlkNWUGzsbu-qdBgo.roa (raw, json)
Hash identifier: wb9f+zJR05g84sOMYuoyFDBqDp5jQ8hMKiH4dNiQSSQ=
Subject key identifier: 53:39:06:B9:16:B3:1F:22:A5:90:D5:94:1B:3B:1B:BB:EA:9D:06:0A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C3066F0BD6F5B44394085F59645BCF277
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UzkGuRazHyKlkNWUGzsbu-qdBgo.roa
Signing time: Sun 03 Dec 2023 15:58:21 +0000
ROA not before: Sun 03 Dec 2023 15:58:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Dec 2023 06:52:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:30:66:f0:bd:6f:5b:44:39:40:85:f5:96:45:bc:f2:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 3 15:58:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=533906b916b31f22a590d5941b3b1bbbea9d060a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:27:3f:74:03:22:c1:55:3a:5f:16:47:9c:a7:
fd:85:75:4d:10:ac:41:24:30:d5:2a:4d:9c:59:be:
d0:c4:ed:4e:21:82:3a:d3:c2:67:9b:fb:4f:29:ca:
e8:c5:36:e8:66:de:af:8f:60:af:26:67:32:4f:56:
66:82:8b:3e:34:98:e0:ac:bc:34:18:1a:b7:27:fb:
9b:40:a3:d6:02:22:dc:7c:a1:36:81:b9:d3:d6:ff:
bd:82:fe:39:56:c0:e5:23:ce:d9:33:45:af:df:f5:
ec:d6:27:e3:86:6d:8e:65:7e:93:67:2e:9e:11:a4:
21:ad:de:c9:86:82:81:d1:52:be:f3:01:a6:9d:d0:
fe:91:a1:03:5c:22:e1:23:77:ee:4e:28:c4:81:35:
84:9e:64:d2:89:c2:e1:a2:7e:2c:d5:77:ff:ad:3d:
0c:d9:ac:5e:b5:d2:0e:ea:f7:94:1a:e4:6a:0b:2b:
0c:47:e9:23:c6:dd:58:69:dd:d5:8b:63:eb:8e:98:
36:c7:a1:18:ec:9a:e4:38:4e:5c:12:d8:e8:87:2c:
56:b4:18:ed:4b:7b:a5:d8:e3:ce:12:b8:ab:8a:2a:
a6:83:dc:ba:df:92:e3:ed:ac:43:d0:3d:2c:9e:f3:
d8:6f:28:4b:b0:8c:65:89:61:6f:c6:e6:24:6e:06:
9d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:39:06:B9:16:B3:1F:22:A5:90:D5:94:1B:3B:1B:BB:EA:9D:06:0A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UzkGuRazHyKlkNWUGzsbu-qdBgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.74.0/23
164.40.185.0/24
Signature Algorithm: sha256WithRSAEncryption
02:20:62:54:1c:ca:26:64:6b:63:c0:5f:0f:63:48:b0:e3:29:
86:40:c0:a0:e3:33:7d:4c:97:63:79:67:f4:72:b7:c8:8a:6c:
44:fd:e5:45:03:5a:5a:4d:a1:7b:63:8d:a1:9a:18:c3:f5:de:
71:3a:38:69:22:f3:4e:03:51:6f:4b:a2:2e:72:96:37:24:92:
40:2a:93:fa:d4:a8:91:ec:41:1b:eb:05:e6:3e:c0:f7:f7:94:
d3:bc:9b:f1:4e:13:23:8a:18:31:11:96:fd:6b:51:8a:27:46:
81:13:62:93:d4:1c:7f:4d:ba:af:cb:33:15:53:b4:05:17:fc:
f1:04:e4:82:69:42:bf:02:86:e2:37:32:f1:31:f1:dc:d5:72:
f7:e2:9e:28:be:1e:9e:86:76:62:27:05:e0:33:6c:13:6b:fc:
33:6f:24:5c:2c:84:7a:d4:fd:bf:79:b4:25:79:8c:81:b3:8a:
cf:fb:db:97:ff:fb:cd:97:d6:2f:f0:e9:84:eb:10:c7:b9:1b:
3a:74:06:09:8a:f8:a6:c8:a9:de:2f:8f:e7:88:b2:43:f7:6b:
b6:31:cb:c7:66:21:68:f6:84:e2:65:c0:9b:c3:20:b0:04:52:
3f:fd:23:6d:ba:4f:b3:4b:32:71:c0:0c:fb:46:22:40:a9:1b:
61:ac:ba:12
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwwZvC9b1tEOUCF9ZZFvPJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjAzMTU1ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzM5MDZiOTE2YjMxZjIyYTU5MGQ1OTQxYjNiMWJiYmVhOWQwNjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxic/dAMiwVU6XxZHnKf9hXVNEKxB
JDDVKk2cWb7QxO1OIYI608Jnm/tPKcroxTboZt6vj2CvJmcyT1Zmgos+NJjgrLw0
GBq3J/ubQKPWAiLcfKE2gbnT1v+9gv45VsDlI87ZM0Wv3/Xs1ifjhm2OZX6TZy6e
EaQhrd7JhoKB0VK+8wGmndD+kaEDXCLhI3fuTijEgTWEnmTSicLhon4s1Xf/rT0M
2axetdIO6veUGuRqCysMR+kjxt1Yad3Vi2Prjpg2x6EY7JrkOE5cEtjohyxWtBjt
S3ul2OPOEririiqmg9y635Lj7axD0D0snvPYbyhLsIxliWFvxuYkbgadNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFM5BrkWsx8ipZDVlBs7G7vqnQYKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVXprR3VSYXpIeUtsa05XVUd6c2J1LXFkQmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBV3hEAwQB
XXtKAwQApCi5MA0GCSqGSIb3DQEBCwUAA4IBAQACIGJUHMomZGtjwF8PY0iw4ymG
QMCg4zN9TJdjeWf0crfIimxE/eVFA1paTaF7Y42hmhjD9d5xOjhpIvNOA1FvS6Iu
cpY3JJJAKpP61KiR7EEb6wXmPsD395TTvJvxThMjihgxEZb9a1GKJ0aBE2KT1Bx/
TbqvyzMVU7QFF/zxBOSCaUK/AobiNzLxMfHc1XL34p4ovh6ehnZiJwXgM2wTa/wz
byRcLIR61P2/ebQleYyBs4rP+9uX//vNl9Yv8OmE6xDHuRs6dAYJivimyKneL4/n
iLJD92u2McvHZiFo9oTiZcCbwyCwBFI//SNtuk+zSzJxwAz7RiJAqRthrLoS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:08 2024 by rpki-client on console-fra.rpki-client.org